Skip to content

B
binwalk
Commit b406691b by devttys0
Options

Added ability to combine all signature scans together into one scan.

parent 9a47ed82
Showing with 29 additions and 30 deletions
INSTALL
BEFORE YOU START
----------------------------------
-----------------------------------------
Binwalk supports Python 2.7 - 3.x. Although binwalk is slightly faster in Python 3, the Python OpenGL bindings
are still experimental for Python 3, so Python 2.7 is recommended.
......@@ -12,7 +12,7 @@ You will also need to have a C compiler installed to build the supporting C libr
INSTALLATION
----------------------------------
-----------------------------------------
Installation follows the typical configure/make process:
......@@ -21,17 +21,13 @@ Installation follows the typical configure/make process:
$ make
$ sudo make install
You can also install optional dependencies and extraction utilities (works on most Debian/RedHat based systems):
$ make deps
Note that 'make deps' should work on most Debian/RedHat based systems. If this does not work for your system,
Note that 'make deps' should work on most Debian and RedHat based systems. If this does not work for your system,
see below for manaully installing dependencies / extraction utilities.
INSTALLING DEPENDENCIES
----------------------------------
MANUALLY INSTALLING DEPENDENCIES
-----------------------------------------
Most binwalk features will work out of the box without any additional dependencies. However, to take full advantage
of binwalk's capabilities, you need to install:
......@@ -75,8 +71,8 @@ Most distros don't have pyqtgraph in their default repositories, so it's best to
INSTALLING EXTRACTION UTILITIES
----------------------------------
MANUALLY INSTALLING EXTRACTION UTILITIES
-------------------------------------------
Binwalk can automatically invoke external extraction utilities to extract various types of files that it
may find during a scan. These utilities are optional, but recommended if you plan on using binwalk's
......@@ -98,7 +94,7 @@ and placed in the /opt/firmware-mod-kit directory:
UNINSTALL
----------------------------------
-----------------------------------------
The following command will remove binwalk from your system (note that this does *not* include dependencies installed via 'make deps'):
......
src/binwalk/core/magic.py
......@@ -8,6 +8,7 @@ class Magic(object):
LIBMAGIC_FUNCTIONS = [
binwalk.core.C.Function(name="magic_open", type=int),
binwalk.core.C.Function(name="magic_close", type=None),
binwalk.core.C.Function(name="magic_load", type=int),
binwalk.core.C.Function(name="magic_buffer", type=str),
]
......@@ -31,6 +32,12 @@ class Magic(object):
self.magic_cookie = self.libmagic.magic_open(self.MAGIC_FLAGS | flags)
self.libmagic.magic_load(self.magic_cookie, self.magic_file)
def close(self):
if self.magic_cookie:
self.libmagic.magic_close(self.magic_cookie)
self.magic_cookie = None
def buffer(self, data):
if self.magic_cookie:
return self.libmagic.magic_buffer(self.magic_cookie, str2bytes(data), len(data))
src/binwalk/modules/entropy.py
......@@ -84,8 +84,6 @@ class Entropy(Module):
self.block_size = self.DEFAULT_BLOCK_SIZE
def run(self):
from pyqtgraph.Qt import QtGui
for fp in iter(self.next_file, None):
if self.display_results:
......@@ -97,6 +95,7 @@ class Entropy(Module):
self.footer()
if self.do_plot and not self.save_plot:
from pyqtgraph.Qt import QtGui
QtGui.QApplication.instance().exec_()
def calculate_file_entropy(self, fp):
......
src/binwalk/modules/hexdiff.py
......@@ -9,12 +9,6 @@ from binwalk.core.module import Module, Option, Kwarg
class HexDiff(Module):
ALL_SAME = 0
ALL_DIFF = 1
SOME_DIFF = 2
DEFAULT_DIFF_SIZE = 0x100
DEFAULT_BLOCK_SIZE = 16
COLORS = {
'red' : '31',
......@@ -23,6 +17,7 @@ class HexDiff(Module):
}
SEPERATORS = ['\\', '/']
DEFAULT_BLOCK_SIZE = 16
TITLE = "Binary Diffing"
......
src/binwalk/modules/signature.py
......@@ -11,8 +11,8 @@ class Signature(Module):
CLI = [
Option(short='B',
long='signature',
kwargs={'enabled' : True},
description='Scan target file(s) for file signatures'),
kwargs={'enabled' : True, 'force_default_scan' : True},
description='Scan target file(s) for common file signatures'),
Option(short='R',
long='raw-bytes',
kwargs={'raw_bytes' : None},
......@@ -44,6 +44,7 @@ class Signature(Module):
Kwarg(name='search_for_opcodes', default=False),
Kwarg(name='cast_data_types', default=False),
Kwarg(name='dumb_scan', default=False),
Kwarg(name='force_default_scan', default=False),
Kwarg(name='magic_files', default=[]),
]
......@@ -56,23 +57,24 @@ class Signature(Module):
# If a raw byte sequence was specified, build a magic file from that instead of using the default magic files
if self.raw_bytes is not None:
self.magic_files = [self.parser.file_from_string(self.raw_bytes)]
self.magic_files.append(self.parser.file_from_string(self.raw_bytes))
# Use the system default magic file if no other was specified
# Append the user's magic file first so that those signatures take precedence
if not self.magic_files:
if self.search_for_opcodes:
self.magic_files = [
self.magic_files += [
self.config.settings.paths['user'][self.config.settings.BINARCH_MAGIC_FILE],
self.config.settings.paths['system'][self.config.settings.BINARCH_MAGIC_FILE],
]
elif self.cast_data_types:
self.magic_files = [
if self.cast_data_types:
self.magic_files += [
self.config.settings.paths['user'][self.config.settings.BINCAST_MAGIC_FILE],
self.config.settings.paths['system'][self.config.settings.BINCAST_MAGIC_FILE],
]
else:
self.magic_files = [
# Use the system default magic file if no other was specified, or if -B was explicitly specified
if not self.magic_files or self.force_default_scan:
self.magic_files += [
self.config.settings.paths['user'][self.config.settings.BINWALK_MAGIC_FILE],
self.config.settings.paths['system'][self.config.settings.BINWALK_MAGIC_FILE],
]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment