本文来源于个人FirmAE安装经历。写出来也是为了帮助在固件模拟上浪费生命的大家…
以下为安装中需要用到的链接
FiremAE
routersploit
binwalk
download
首先是download问题。先说一句直接跑脚本大概率是要寄的…
download脚本全是从git上面下东西,裸连基本不可能完整下载好。
目前有两个解决方法:
1.挂代理,用proxychains跑脚本。
这个大家懂的都懂,有条件的可以考虑。没有条件的看下一个办法
2.手工下载
先说明一下这个办法我没有测试过,但基本上应该可行,应该适用于无代理情况
这里先贴一下download脚本
#!/bin/sh
set -e
download(){
wget -N --continue -P./binaries/ $*
}
echo "Downloading binaries..."
echo "Downloading kernel 2.6 (MIPS)..."
download https://github.com/pr0v3rbs/FirmAE_kernel-v2.6/releases/download/v1.0/vmlinux.mipsel.2
download https://github.com/pr0v3rbs/FirmAE_kernel-v2.6/releases/download/v1.0/vmlinux.mipseb.2
echo "Downloading kernel 4.1 (MIPS)..."
download https://github.com/pr0v3rbs/FirmAE_kernel-v4.1/releases/download/v1.0/vmlinux.mipsel.4
download https://github.com/pr0v3rbs/FirmAE_kernel-v4.1/releases/download/v1.0/vmlinux.mipseb.4
echo "Downloading kernel 4.1 (ARM)..."
download https://github.com/pr0v3rbs/FirmAE_kernel-v4.1/releases/download/v1.0/zImage.armel
download https://github.com/pr0v3rbs/FirmAE_kernel-v4.1/releases/download/v1.0/vmlinux.armel
echo "Downloading busybox..."
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/busybox.armel
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/busybox.mipseb
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/busybox.mipsel
echo "Downloading console..."
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/console.armel
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/console.mipseb
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/console.mipsel
echo "Downloading libnvram..."
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/libnvram.so.armel
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/libnvram.so.mipseb
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/libnvram.so.mipsel
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/libnvram_ioctl.so.armel
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/libnvram_ioctl.so.mipseb
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/libnvram_ioctl.so.mipsel
echo "Downloading gdb..."
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/gdb.armel
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/gdb.mipseb
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/gdb.mipsel
echo "Downloading gdbserver..."
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/gdbserver.armel
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/gdbserver.mipseb
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/gdbserver.mipsel
echo "Downloading strace..."
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/strace.armel
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/strace.mipseb
download https://github.com/pr0v3rbs/FirmAE/releases/download/v1.0/strace.mipsel
echo "Done!"
懒得看的我直接说结论了:
这个破烂脚本说白了就是把上面那一堆url里的东西下载完了往repo目录下的binary目录里一丢…
所以你需要做的就是手动下载这些玩意然后丢进去就行了…(先进的智能下载技术)
install
跑之前先给大家几个建议:
1.确保自己的qemu环境正常
贴一下install.sh里面涉及qemu的部分
# for qemu
sudo apt-get install -y qemu-system-arm qemu-system-mips qemu-system-x86 qemu-utils
如果你自己手动编译安装了qemu建议注释掉这个,否则会弄乱qemu环境。
像我之前瞎折腾搞到qemu环境不正常的,建议把qemu相关包全删了(如果编译安装的话连/bin里面都要删),保证环境干净之后直接跑这个脚本
2.检查一下postgresql
没什么原因,这玩意安firmadyne会自己装个postgresql,加一点配置,不要让它给你弄乱就好
3.网络问题
老生常谈,它会clone一堆项目,所以最好走代理(当然不行我也会给出解决办法)
下面这个是经典问题
问题在哪呢?这时候你如果去看看analyses目录下面的routersploit目录,会发现它是个空的,空的…
这个repo在自己的目录里面引入了routersploit的源项目,但不知道为什么,clone下来直接是个空项目。解决方法自然简单粗暴:直接停掉脚本,去官方repo下载压缩包,解压完顶替掉这个空文件夹,再接着跑install.sh就行了。注意文件夹名字要保持一致(routersploit)
一般来说这里问题解决差不多了,一路跑脚本就可以解决了。
经@t1anx1n提醒,是git clone的问题,官方的readme里面提到了要这么clone:
$ git clone --recursive https://github.com/pr0v3rbs/FirmAE
实际上就是循环克隆子项目