Code Monkey home page Code Monkey logo

Comments (5)

extremecoders-re avatar extremecoders-re commented on July 22, 2024

Maybe a bug in Firmadyne particularly in the script scripts/makeNetwork.py

Firmadyne identifies the network interface by parsing the kernel bootlog which you can find in the file qemu.initial.serial.log.

In the file you will find lines of the following type.

[    2.508000] firmadyne: __inet_insert_ifa[PID: 49 (ifconfig)]: device:lo ifa:0x0100007f
--- [ snip] ---
[    4.300000] firmadyne: __inet_insert_ifa[PID: 193 (ifconfig)]: device:br0 ifa:0x0101a8c0

In this example ,
0x0100007f is 127.0.0.1 little endian byte order and interface name is lo. Firmadyne doesn't create the interface if it's address is 127.0.0.1 or 0.0.0.0.

0x0101a8c0 is 192.168.1.1 and the interface name is br0. Firmadyne will create this interface.

Likewise, you can go through the file and find all those lines containing the word __inet_insert_ifa.

from firmware-analysis-toolkit.

extremecoders-re avatar extremecoders-re commented on July 22, 2024

Corresponding code in makeNetwork.py

# Get the netwokr interfaces in the router, except 127.0.0.1
def findNonLoInterfaces(data, endianness):
    #lines = data.split("\r\n")
    lines = stripTimestamps(data)
    candidates = filter(lambda l: l.startswith("__inet_insert_ifa"), lines) # logs for the inconfig process
    if debug:
        print("Candidate ifaces: %r" % candidates)
    result = []
    if endianness == "eb":
        fmt = ">I"
    elif endianness == "el":
        fmt = "<I"
    for c in candidates:
        g = re.match(r"^__inet_insert_ifa\[[^\]]+\]: device:([^ ]+) ifa:0x([0-9a-f]+)", c)
        if g:
            (iface, addr) = g.groups()
            addr = socket.inet_ntoa(struct.pack(fmt, int(addr, 16)))
            if addr != "127.0.0.1" and addr != "0.0.0.0":
                result.append((iface, addr))
    return result

from firmware-analysis-toolkit.

djmccarthy12 avatar djmccarthy12 commented on July 22, 2024

Hey there - Apologies for the delay in getting back here - life got in the way. I reinstalled FAT and tried this again, having the same issue. I went through the log and found only two lines that matched the above:

[ 6.160000] firmadyne: __inet_insert_ifa[PID: 198 (ifconfig)]: device:lo ifa:0x0000007f
[ 6.160000] firmadyne: __inet_insert_ifa[PID: 198 (ifconfig)]: device:lo ifa:0x0100007f

Seems like its unable to find an interfact other than lo. Here is my ifconfig output:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:5f:52:61 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
       valid_lft 79852sec preferred_lft 79852sec
    inet6 fe80::f2d7:f469:27ec:4c2e/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:82:26:90 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.4/24 brd 192.168.1.255 scope global dynamic noprefixroute enp0s8
       valid_lft 79853sec preferred_lft 79853sec
    inet6 fe80::7fe8:32c1:4f6f:372e/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

from firmware-analysis-toolkit.

k4m4 avatar k4m4 commented on July 22, 2024

I was able to get it working by updating my /etc/hosts config such that localhost was mapped to some IP address other than 127.0.0.1.

from firmware-analysis-toolkit.

Abib-web avatar Abib-web commented on July 22, 2024

@k4m4 I would like to know how you updated /etc/hosts? I always get br0 0x000000

from firmware-analysis-toolkit.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.