Scanning firmware
binwalk main function - is by far the most popular features - its signature scanning.
Binwalk can scan many different file types and file systems embedded firmware image; just give it a list of files to be scanned
File extraction
You can tell binwalk following -e
extract any files it finds in the firmware image options:
$ binwalk -e firmware.bin
If you also specify -M
options, Binwalk even recursively scan files when extracting files:
$ binwalk -Me firmware.bin
If -r
this option is specified, it will automatically remove any files could not be extracted signatures - or lead to 0 file size of the file signature:
$ binwalk -Mre firmware.bin
To extract a particular type of signature, specify one or more -D type options:
$ binwalk -D ' png图片:PNG '的firmware.bin
Entropy Analysis
If not reported any signature binwalk what will happen? Or, how do you know binwalk did not miss anything interesting?
Entropy analysis helps to identify interesting data portion of the firmware image:
$ binwalk -E firmware.bin
Reprinted Source:
https://github.com/ReFirmLabs/binwalk/wiki/Quick-Start-Guide#entropy-analysis