Comments (7)
m-1-k-3
commented on May 22, 2024
1
If you have a full installation of EMBA up and running you could give it a try over here: https://github.com/m-1-k-3/emba
Please note that you currently have to install the needed deps manually and it is only running in dev mode (./installer.sh -F):
sudo python3 -m pip install protobuf
sudo pip install bsdiff4
cd external
git clone https://github.com/vm03/payload_dumper.git
cd ..
sudo ./emba.sh -f ./android/ota-payload.bin -l ./android/testlogs -D -S -t -s -z
In my initial testrun it looks not too bad. It extracts the ota update but fails with the ext extractor afterwards. I will take a deeper look into this issue the next days.
from emba.
m-1-k-3
commented on May 22, 2024
1
Merged in master. Docker container updated.
Have phun and give us feedback :)
from emba.
m-1-k-3
commented on May 22, 2024
Looks quite interesting and should not too hard to integrate this feature into EMBA. Is EMBA currently able to extract something useful from such a payload file?
from emba.
keesj-exset
commented on May 22, 2024
Hi,
I tried the code on a ota.zip file and on a plain payload.bin. It looks like the OTA extractor only triggers on a top level payload.bin and not when inside a zip. I am not 100% sure because I also got the "Extractor needs too much disk space" message. anyway:
It looks like the installation of the dependencies is not yet working
==> Android OTA extractor
-----------------------------------------------------------------
00000000 43 72 41 55 00 00 00 00 00 00 00 02 00 00 00 00 |CrAU............|
00000010 00 01 f4 3f 00 00 02 0b 18 80 20 20 8b f4 b1 af |...?...... ....|
00000020 07 28 8b 04 60 00 6a b3 bb 01 0a 06 73 79 73 74 |.(..`.j.....syst|
00000030 65 6d 10 01 1a 1b 73 79 73 74 65 6d 2f 62 69 6e |em....system/bin|
00000040 2f 6f 74 61 70 72 65 6f 70 74 5f 73 63 72 69 70 |/otapreopt_scrip|
00000050 74 22 04 65 78 74 34 3a 28 08 80 80 d4 a9 03 12 |t".ext4:(.......|
00000060 20 41 a7 38 e6 90 a4 84 bc 64 bb 10 81 14 97 97 | A.8.....d......|
00000070 37 a9 1b 33 a8 bc 55 6c 2f b3 1e 59 f2 fd 97 ac |7..3..Ul/..Y....|
00000080 6c 42 31 08 08 10 00 18 a4 c2 3a 32 05 08 00 10 |lB1.......:2....|
00000090 80 04 42 20 82 fe 45 9b a4 1b 58 d9 92 8d c6 8e |..B ..E...X.....|
[*] Extracting Android OTA payload.bin file ...
Traceback (most recent call last):
File "/home/vagrant/emba/./external/payload_dumper/payload_dumper.py", line 7, in <module>
import bsdiff4
ModuleNotFoundError: No module named 'bsdiff4'
find: '../log4/firmware/android_ota/': No such file or directory
find: '../log4/firmware/android_ota/': No such file or directory
[*] Extracted 0 files and 0 directories from the firmware image.
[*] Mon May 16 03:19:02 EDT 2022 - P25_android_ota finished
[*] Mon May 16 03:19:02 EDT 2022 - P60_firmware_bin_extractor starting
from emba.
keesj-exset
commented on May 22, 2024
[^[[0;33m*^[[0m] Fri May 13 07:06:38 EDT 2022 - P17_gpg_decompress finished
[^[[0;33m*^[[0m] Fri May 13 07:06:38 EDT 2022 - P18_qnap_decryptor starting
[^[[0;33m*^[[0m] Fri May 13 07:06:38 EDT 2022 - P18_qnap_decryptor finished
[^[[0;33m*^[[0m] Fri May 13 07:06:38 EDT 2022 - P19_bsd_ufs_mounter starting
[^[[0;33m*^[[0m] Fri May 13 07:06:38 EDT 2022 - P19_bsd_ufs_mounter finished
[^[[0;33m*^[[0m] Fri May 13 07:06:38 EDT 2022 - P25_android_ota starting
[^[[0;33m*^[[0m] Fri May 13 07:06:38 EDT 2022 - P25_android_ota finished
[^[[0;33m*^[[0m] Fri May 13 07:06:38 EDT 2022 - P60_firmware_bin_extractor starting
[^[[0;35m!^[[0m]^[[0;35m Fri May 13 07:10:09 EDT 2022 - Extractor needs too much disk space 13209^[[0m
[^[[0;35m!^[[0m]^[[0;35m Fri May 13 07:10:09 EDT 2022 - Ending extraction processes^[[0m
[^[[0;33m*^[[0m] Fri May 13 07:14:50 EDT 2022 - P60_firmware_bin_extractor finished
[^[[0;33m*^[[0m] Fri May 13 07:14:50 EDT 2022 - P65_package_extractor starting
┌──(vagrant㉿EMBAbox)-[~/emba]
└─$ df -h
Filesystem Size Used Avail Use% Mounted on
udev 4.8G 0 4.8G 0% /dev
tmpfs 973M 888K 972M 1% /run
/dev/sda1 372G 62G 295G 18% /
tmpfs 4.8G 0 4.8G 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 973M 64K 973M 1% /run/user/130
tmpfs 973M 60K 973M 1% /run/user/1000
└─$ du -hm "/home" --max-depth=1 --exclude="proc" 2>/dev/null | awk '{ print $1 }' | sort -hr | head -1 || true
28104
./emba.sh: export MAX_EXT_SPACE=11000 # a useful value, could be adjusted if you deal with very big firmware images
230:
if [[ "$DISK_SPACE" -gt "$MAX_EXT_SPACE" ]]; then
print_output "[!] $(date) - Extractor needs too much disk space $DISK_SPACE" "main"
print_output "[!] $(date) - Ending extraction processes" "main"
DISK_SPACE_CRIT=1
break
fi
from emba.
m-1-k-3
commented on May 22, 2024
Hi,
I tried the code on a ota.zip file and on a plain payload.bin. It looks like the OTA extractor only triggers on a top level payload.bin and not when inside a zip. I am not 100% sure because I also got the "Extractor needs too much disk space" message. anyway:
It looks like the installation of the dependencies is not yet working
==> Android OTA extractor ----------------------------------------------------------------- 00000000 43 72 41 55 00 00 00 00 00 00 00 02 00 00 00 00 |CrAU............| 00000010 00 01 f4 3f 00 00 02 0b 18 80 20 20 8b f4 b1 af |...?...... ....| 00000020 07 28 8b 04 60 00 6a b3 bb 01 0a 06 73 79 73 74 |.(..`.j.....syst| 00000030 65 6d 10 01 1a 1b 73 79 73 74 65 6d 2f 62 69 6e |em....system/bin| 00000040 2f 6f 74 61 70 72 65 6f 70 74 5f 73 63 72 69 70 |/otapreopt_scrip| 00000050 74 22 04 65 78 74 34 3a 28 08 80 80 d4 a9 03 12 |t".ext4:(.......| 00000060 20 41 a7 38 e6 90 a4 84 bc 64 bb 10 81 14 97 97 | A.8.....d......| 00000070 37 a9 1b 33 a8 bc 55 6c 2f b3 1e 59 f2 fd 97 ac |7..3..Ul/..Y....| 00000080 6c 42 31 08 08 10 00 18 a4 c2 3a 32 05 08 00 10 |lB1.......:2....| 00000090 80 04 42 20 82 fe 45 9b a4 1b 58 d9 92 8d c6 8e |..B ..E...X.....| [*] Extracting Android OTA payload.bin file ... Traceback (most recent call last): File "/home/vagrant/emba/./external/payload_dumper/payload_dumper.py", line 7, in <module> import bsdiff4 ModuleNotFoundError: No module named 'bsdiff4' find: '../log4/firmware/android_ota/': No such file or directory find: '../log4/firmware/android_ota/': No such file or directory [*] Extracted 0 files and 0 directories from the firmware image. [*] Mon May 16 03:19:02 EDT 2022 - P25_android_ota finished [*] Mon May 16 03:19:02 EDT 2022 - P60_firmware_bin_extractor starting
I will do a check on this during the next days ...
from emba.
m-1-k-3
commented on May 22, 2024
As far as I can see bsdiff4 is missing on your system. In the docker container you will find a working installation of it. So, you can use the official docker image and everything should works as expected.
Regarding your local installation I am wondering as the bsdiff4 package should be installed via the installer module installer/IP00_extractors.sh
Could you please verify your local installation and the state of the package:
└─$ sudo pip list | grep bsdiff
bsdiff4 1.2.2
The deep extraction mode for ota updates is fixed in #246
from emba.
Related Issues (20)
- Error while installing on Ubuntu WSL HOT 13
- Installation Fails Due to CVE-Search Looking at 127.0.0.1 instead of 172.36.0.1 HOT 3
- CVE seacher error HOT 9
- HTML Report: One missing CVE in each software product HOT 3
- Improve our interesting firmware collection HOT 8
- cve-search Dep-check fails with working db HOT 1
- Use EasyLKB for kernel emulation (and debugging?) HOT 3
- ERROR: The Compose file './docker-compose.yml' is invalid HOT 3
- KeyError: epss HOT 12
- UEFI firmware analysis should not analyse every single file on an extracted filesystem? HOT 10
- couldn't find remote ref master HOT 3
- Addition of C/C++ Semgrep ruleset HOT 6
- Installation notes is obsolete HOT 1
- Kali Linux 2023.04 is out now HOT 2
- cwe-checker not working HOT 2
- Ghidra Dependency Help HOT 7
- Does the software have a breakpoint rescan function HOT 4
- Drone firmware testing support HOT 1
- Adding identification of components HOT 6
- P35_uefi_extractor is always executed on embedded linux image HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from emba.