自动分析Automated Approach

identifying flaws through an automated approach.

For this, we will use a tool called Firmwalker, written by Craig Smith, which helps identify some of the common sensitive information in a firmware through static analysis.

1.To set it up, we simply need to clone Firmwalker's GitHub repo as follows:

git clone https://github.com/craigz28/firmwalker.git

2. Once we have cloned the Firmwalker GitHub repo, we just need to run the ./firmwalker.sh script followed by the extracted filesystem location as follows:

./firmwalker.sh ~/lab/firmware/dlink/r2/v2/_2K-mdm-image-mdm9625.yaffs2.extracted/yaffs-root

3.The Firmwalker script identifies a number of different things for us, including additional binary files, certificates, IP addresses, private keys, and so on. It also stores the output in a file called firmwalker.txt (unless a different file is specified by the user) which looks as shown in the following screenshot:

Once we have the report generated by Firmwalker, we can look at all the different files individually and analyze them further. In some cases, you will also need to reverse engineer ARM and MIPS-based binaries to understand them more and identify vulnerabilities.