def test_get_fact_bin_dir(self):
bin_dir = get_fact_bin_dir()
files_in_bin_dir = [
os.path.basename(f) for f in get_files_in_dir(bin_dir)
]
self.assertTrue(os.path.isdir(bin_dir))
self.assertIn('fact_extractor/bin', bin_dir)
self.assertIn('untrx', files_in_bin_dir)
'''
This plugin unpacks SquashFS filesystem images
'''
from common_helper_files import get_files_in_dir
from common_helper_process import execute_shell_command
from pathlib import Path
from helperFunctions.file_system import get_fact_bin_dir
SASQUATCH = Path('/usr/local/bin/sasquatch')
UNSQUASHFS4_AVM_BE = Path(get_fact_bin_dir()) / 'unsquashfs4-avm-be'
UNSQUASHFS4_AVM_LE = Path(get_fact_bin_dir()) / 'unsquashfs4-avm-le'
UNSQUASHFS3_MULTI = Path(get_fact_bin_dir()) / 'unsquashfs3-multi'
NAME = 'SquashFS'
MIME_PATTERNS = ['filesystem/squashfs']
VERSION = '0.9'
SQUASH_UNPACKER = [SASQUATCH, UNSQUASHFS4_AVM_BE, UNSQUASHFS4_AVM_LE, UNSQUASHFS3_MULTI]
def unpack_function(file_path, tmp_dir):
'''
file_path specifies the input file.
tmp_dir should be used to store the extracted files.
'''
unpack_result = dict()
for unpacker in SQUASH_UNPACKER:
scan_parameter = '-scan' if '-avm-' in unpacker.name else ''
output = execute_shell_command(f'fakeroot {unpacker} {scan_parameter} -d {tmp_dir}/fact_extracted {file_path}')
import re
from os import path, rename
from common_helper_files import delete_file, get_files_in_dir
from common_helper_process import execute_shell_command
from helperFunctions.file_system import get_fact_bin_dir
NAME = 'DJI_drones'
MIME_PATTERNS = ['firmware/dji-drone']
VERSION = '0.3.1'
TOOL_PATH = path.join(get_fact_bin_dir(), 'dji_xv4_fwcon.py')
def unpack_function(file_path, tmp_dir):
if not path.exists(TOOL_PATH):
return {'output': 'Error: phantom_firmware_tools not installed! Re-Run the installation script!'}
output = execute_shell_command('(cd {} && fakeroot python3 {} -x -vv -p {})'.format(tmp_dir, TOOL_PATH, file_path)) + '\n'
_rename_files(tmp_dir)
_remove_ini_files(tmp_dir)
meta_data = {'output': output}
return meta_data
def _rename_files(tmp_dir):
files = _get_list_of_files(tmp_dir)
for ini_file, bin_file in files:
from os import path
from common_helper_process import execute_shell_command
from helperFunctions.file_system import get_fact_bin_dir
NAME = 'YAFFS'
MIME_PATTERNS = ['filesystem/yaffs']
VERSION = '0.4'
UNYAFFS_EXECUTEABLE = '/usr/bin/unyaffs'
UNYAFFS2_EXECUTEABLE = path.join(get_fact_bin_dir(), 'unyaffs2')
def unpack_function(file_path, tmp_dir):
'''
file_path specifies the input file.
tmp_dir should be used to store the extracted files.
'''
unpacker = '{} -e'.format(UNYAFFS2_EXECUTEABLE) if _is_big_endian(file_path) else '{} -v'.format(UNYAFFS_EXECUTEABLE)
output = execute_shell_command('fakeroot {} {} {}'.format(unpacker, file_path, tmp_dir))
return {'output': output}
def _is_big_endian(file_path):
with open(file_path, 'br') as fp:
content = fp.read(10)
big_endian = content[7:] == b'\x01\xFF\xFF'
return big_endian
# ----> Do not edit below this line <----
from common_helper_process.fail_safe_subprocess import execute_shell_command
from pathlib import Path
from helperFunctions.file_system import get_fact_bin_dir
NAME = 'avm_kernel_image'
MIME_PATTERNS = ['linux/avm-kernel-image-v1', 'linux/avm-kernel-image-v2']
VERSION = '0.2'
FIND_SQUASHFS_TOOL_PATH = Path(get_fact_bin_dir()) / 'find-squashfs'
UNPACK_KERNEL_TOOL_PATH = Path(get_fact_bin_dir()) / 'unpack-kernel'
def unpack_function(file_path, tmp_dir):
sqfs_output = _extract_squashfs(file_path, tmp_dir)
meta_dict = {'01_sqfs_extraction': sqfs_output}
if 'no squashfs signature found' in sqfs_output:
kernel_extraction_output = _extract_kernel_image(file_path, tmp_dir)
meta_dict['02_kernel_extraction'] = kernel_extraction_output
return meta_dict
def _extract_squashfs(file_path, tmp_dir):
return execute_shell_command('cd {} && {} {}'.format(tmp_dir, FIND_SQUASHFS_TOOL_PATH, file_path))
def _extract_kernel_image(file_path, tmp_dir):
return execute_shell_command('{} {} {}/kernel_decompressed.img'.format(UNPACK_KERNEL_TOOL_PATH, file_path, tmp_dir))
import os
from shutil import copyfile
from common_helper_process import execute_shell_command
from helperFunctions.file_system import get_fact_bin_dir
NAME = 'tpl-tool'
MIME_PATTERNS = ['firmware/tp-link']
VERSION = '0.3'
UNPACKER_EXECUTEABLE = os.path.join(get_fact_bin_dir(), 'tpl-tool')
def unpack_function(file_path, tmp_dir):
'''
file_path specifies the input file.
tmp_dir should be used to store the extracted files.
'''
# tpl-tool unpacker unpacks files in the directory of the input file -> copy input file and delete afterwards
tmp_file_path = os.path.join(tmp_dir, os.path.basename(file_path))
copyfile(file_path, tmp_file_path)
result = {}
result['output'] = execute_shell_command('fakeroot {} -x {}'.format(
UNPACKER_EXECUTEABLE, tmp_file_path))
result['header-info'] = execute_shell_command('{} -s {}'.format(
UNPACKER_EXECUTEABLE, tmp_file_path))
os.remove(tmp_file_path)
return result
from os import path
from tempfile import NamedTemporaryFile
from common_helper_process.fail_safe_subprocess import execute_shell_command
from helperFunctions.file_system import get_fact_bin_dir
NAME = 'untrx'
MIME_PATTERNS = ['firmware/trx']
VERSION = '0.4'
UNPACKER_EXECUTEABLE = path.join(get_fact_bin_dir(), 'untrx')
def unpack_function(file_path, tmp_dir):
'''
file_path specifies the input file.
tmp_dir should be used to store the extracted files.
'''
offset = _get_trx_offset(file_path)
if offset > 0:
with NamedTemporaryFile('bw') as tf:
_remove_non_trx_header(file_path, tf, offset)
output = _unpack_trx(tf.name, tmp_dir)
else:
output = _unpack_trx(file_path, tmp_dir)
return {'output': output}
def _get_trx_offset(file_path):
with open(file_path, 'br') as fp:
'''
This plugin unpacks UEFI Firmware Container.
'''
import os
from common_helper_process import execute_shell_command
from helperFunctions.file_system import get_fact_bin_dir
NAME = 'UEFI'
MIME_PATTERNS = ['firmware/uefi']
VERSION = '0.5'
TOOL_PATH = os.path.join(get_fact_bin_dir(), 'uefi-firmware-parser')
def unpack_function(file_path, tmp_dir):
'''
file_path specifies the input file.
tmp_dir should be used to store the extracted files.
Optional: Return a dict with meta information
'''
extraction_command = 'python3 {} --superbrute --extract --output {} {}'.format(
TOOL_PATH, tmp_dir, file_path)
output = execute_shell_command(extraction_command)
return {'output': output}
# ----> Do not edit below this line <----
def setup(unpack_tool):
from os import path
from common_helper_process import execute_shell_command
from helperFunctions.file_system import get_fact_bin_dir
NAME = 'Ambarella_RomFS'
MIME_PATTERNS = ['filesystem/ambarella-romfs']
VERSION = '0.3'
TOOL_PATH = path.join(get_fact_bin_dir(), "amba_romfs.py")
def unpack_function(file_path, tmp_dir):
if not path.exists(TOOL_PATH):
return {
'output':
"Error: phantom_firmware_tools not installed! Re-Run the installation script!"
}
output = execute_shell_command(
'(cd {} && fakeroot {} -x -vv -p {})'.format(tmp_dir, TOOL_PATH,
file_path)) + "\n"
meta_data = {'output': output}
return meta_data
# ----> Do not edit below this line <----
def setup(unpack_tool):
for item in MIME_PATTERNS:
unpack_tool.register_plugin(item, (unpack_function, NAME, VERSION))