Comments (8)
Using the latest binwalk, here's what I get:
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------------------------------------------
5080 0x13D8 LZMA compressed data, properties: 0x5D, dictionary size: 8388608 bytes, missing uncompressed size
660228 0xA1304 LZMA compressed data, properties: 0x5D, dictionary size: 8388608 bytes, missing uncompressed size
4199172 0x401304 LZMA compressed data, properties: 0x5D, dictionary size: 8388608 bytes, missing uncompressed size
7864472 0x780098 Zlib header, default compression, uncompressed size >= 32768
7995544 0x7A0098 Zlib header, default compression, uncompressed size >= 32768
8126616 0x7C0098 Zlib header, default compression, uncompressed size >= 32768
The zlib headers are valid and are decompressed properly; they appear to contain the device configuration settings.
Although the LZMA compressed files are "missing uncompressed size", all signs point to them actually being valid LZMA files. Each one appears at the beginning of a block of high entropy data, and immediately after what appears to be some decompression stubs which contain string references to LZMA decompression.
This has been seen previously in cable modems which used a slightly modified LZMA header, although binwalk has a plugin that attempts to extract these types of LZMA files. My guess is the Jungo has modified the LZMA headers or the compression itself; you'll probably need to reverse the decompression stubs in the firmware image, or get a copy of their GPL code to figure out what they've done here.
from binwalk.
The GPL code is available here http://opensource.actiontec.com/mi424wracd.html they have customized the LZMA compression from the looks of it. Its probably a bit over my head to actually port myself though.
from binwalk.
Issue #16 also has this same problem.
from binwalk.
Custom LZMA source is here https://github.com/Lightsword1942/jungo-image/tree/master/lzma
from binwalk.
This thread should explain some of the uncramfs-lzma modified Jungo images. And the Gianpietro explanation here:
lzma-uncramfs is a modification of the uncramfs program to be able to
unpack cramfs images included in some openrg based home routers.
It includes lzma decompression and a different PAGE_CACHE_SIZE.To successfully compile lzma-uncramfs an old version of lzma modified
by Jungo/OpenRG team is included.
And lzma-uncramfs sources here. But I don't know if this is the same as that provided by James above...
from binwalk.
Did you test it on my router image? This is the firmware update file that I couldn't extract https://github.com/Lightsword1942/jungo-image/blob/master/4.0.16.1.56.0.10.11.6-MI424WR.rmt .
from binwalk.
No I didn't. I just randomly came across this page and recalled that I had encountered something very similar in the past while dealing with and looking at various Jungo based crap FW on Pirelli routers. (Those guys should have a huge lawsuit up theirs, since their insecure FW is jam packed with security holes, not conforming to GPL and endangering entire nations.) You'll have to compile those sources to do the extraction, then mount it, AFAICR.
from binwalk.
Yeah, I think these Verizon routers are similar(they also don't conform to the GPL by releasing only the source for certain parts of the router rather than the compile environment that actually matches their firmware binaries). I compared the config file that is on the router with the one that is in their GPL package and the GPL one is missing lots of features/drivers.
from binwalk.
Related Issues (20)
- Error when installing ubi_reader in deps.sh HOT 2
- Anti-patterns in extractor.py module
- Binwalk stuck when extracting .xz archive
- Cannot extract anything from a device, not file
- If providing more than one file, binwalk uses verbose mode only.
- AttributeError: module 'binwalk' has no attribute 'scan'
- Symlink Error HOT 1
- ubireader problem HOT 6
- Unable to proceed from the installation guide.
- Add support for ArchLinux in deps.sh
- Would it be possible to use the built-in python module 'getpass' as a somewhat OS agnostic way to get the username? HOT 2
- Dockerfile fails to build due to ubi_reader changes HOT 1
- binwalk fails to extract after filename/extension confusion HOT 3
- Call plugins when Result is Valid
- Name 'np' is not defined while calculating file entropy. HOT 1
- deprecated nose dependency, deprecated used of setup.py test
- Python 3.12 compatibility issue: No module named 'imp' HOT 4
- Trouble extracting cpio embedded into kernel file
- Dead Project - Parent Company Killed by Microsoft :( - See readme HOT 6
- external extractor HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from binwalk.