我已经为我的路由器下载了固件并在其上运行 binwalk:
root@max-VirtualBox:~/src/wrt54g-4.21.5# binwalk firmware.bin
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------------------------------
32 0x20 TRX firmware header, little endian, header size: 28 bytes, image size: 3362816 bytes, CRC32: 0xE3ABE901 flags/version: 0x10000
60 0x3C gzip compressed data, was "piggy", from Unix, last modified: Tue Feb 7 21:40:02 2012, max compression
700660 0xAB0F4 Squashfs filesystem, little endian, version 2.0, size: 2654572 bytes, 502 inodes, blocksize: 65536 bytes, created: Tue Feb 7 21:43:28 2012
所以看起来我们有一个简单的头文件、一些压缩数据和一个 squashfs 文件系统。我将压缩数据提取到一个名为piggy.
我再次运行 binwalkpiggy并得到以下信息:
root@max-VirtualBox:~/src/wrt54g-4.21.5/piggy# binwalk piggy
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------------------------------
1304240 0x13E6B0 Linux kernel version "2.4.20 (crazy@sw1) (gcc version 3.2.3 with Broadcom modificatio 3.2.3 with Broadcom modifications) #3 Wed Feb 8 11:39:49 HKT 2ons) #3 Wed Feb 8 11:39:49 HKT 20122012"
1563820 0x17DCAC LZMA compressed data, properties: 0x04, dictionary size: 16777216 bytes, uncompressed size: 117440512 bytes
1567553 0x17EB41 LZMA compressed data, properties: 0x02, dictionary size: 2097152 bytes, uncompressed size: 524288 bytes
1606440 0x188328 LZMA compressed data, properties: 0x01, dictionary size: 16777216 bytes, uncompressed size: 50331648 bytes
所以我们有一个 Linux 内核和 LZMA 压缩数据。重新运行带有-e标志的binwalk 会自动为我提取压缩部分。
然而,这就是我被困的地方。
一旦我得到了这三个压缩部分,我就不能用unlzma,7zr或任何东西来解压缩它们。该file实用程序表示它们仍然是数据对象。
我是新手,所以任何指导都将不胜感激。我应该从这里去哪里?