Tool Binwalk (use in Forensic Analysis)
Author Craig Heffner
Use Analyze and extract firmware images and helps in identifying code, files, and other information embedded in the binary image of firmware. Binwalk uses libmagic library and custom magic signature file which makes more effective in an analysis of executable binaries.
Download Link https://github.com/ReFirmLabs/binwalk
Installation It is pre-installed on Kali Linux operating system. Navigate to unzip download directory and use below command for installation:
$ sudo python setup.py install
For download dependencies, visit url
Below command display all options
$ binwalk -h
Tool Usage Examples:
(1) Scan to identify code, files and other information
$ binwalk <firmware>
(2) Extract files from firmware
$ binwalk -e <firmware>
(3) Extract files from firmware recursively
$ binwalk -Me <firmware>
(4) Generate differences between firmware images
$ binwalk -W <firmware1> <firmware2> <firmware3>
(5) Signature Analysis
$ binwalk -B <firmware>
(6) Entropy Analysis
$ binwalk -E <firmware>
(7) Upgrade to latest version
$ sudo binwalk -u
(8) Verbose Output
$ binwalk --verbose <firmware>
(9) Capture log files
$ binwalk -f file.log <firmware>
(10) Format output to a current terminal
$ binwalk -t <firmware>
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.