bcheck
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than Firmware Slap.
Install
sudo apt install rabbitmq
pip install -e .
Usage
bcheck.py -h
usage: bcheck.py [-h] [-p] [-s] file
positional arguments:
file Binary file to check
optional arguments:
-h, --help show this help message and exit
-p, --printf Enable printf checking
-s, --system Enable command injection checking
Example
b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Bootloader' ">
$ bcheck.py -s examples/upload.cgi
[~] Checking for command injections
100% |############################################################| Elapsed Time: 0:00:01 Time: 0:00:01
Found 5 test sites in binary
[-] Scanned functions:
[-] : 0x401a28 : getLanIP
[+] : 0x4012b8 : mtd_write_firmware
0x7ffefdf8 -> b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Kernel'
[-] : 0x4009f0 : main
[+] : 0x4010d0 : write_flash_kernel_version
0x7ffefdf8 -> b'nvram_set 2860 old_firmware "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x00"'
[+] : 0x401338 : mtd_write_bootloader
0x7ffefdf8 -> b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Bootloader'
98 Dec 26, 2022
4 Apr 05, 2022
6 Dec 28, 2022
6 Jan 22, 2022
1 Dec 14, 2021
3 Jun 05, 2022
30 Nov 19, 2022
19 Sep 12, 2022
53 Nov 01, 2022
73 Jan 01, 2023
46 Nov 12, 2022
1.3k Jan 03, 2023
22 Jul 25, 2022
56 Dec 27, 2022
65 Dec 22, 2022
1 Oct 22, 2021
2 Feb 14, 2022
17 Nov 09, 2022
8.3k Jan 08, 2023
7.4k Jan 04, 2023