Script for searching the extracted firmware file system for goodies!
Shell
Latest commit 3c0ac7e Aug 2, 2016 @craigz28 committed on GitHub Update patterns
Permalink
Failed to load latest commit information.
data Update patterns Aug 2, 2016
README.md Update README.md Mar 15, 2016
eslintrc.json Create eslintrc.json Mar 16, 2016
firmwalker-logo.jpg Added files via upload Feb 21, 2016
firmwalker.sh Update firmwalker.sh Mar 22, 2016
license Create license Feb 13, 2016

README.md

logo

firmwalker

A simple bash script for searching the extracted or mounted firmware file system.

It will search through the extracted or mounted firmware file system for things of interest such as:

  • etc/shadow and etc/passwd
  • list out the etc/ssl directory
  • search for SSL related files such as .pem, .crt, etc.
  • search for configuration files
  • look for script files
  • search for other .bin files
  • look for keywords such as admin, password, remote, etc.
  • search for common web servers used on IoT devices
  • search for common binaries such as ssh, tftp, dropbear, etc.
  • search for URLs, email addresses and IP addresses
  • NOTE: Some of the data written to the file may be quite verbose. It that case, the data can be reviewed and then deleted if desired from the file.

Usage

  • If you wish to use the static code analysis portion of the script, please install eslint: npm i -g eslint
  • ./firmwalker {path to root file system} {path for firmwalker.txt}
  • Example: ./firmwalker linksys/fmk/rootfs ../firmwalker.txt
  • A file firmwalker.txt will be created in the same directory as the script file unless you specify a different filename as the second argument
  • Do not put the firmwalker.sh file inside the directory to be searched, this will cause the script to search itself and the file it is creating
  • chmod 0700 firmwalker.sh

How to extend

Script created by Craig Smith and expanded by:

  • Athanasios Kostopoulos
  • misterch0c

Links