binhop/README.md

76 lines
3.4 KiB
Markdown
Raw Permalink Normal View History

2023-05-18 11:10:01 -07:00
<div align="center">
2023-05-19 14:22:34 -07:00
<img src="static/binhop.png" alt="binhop logo">
2023-05-18 11:10:01 -07:00
# binhop
2023-05-19 14:22:34 -07:00
`binhop` is a **file carving visualizer**, powered by `binwalk`.
2023-05-18 11:10:01 -07:00
It makes clear what parts of a blob can be extracted, so you can
take action on the parts that didn't.<br />
2023-05-19 14:22:34 -07:00
`binhop` relies entirely on a functioning installation of `binwalk`.
2023-05-18 11:10:01 -07:00
2023-05-19 14:22:34 -07:00
[Installation and Usage](#installation) •
2023-05-18 11:49:27 -07:00
[FAQ](#faq) •
2023-05-18 11:10:01 -07:00
[Contributing](#contributing) •
[License](#license)
</div>
2023-05-19 14:22:34 -07:00
## Installation and Usage
2023-05-18 11:49:27 -07:00
2023-05-22 10:42:34 -07:00
### Build with Docker (recommended)
Assuming you have Docker installed and running, you can serve binhop locally with something like:
```
git clone https://github.com/darrylnixon/binhop.git
cd binhop
docker build . -t csc842/binhop
docker run --name binhop -e PORT=3050 -p 3050:3050 --restart=always csc842/binhop
```
Then browse to [http://localhost:3050](http://localhost:3050) and upload a blob.
### Manually
2023-05-19 23:50:03 -07:00
To use this script, you need Python 3 and a functioning and "recent" version of `binwalk` installed on your system. In practice, this means you're *probably* going to need to be on an x86/x86_64 Linux, but maybe you have better karma than I do.
2023-05-18 11:49:27 -07:00
2023-05-19 23:50:03 -07:00
You'll probably also want to install optional `binwalk` dependencies such as `sasquatch`, `jefferson`, and others, depending on the binaries you want to submit. You can learn how to do that in [binwalk's INSTALL.md](https://github.com/ReFirmLabs/binwalk/blob/master/INSTALL.md). `binhop` only "requires" `binwalk`, but it'll fail on binaries for which `binwalk` is dependent on optional modules.
2023-05-19 14:22:34 -07:00
When that's done, get `binhop` running with something like:
2023-05-18 11:49:27 -07:00
```
git clone https://github.com/darrylnixon/binhop.git
cd binhop
pip install -r requirements.txt
./binhop.py [--port <port, default: 8080>]
2023-05-18 11:10:01 -07:00
```
2023-05-19 23:50:03 -07:00
Once running, browse to [http://localhost:8080](http://localhost:8080) and upload a blob.
2023-05-18 11:10:01 -07:00
2023-05-18 11:49:27 -07:00
## FAQ
2023-05-18 11:10:01 -07:00
2023-05-18 11:49:27 -07:00
**What problem does binhop solve?**
2023-05-18 11:10:01 -07:00
2023-05-19 14:22:34 -07:00
`binhop` was written under the assumption that reverse engineers are blindly running `binwalk -qeM` on firmware images without validating what percentage of the image successfully extracted. I'm guilty of this in the past. `binhop` makes it easier to determine "coverage" of a walk/carve so that pieces that did not match any magic bytes can be analyzed further.
2023-05-18 11:10:01 -07:00
2023-05-18 11:49:27 -07:00
**What are the future plans for binhop?**
This repository is part of my coursework for CSC 842 - Security Tool Development at Dakota State University. Consequently, I may choose not to maintain this tool beyond the length of the course, but have selected a license that enables open contributions in any case.
2023-05-19 23:50:03 -07:00
For aesthetics, the interface is browser-based. It'd be ideal to make it command-line accessible, but I ran out of time trying to summarize an arbitrarily large number of bytes and sections into a human-consumable CLI output. I'm open to ideas.
2023-05-19 14:22:34 -07:00
2023-05-18 11:49:27 -07:00
**Why did you select GPLv3? MIT is so much better.**
2023-05-19 14:22:34 -07:00
GPLv3 still gives you the right to use, modify, and share `binhop`. It also has the benefit of requiring you to open-source software that uses it and share back any significant modifications or improvements to the code, and I like that.
2023-05-18 11:49:27 -07:00
**How can I report a bug or request new features?**
See [Contributing](#contributing) below.
2023-05-18 11:10:01 -07:00
## Contributing
If you would like to contribute to this project, feel free to submit a pull request or open an issue on GitHub.
## License
This project is licensed under the GPLv3 License, because it's important to give back. See the `LICENSE` file for details.