-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #767 from ReFirmLabs/dlink_shrs
Added SHRS firmware signature
- Loading branch information
Showing
9 changed files
with
171 additions
and
0 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
use crate::extractors::common::{Chroot, ExtractionResult, Extractor, ExtractorType}; | ||
use crate::structures::shrs::parse_shrs_header; | ||
|
||
/// Defines the internal extractor function for carving out D-Link SHRS firmware images | ||
/// | ||
/// ``` | ||
/// use std::io::ErrorKind; | ||
/// use std::process::Command; | ||
/// use binwalk::extractors::common::ExtractorType; | ||
/// use binwalk::extractors::shrs::shrs_extractor; | ||
/// | ||
/// match shrs_extractor().utility { | ||
/// ExtractorType::None => panic!("Invalid extractor type of None"), | ||
/// ExtractorType::Internal(func) => println!("Internal extractor OK: {:?}", func), | ||
/// ExtractorType::External(cmd) => { | ||
/// if let Err(e) = Command::new(&cmd).output() { | ||
/// if e.kind() == ErrorKind::NotFound { | ||
/// panic!("External extractor '{}' not found", cmd); | ||
/// } else { | ||
/// panic!("Failed to execute external extractor '{}': {}", cmd, e); | ||
/// } | ||
/// } | ||
/// } | ||
/// } | ||
/// ``` | ||
pub fn shrs_extractor() -> Extractor { | ||
Extractor { | ||
utility: ExtractorType::Internal(extract_shrs_image), | ||
..Default::default() | ||
} | ||
} | ||
|
||
/// Internal extractor for carve pieces of encrypted SHRS firmware images to disk | ||
pub fn extract_shrs_image( | ||
file_data: &[u8], | ||
offset: usize, | ||
output_directory: Option<&String>, | ||
) -> ExtractionResult { | ||
const IV_FILE_NAME: &str = "iv.bin"; | ||
const ENCRYPTED_FILE_NAME: &str = "encrypted.bin"; | ||
|
||
let mut result = ExtractionResult { | ||
..Default::default() | ||
}; | ||
|
||
// Parse the header | ||
if let Some(shrs_header_data) = file_data.get(offset..) { | ||
if let Ok(shrs_header) = parse_shrs_header(shrs_header_data) { | ||
result.success = true; | ||
result.size = Some(shrs_header.header_size + shrs_header.data_size); | ||
|
||
// Carve out the IV and encrypted data blob | ||
if output_directory.is_some() { | ||
let chroot = Chroot::new(output_directory); | ||
|
||
if !chroot.create_file(IV_FILE_NAME, &shrs_header.iv) | ||
|| !chroot.carve_file( | ||
ENCRYPTED_FILE_NAME, | ||
file_data, | ||
shrs_header.header_size, | ||
shrs_header.data_size, | ||
) | ||
{ | ||
result.success = false; | ||
} | ||
} | ||
} | ||
} | ||
|
||
result | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
use crate::signatures::common::{ | ||
SignatureError, SignatureResult, CONFIDENCE_LOW, CONFIDENCE_MEDIUM, | ||
}; | ||
use crate::structures::shrs::parse_shrs_header; | ||
|
||
/// Human readable description | ||
pub const DESCRIPTION: &str = "SHRS encrypted firmware"; | ||
|
||
/// SHRS firmware images always start with these bytes | ||
pub fn shrs_magic() -> Vec<Vec<u8>> { | ||
vec![b"SHRS".to_vec()] | ||
} | ||
|
||
/// Validates the SHRS header | ||
pub fn shrs_parser(file_data: &[u8], offset: usize) -> Result<SignatureResult, SignatureError> { | ||
// Successful return value | ||
let mut result = SignatureResult { | ||
offset, | ||
description: DESCRIPTION.to_string(), | ||
confidence: CONFIDENCE_LOW, | ||
..Default::default() | ||
}; | ||
|
||
if let Ok(shrs_header) = parse_shrs_header(&file_data[offset..]) { | ||
result.size = shrs_header.header_size + shrs_header.data_size; | ||
result.description = format!( | ||
"{}, header size: {} bytes, encrypted data size: {} bytes, IV: {}", | ||
result.description, | ||
shrs_header.header_size, | ||
shrs_header.data_size, | ||
hex::encode(shrs_header.iv), | ||
); | ||
|
||
if offset == 0 { | ||
result.confidence = CONFIDENCE_MEDIUM; | ||
} | ||
|
||
return Ok(result); | ||
} | ||
|
||
Err(SignatureError) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
use crate::structures::common::{self, StructureError}; | ||
|
||
/// Struct to store SHRS firmware header info | ||
#[derive(Debug, Default, Clone)] | ||
pub struct SHRSHeader { | ||
pub iv: Vec<u8>, | ||
pub data_size: usize, | ||
pub header_size: usize, | ||
} | ||
|
||
/// Parses an SHRS header | ||
pub fn parse_shrs_header(shrs_data: &[u8]) -> Result<SHRSHeader, StructureError> { | ||
const IV_START: usize = 12; | ||
const IV_END: usize = IV_START + 16; | ||
const HEADER_SIZE: usize = 0x6DC; | ||
|
||
let shrs_structure = vec![ | ||
("magic", "u32"), | ||
("unknown1", "u32"), | ||
("encrypted_data_size", "u32"), | ||
// 16-byte IV immediately follows | ||
]; | ||
|
||
// Parse the header | ||
if let Ok(shrs_header) = common::parse(shrs_data, &shrs_structure, "big") { | ||
if let Some(iv_bytes) = shrs_data.get(IV_START..IV_END) { | ||
return Ok(SHRSHeader { | ||
iv: iv_bytes.to_vec(), | ||
data_size: shrs_header["encrypted_data_size"], | ||
header_size: HEADER_SIZE, | ||
}); | ||
} | ||
} | ||
|
||
Err(StructureError) | ||
} |