`qemu-mips-static` chroot 导致 `Invalid ELF image` 错误

逆向工程 固件 linux 米普 奇木 固件分析
2021-07-06 02:42:22

我正在尝试在我的 Ubuntu 16.04 x86 系统上模拟 MIPS 二进制文件,但我不能。chroot进入squashfs-root了从binwalk固件映像中获得文件系统

kan3k1@kaido:~/firmware/_firmware.bin.extracted/squashfs-root$ ls -l
total 3092
drwxr-xr-x 2 kan3k1 kan3k1    4096 Mar 18  2018 bin
drwxr-xr-x 5 kan3k1 kan3k1    4096 Mar 18  2018 dev
drwxr-xr-x 5 kan3k1 kan3k1    4096 Mar 18  2018 etc
drwxr-xr-x 3 kan3k1 kan3k1    4096 Mar 18  2018 lib
lrwxrwxrwx 1 kan3k1 kan3k1      11 Mar 18  2018 linuxrc -> bin/busybox
drwxr-xr-x 2 kan3k1 kan3k1    4096 Mar 18  2018 mnt
drwxr-xr-x 2 kan3k1 kan3k1    4096 Mar 18  2018 proc
-rwxr-xr-x 1 kan3k1 kan3k1 3120160 Dec 17 01:07 qemu-mips-static
drwxr-xr-x 2 kan3k1 kan3k1    4096 Mar 18  2018 sbin
drwxr-xr-x 2 kan3k1 kan3k1    4096 Mar 18  2018 sys
drwxr-xr-x 4 kan3k1 kan3k1    4096 Mar 18  2018 usr
drwxr-xr-x 2 kan3k1 kan3k1    4096 Mar 18  2018 var
drwxr-xr-x 9 kan3k1 kan3k1    4096 Mar 18  2018 web

kan3k1@kaido:~/firmware/_firmware.bin.extracted/squashfs-root$ sudo chroot . ./qemu-mips-static ./bin/ls
./bin/ls: Invalid ELF image for this architecture

kan3k1@kaido:~/firmware/_firmware.bin.extracted/squashfs-root$ sudo chroot . ./qemu-mips-static ./bin/busybox 
./bin/busybox: Invalid ELF image for this architecture

kan3k1@kaido:~/firmware/_firmware.bin.extracted/squashfs-root$ file bin/ls
bin/ls: symbolic link to busybox
kan3k1@kaido:~/firmware/_firmware.bin.extracted/squashfs-root$ file bin/busybox 
bin/busybox: ELF 32-bit LSB executable, MIPS, MIPS32 rel2 version 1 (SYSV), dynamically linked, interpreter /lib/ld-uClibc.so.0, stripped

kan3k1@kaido:~/firmware/_firmware.bin.extracted/squashfs-root$ rabin2 -I ./bin/ls
arch     mips
baddr    0x400000
binsz    260852
bintype  elf
bits     32
canary   false
class    ELF32
crypto   false
endian   little
havecode true
intrp    /lib/ld-uClibc.so.0
laddr    0x0
lang     c
linenum  false
lsyms    false
machine  MIPS R3000
maxopsz  16
minopsz  1
nx       false
os       linux
pcalign  0
pic      false
relocs   false
relro    no
rpath    NONE
sanitiz  false
static   false
stripped true
subsys   linux
va       true

kan3k1@kaido:~/firmware/_firmware.bin.extracted/squashfs-root$ rabin2 -I ./bin/busybox 
arch     mips
baddr    0x400000
binsz    260852
bintype  elf
bits     32
canary   false
class    ELF32
crypto   false
endian   little
havecode true
intrp    /lib/ld-uClibc.so.0
laddr    0x0
lang     c
linenum  false
lsyms    false
machine  MIPS R3000
maxopsz  16
minopsz  1
nx       false
os       linux
pcalign  0
pic      false
relocs   false
relro    no
rpath    NONE
sanitiz  false
static   false
stripped true
subsys   linux
va       true

我的系统信息:

kan3k1@kaido:~/firmware/_firmware.bin.extracted/squashfs-root$ uname -a
Linux kaido 4.15.0-29-generic #31~16.04.1-Ubuntu SMP Wed Jul 18 10:19:08 UTC 2018 i686 i686 i686 GNU/Linux

关于如何解决这个问题的任何想法?我能够在网上找到的所有资源都与.so导致错误的文件有关。

1个回答

看起来你的二进制文件是小端的,所以你需要 qemu-mips el

其它你可能感兴趣的问题
上一篇带有 DAT_ 的 CMP ecx 下一篇在用 GO 编写的剥离二进制文件中查找“func main”