binbloom
allyourbase
binbloom | allyourbase | |
---|---|---|
3 | 1 | |
465 | 33 | |
2.4% | - | |
10.0 | 4.0 | |
over 1 year ago | about 1 year ago | |
C | Python | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
binbloom
-
small script for quickly finding the base address of a firmware image by matching strings with pointer targets
You can check https://github.com/quarkslab/binbloom which has advanced methods to find base addresses.
-
Short Guide to Loading Legacy U-Boot Images in Ghidra (How to Determine CONFIG_SYS_BASE_ADDR)
Never tried it yet, but heard of it few times, so might worth to give it a try: https://github.com/quarkslab/binbloom
-
MIPS Firmware Reverse Engineering - anyone having any success using Ghidra for this?
Your best bet here is to get the base address nailed down (assuming it’s a flat/monolithic image). There are a handful of utilities floating around (binbloom, basefind2) that use various pointer heuristics to try to guess the base address. There’s also a nice trick detailed in PoC||GTFO that you can use pretty reliably.
allyourbase
What are some alternatives?
BaseAddressDiscoverererer - A python3 script for generating a list of possible base addresses given a raw binary program
FACT_core - Firmware Analysis and Comparison Tool
ghidra - Ghidra is a software reverse engineering (SRE) framework
owasp-mastg - The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
rizin - UNIX-like reverse engineering framework and command-line toolset.
vmlinux-to-elf - A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
basefind2 - A faster firmware base address scanner.
embark - EMBArk - The firmware security scanning environment
pocorgtfo - a "Proof of Concept or GTFO" mirror with an extensive index with also whole issues or individual articles as clean PDFs.