The firmware of the router is usually stored in flash memory. The file format is xxx.bin Bin format is a binary file that stores the machine code of the router. Through decompilation, it can be reduced to assembly code for analysis. Obtaining, decompiling and analyzing firmware usually follows the following steps:
Acquiring a SPI FLASH programmer of a common router in an environment required by router firmware;
It is best to log in to the desktop of ubuntu system with Winows notebook;
Putty, winhex and WinSCP software tools under Windows;
TTL cable, network cable, multimeter, soldering iron, hot air gun and other tools and wires;
The analysis step is to disassemble the shell of the corresponding router equipment;
Check the interface identification inside the router;
Use multimeter to find the corresponding grounding GND label;
Usually, TTL pins are reserved for debugging or upgrading;
Check whether there are pins or contacts of TTL lines;
Connect the TTL pin or contact of the router with the prepared TTL line;
Open the serial port connected by TTL line with the serial port item in putty under windows;
Check whether there is log information about router startup, and if there is, please analyze it carefully;
After the routing information is started, see if there is a terminal jumping out and a login window jumping out;
If there is a login window, but you can't enter it, or you can't guess the corresponding user name and password;
Remove the flash memory chip from the router with a hot air gun or soldering iron;
All firmware pre-stored in FLASH chips by programmers under Windows;
Upload the extracted firmware to ubuntu system with WinSCP tool;
Install corresponding firmware analysis tools (firmware-mod-kit, binwalk, lzma, squashfs-tools, etc.). ) in ubuntu system;
Use these analysis tools for analysis. After analysis, decompress the corresponding data packets and analyze the corresponding key data in advance.
According to the above steps, you can analyze the router.