The Decompressoin tool for Vxworks MINIFS

Related tags

Security related resourcesMINIFS-Decompression
Overview

MINIFS-Decompression

The Decompression tool for Vxworks MINIFS filesystem.

USAGE

python minifs_decompression.py [target_firmware]

The example of Mercury router firmware:

$ python minifs_decompress.py ./MW305R.BIN
1173+0 records in
1173+0 records out
1173 bytes transferred in 0.006129 secs (191392 bytes/sec)
58+0 records in
58+0 records out
58 bytes transferred in 0.000298 secs (194616 bytes/sec)
2464+0 records in
2464+0 records out
2464 bytes transferred in 0.012085 secs (203890 bytes/sec)
127+0 records in
127+0 records out
127 bytes transferred in 0.000661 secs (192163 bytes/sec)
419+0 records in
419+0 records out
419 bytes transferred in 0.002342 secs (178908 bytes/sec)
1483+0 records in
1483+0 records out
1483 bytes transferred in 0.007509 secs (197497 bytes/sec)
10316+0 records in
10316+0 records out

The result of decompress:

$ tree
.
├── conf
│   ├── mcbDesc.bin
│   ├── modelDesc.bin
│   ├── oem.txt
│   ├── priv-key.pem
│   └── server-cert.pem
├── minifs_decompress.py
└── web
    ├── common
    │   ├── AccessCtrl.htm
    │   ├── Advance.htm
    │   ├── Basic.htm
    │   ├── BasicDynamicIp.htm
    │   ├── BasicEptManagement.htm
    │   ├── BasicHead.htm
    │   ├── BasicMenu.htm
    │   ├── BasicNetWork.htm
    │   ├── BasicPPPoE.htm
    │   ├── BasicStaticIp.htm
    │   ├── BasicWireless.htm
    │   ├── Content.htm
    │   ├── DHCPServer.htm
    │   ├── DMZCfg.htm
    │   ├── DateTimeCfg.htm
    │   ├── DdnsCfg.htm
    │   ├── Diagnostic.htm
    │   ├── DynamicIp.htm
    │   ├── Foot.htm
    │   ├── Help.htm
    │   ├── IPMACBind.htm
    │   ├── Index.htm
    │   ├── LanCfg.htm
    │   ├── Login.htm
    │   ├── LoginChgPwd.htm
    │   ├── MacClone.htm
    │   ├── ManageSettingUp.htm
    │   ├── PPPoE.htm
    │   ├── ParentControl.htm
    │   ├── PhoneBasicNetWork.htm
    │   ├── PhoneBasicWireless.htm
    │   ├── PhoneDynamicIp.htm
    │   ├── PhoneEquipManage.htm
    │   ├── PhoneEquipManageDetail.htm
    │   ├── PhoneIndex.htm
    │   ├── PhoneLogin.htm
    │   ├── PhoneLoginChgPwd.htm
    │   ├── PhoneMenu.htm
    │   ├── PhoneOtherSet.htm
    │   ├── PhoneOtherSetChgPwd.htm
    │   ├── PhonePPPoE.htm
    │   ├── PhoneStaticIp.htm
    │   ├── PhoneWizard.htm
    │   ├── PhoneWizardDynamicIp.htm
    │   ├── PhoneWizardEnd.htm
    │   ├── PhoneWizardPPPoE.htm
    │   ├── PhoneWizardStaticIp.htm
    │   ├── PhoneWizardWireless.htm
    │   ├── RouteTable.htm
    │   ├── StaticIp.htm
    │   ├── SysBakNRestore.htm
    │   ├── SysChangeLgPwd.htm
    │   ├── SysReboot.htm
    │   ├── SysReset.htm
    │   ├── SysUpgrade.htm
    │   ├── SystemLog.htm
    │   ├── UpnpCfg.htm
    │   ├── VirtualServerCfg.htm
    │   ├── WanCfg.htm
    │   ├── Wizard.htm
    │   ├── WizardDynamicIp.htm
    │   ├── WizardEnd.htm
    │   ├── WizardPPPoE.htm
    │   ├── WizardStaticIp.htm
    │   ├── WizardWireless.htm
    │   ├── WlanGuestNetWorkCfg.htm
    │   ├── WlanNetwork.htm
    │   ├── WlanWDSCfg.htm
    │   ├── WlanWDSCfgEnd.htm
    │   ├── WlanWDSCfgFirst.htm
    │   ├── WlanWDSCfgFive.htm
    │   ├── WlanWDSCfgFour.htm
    │   ├── WlanWDSCfgSecond.htm
    │   └── WlanWDSCfgThird.htm
    ├── dynaform
    │   ├── DataGrid.css
    │   ├── DataGrid.js
    │   ├── class.css
    │   ├── class.js
    │   ├── macFactory.js
    │   ├── menu.css
    │   ├── menu.js
    │   ├── phoneClass.css
    │   └── phoneClass.js
    ├── images
    │   ├── QRcode_me.png
    │   ├── advance_me.png
    │   ├── backwardBtn_me.png
    │   ├── basic_me.png
    │   ├── circleLeft_me.png
    │   ├── circleRight_me.png
    │   ├── detailArrow_me.png
    │   ├── equipMng_me.png
    │   ├── errorPic_me.png
    │   ├── icon_me.ico
    │   ├── icon_wifi_me.png
    │   ├── logo_me.png
    │   ├── mngPwd_me.png
    │   ├── netSet_me.png
    │   ├── otherSet_me.png
    │   ├── rightIcon_me.png
    │   ├── wanDetecting_me.gif
    │   ├── wdsDetect_me.gif
    │   ├── wifiSet_me.png
    │   ├── wzdWarningWhite_me.png
    │   └── wzd_me.png
    ├── language
    │   └── cn
    │       ├── error.js
    │       └── str.js
    ├── lib
    │   ├── DM.js
    │   ├── Quary.js
    │   ├── ajax.js
    │   ├── jquery-1.10.1.min.js
    │   ├── model.js
    │   └── verify.js
    └── upnp
        ├── ifc.xml
        ├── igd.xml
        ├── ipc.xml
        ├── l3f.xml
        ├── wfa.xml
        └── wps.xml

9 directories, 124 files

  • The file items displayed in 010Editor:

Reference

  1. http://patentlib.net/mnt/sipo/A/20200818/5/CN102020000408790CN00001115525110AFULZH20200818CN00V/
Owner
IoT Security Researcher, IoT firmware hacker.
GitHub Repository
EMBArk - The firmware security scanning environment

Embark is being developed to provide the firmware security analyzer emba as a containerized service and to ease accessibility to emba regardless of system and operating system.

emba 175 Dec 14, 2022
OSINT Cybersecurity Tools

OSINT Cybersecurity Tools Welcome to the World of OSINT: An ongoing collection of awesome tools and frameworks, best security software practices, libr

Paul Veillard, P. Eng 7 Jul 01, 2022
A honeypot for the Log4Shell vulnerability (CVE-2021-44228)

Log4Pot A honeypot for the Log4Shell vulnerability (CVE-2021-44228). License: GPLv3.0 Features Listen on various ports for Log4Shell exploitation. Det

Thomas Patzke 79 Dec 27, 2022
Generate malicious files using recently published bidi-attack (CVE-2021-42574)

CVE-2021-42574 - Code generator Generate malicious files using recently published bidi-attack vulnerability, which was discovered in Unicode Specifica

js-on 7 Nov 09, 2022
Cam-Hacker: Ip Cameras hack with python

Cam-Hacker Hack Cameras Mode Of Execution: apt-get install python3 apt-get insta

Error 4 You 9 Dec 17, 2022
You can crack any zip file and get the password.

Zip-Cracker Video Lesson : This is a Very powerfull Zip File Crack tool for termux users. Check 500 000 Passwords in 30 seconds Unique Performance Che

Razor Kenway 13 Oct 24, 2022
Mass scan for .git repository and .env file exposure

Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response

8 Jun 23, 2022
Apache OFBiz rmi反序列化EXP(CVE-2021-26295)

Apache OFBiz rmi反序列化EXP(CVE-2021-26295) 目前仅支持nc弹shell 将ysoserial.jar放置在同目录下,py3运行,根据提示输入漏洞url,你的vps地址和端口 第二次使用建议删除exp.ot 本工具仅用于安全测试,禁止未授权非法攻击站点,否则后果自负

15 Nov 09, 2022
集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具,使用docker封装运行;

tools下有几个工具,所以项目文件比较大,如果下载总是中断的话建议拆开下载各个项目然后直接拷贝dockefile和recon.py即可 0x01 hscan介绍 hscan是什么 hscan是一款旨在使用一条命令替代渗透前的多条扫描命令,通过集成crawlergo扫描和xray扫描、dirsear

102 Jan 04, 2023
CloudFlare reconnaissance, tries to uncover the IP behind CF.

CloudFlare reconnaissance, tries to uncover the IP behind CF.

Neospace 8 Dec 03, 2021
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Known issues it will not work outside kali , i will update it

Hossam 867 Dec 22, 2022
一个自动挖掘漏洞的框架,日后会发展成强大的信息收集+漏洞挖掘脚本!

介绍 工具介绍 这是一款致力于将各类优秀脚本集合在一起调用、联动,最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息,发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。

Thinking rookie 23 Jul 05, 2022
A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228

1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://

Isuru Umayanga 7 Aug 06, 2022
🏃 Python Solutions of All Problems in FHC 2021 (In Progress)

FacebookHackerCup-2021 Python solutions of Facebook Hacker Cup 2021. Solution begins with * means it will get TLE in the largest data set (total compu

kamyu 14 Oct 15, 2022
Simple and easy framework for phishing 🎣

👋 It's in beta, I'm still building How to install Linux and Termux: Clone Rp: git clone https://github.com/J4c5/superfish.git Install the dependencie

Jack 4 Jan 27, 2022
python driver for fingerprint machine (ZKTeco biometrics)

fpmachine python driver for fingerprint machine (ZKTeco biometrics) support until now 2 model supported and tested ZMM100_TFT and ZMM220_TFT install p

Samy Sultan 4 Oct 06, 2022
Update of uncaptcha2 from 2019

YouTube Video Proof of Concept I created a new YouTube Video with technical Explanation for breaking Google's Audio reCAPTCHAs: Click on the image bel

Nikolai Tschacher 153 Dec 20, 2022
Bandit is a tool designed to find common security issues in Python code.

A security linter from PyCQA Free software: Apache license Documentation: https://bandit.readthedocs.io/en/latest/ Source: https://github.com/PyCQA/ba

Python Code Quality Authority 4.8k Dec 31, 2022
Scan Site - Tools For Scanning Any Site and Get Site Information

Site Scanner Tools For Scanning Any Site and Get Site Information Example Require - pip install colorama - pip install requests How To Use Download Th

NumeX 5 Mar 19, 2022
BurpSuite Extension: Log4j2 RCE Scanner

Log4j2 RCE Scanner 作者:[email protected]元亨实验室 声明:由于传播、利用本项目所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,项目作者不为此承担任何责

ᴋᴇʏ 87 Dec 29, 2021