binhop/README.md
2023-05-19 14:22:34 -07:00

2.8 KiB

binhop logo

binhop

binhop is a file carving visualizer, powered by binwalk.

It makes clear what parts of a blob can be extracted, so you can take action on the parts that didn't.
binhop relies entirely on a functioning installation of binwalk.

Installation and UsageFAQContributingLicense

Installation and Usage

To use this script, you need Python 3 and a functioning and "recent" version of binwalk installed on your system.

You'll probably also want to install optional binwalk dependencies such as sasquatch, jefferson, and others. You can learn how to do that in binwalk's INSTALL.md. binhop only "requires" binwalk, but it'll fail on binaries for which binwalk is dependent on optional modules.

When that's done, get binhop running with something like:

git clone https://github.com/darrylnixon/binhop.git
cd binhop
pip install -r requirements.txt
./binhop.py

Once running, browse to http://localhost:8080 to upload a blob.

FAQ

What problem does binhop solve?

binhop was written under the assumption that reverse engineers are blindly running binwalk -qeM on firmware images without validating what percentage of the image successfully extracted. I'm guilty of this in the past. binhop makes it easier to determine "coverage" of a walk/carve so that pieces that did not match any magic bytes can be analyzed further.

What are the future plans for binhop?

This repository is part of my coursework for CSC 842 - Security Tool Development at Dakota State University. Consequently, I may choose not to maintain this tool beyond the length of the course, but have selected a license that enables open contributions in any case.

For aesthetics, the interface is browser-based. It'd be ideal to make it command-line only, but I ran out of time trying to summarize an arbitrarily large number of bytes and sections into a human-consumable CLI output. I'm open to ideas.

Why did you select GPLv3? MIT is so much better.

GPLv3 still gives you the right to use, modify, and share binhop. It also has the benefit of requiring you to open-source software that uses it and share back any significant modifications or improvements to the code, and I like that.

How can I report a bug or request new features?

See Contributing below.

Contributing

If you would like to contribute to this project, feel free to submit a pull request or open an issue on GitHub.

License

This project is licensed under the GPLv3 License, because it's important to give back. See the LICENSE file for details.