
Toolkit to emulate firmware and analyse it for security vulnerabilities.
FAT is a toolkit built in order to help security researchers analyze and identify vulnerabilities in IoT and embedded device firmware. This is built in order to use for the “Offensive IoT Exploitation” training conducted by Attify.
Note:
* As of now, it is simply a script to automate Firmadyne which is a tool used for firmware emulation. In case of any issues with the actual emulation, please post your issues in the firmadyne issues.
* In case you are on Kali and are facing issues with emulation, it is recommended to use the AttifyOS Pre-Release VM downloadable from here, or alternatively you could do the above mentioned.
Firmware Analysis Toolkit is build on top of the following existing tools and projects :
1. Firmadyne
2. Binwalk
3. Firmware-Mod-Kit
4. MITMproxy
5. Firmwalker
Download and Setup instructions:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
Install Binwalk: git clone https://github.com/devttys0/binwalk.git cd binwalk sudo ./deps.sh sudo python ./setup.py install sudo apt-get install python-lzma :: (for Python 2.x) sudo -H pip install git+https://github.com/ahupp/python-magic Setting up firmadyne: sudo apt-get install busybox-static fakeroot git kpartx netcat-openbsd nmap python-psycopg2 python3-psycopg2 snmp uml-utilities util-linux vlan qemu-system-arm qemu-system-mips qemu-system-x86 qemu-utils git clone --recursive https://github.com/firmadyne/firmadyne.git cd ./firmadyne; ./download.sh Edit firmadyne.config and make the FIRMWARE_DIR point to the current location of Firmadyne folder. Setting up FAT: git clone https://github.com/attify/firmware-analysis-toolkit mv firmware-analysis-toolkit/fat.py . mv firmware-analysis-toolkit/reset.sh . chmod +x fat.py chmod +x reset.sh vi fat.py Here, edit the line number 9 which is firmadyne_path = '/root/tools/firmadyne' to the correct path in your system. Setting up Firmware-mod-Kit: sudo apt-get install git build-essential zlib1g-dev liblzma-dev python-magic git clone https://github.com/brianpow/firmware-mod-kit.git Find the location of binwalk using which binwalk . Modify the file shared-ng.inc to change the value of variable BINWALK to the value of /usr/local/bin/binwalk (if that is where your binwalk is installed). . Setting up MITMProxy: pip install mitmproxy or apt-get install mitmproxy Setting up Firmwalker: git clone https://github.com/craigz28/firmwalker.git python fat.py |
Source: https://github.com/attify