Load ARM (MIPS-MIPS32) Linux Filesystem On VMware?
I have a Linux firmware for the MIPS architecture. Would it be possible to load up a firmware image like this in VMWare? I am trying to get into reverse-engineering, but have hit a wall. Here is the binwalk output:
8212 0x2014 uImage header, header size: 64 bytes, header CRC: 0xD384760C, created: 2021-12-01 11:10:32, image size: 1975811 bytes, Data Address: 0x81001000, Entry Point: 0x813E4860, data CRC: 0xE74BA6F, OS: Linux, CPU: MIPS, image type: OS Kernel Image, compression type: lzma, image name: "Linux Kernel Image" 8276 0x2054 LZMA compressed data, properties: 0x5D, dictionary size: 33554432 bytes, uncompressed size: 5748736 bytes 1984088 0x1E4658 Squashfs filesystem, little endian, version 4.0, compression:xz, size: 10883970 bytes, 2239 inodes, blocksize: 131072 bytes, created: 2021-12-02 11:17:54
I have managed to extract the raw filesystem from the .bin file, but cannot get much further. How would I go about loading something like this in VMware? Would it even be possible due to architecture differences? It has a squashfs-root file, and some others in the binary. I am myself on windows (doing everything via WSL), but not shy to boot Linux. Here is some LS output of the binary:
I am able to extract the files with 7zip from the binary, as stated. But this removes the other
1E4658.squashfs file, the
2054 file, and the
2054.7z and only decompresses the linux filesystem from
1E4658.squashfs file, is a copy of the whole filesystem it seems like. (I think maybe for validation? I don't know.)
It's firmware for my TP-link deco. If anyone has any tips to get further with reverse engineering, please do share!! :)
How would I go about loading something like this in VMware?
Would it even be possible due to architecture differences?
VMware simulates an x86 desktop PC.
You can attach floppy disk, CD-ROM or DVD images to VMware to simulate such a media.
If you have installed some operating systems in your virtual machine (that runs inside VMware) that contains a tool (similar to
7z) that can extract firmware image files, it makes sense to copy the firmware image to the virtual machine - in this case the file is just a "regular" file for VMware (just like a text document or a PNG image).
However, VMware itself cannot do anything with a Firmware image for ARM or MIPS.
I am able to extract the files with 7zip from the binary, as stated. But this removes the ... files ...
Looking at your screenshot, I doubt if I understood your question correctly.
If I understand the "binwalk" output correctly, the first file begins at offset 8212 (which is hexadecimal 0x2014), the second one at offset 8276 and the SquashFS image begins at offset.
So if you want to have the file
2014, you can use the
dd tool to extract that file from the firmware image:
dd if=firmware_image of=output_filename bs=1 count=64 skip=8212
firmware_image by the file name of the firmware image and
output_filename by the desired file name for the file
For the second file use:
count=1975812 (because the file's size is: 1984088-8276=1975812) and
skip=8276. For the SquashFS image, use
skip=1984088 and omit the
count= argument (this means: extract until the end of the file).
The content of the
2014 file is already shown by "binwalk":
uImage header, header size ... name: "Linux Kernel Image"
The file does not contain any more data but this line of information.
2054 file is an operating system kernel image. Such an image does not contain any "useful" information that can be read out.
And the kernel image will only work on the device it is intended for - it won't work on "MIPS-based routers" but it will only work on the MIPS-based router "Example Industries Inc, ABC-1234-D".
- → Database Record created_at Time Randomly Changes
- → npm is putting all dependencies and sub-dependecies int he same folder
- → Laravel 5.2 not working with vagrant homestead php 7
- → Can't add cron task in Laravel 5.0.5 on linux server
- → Node.js Split large file into parts and iterate over the parts
- → Laravel - Connection could not be established with host smtp.gmail.com
- → Redirect Each Page of Old Domain to Same Page URL on the New Domain
- → October CMS - Cannot edit pages in backend - http status 403
- → The Laravel View is Not Working On Linux Server
- → Beanstalkd to start when the system starts up or reboots , how to uncomment "START yes" on Centos
- → Vagrant with homestead and Linux boxes
- → Only one route not returning anything on live Laravel site, works on local sites