The Decompressoin tool for Vxworks MINIFS

Related tags

Security related resourcesMINIFS-Decompression
Overview

MINIFS-Decompression

The Decompression tool for Vxworks MINIFS filesystem.

USAGE

python minifs_decompression.py [target_firmware]

The example of Mercury router firmware:

$ python minifs_decompress.py ./MW305R.BIN
1173+0 records in
1173+0 records out
1173 bytes transferred in 0.006129 secs (191392 bytes/sec)
58+0 records in
58+0 records out
58 bytes transferred in 0.000298 secs (194616 bytes/sec)
2464+0 records in
2464+0 records out
2464 bytes transferred in 0.012085 secs (203890 bytes/sec)
127+0 records in
127+0 records out
127 bytes transferred in 0.000661 secs (192163 bytes/sec)
419+0 records in
419+0 records out
419 bytes transferred in 0.002342 secs (178908 bytes/sec)
1483+0 records in
1483+0 records out
1483 bytes transferred in 0.007509 secs (197497 bytes/sec)
10316+0 records in
10316+0 records out

The result of decompress:

$ tree
.
├── conf
│   ├── mcbDesc.bin
│   ├── modelDesc.bin
│   ├── oem.txt
│   ├── priv-key.pem
│   └── server-cert.pem
├── minifs_decompress.py
└── web
    ├── common
    │   ├── AccessCtrl.htm
    │   ├── Advance.htm
    │   ├── Basic.htm
    │   ├── BasicDynamicIp.htm
    │   ├── BasicEptManagement.htm
    │   ├── BasicHead.htm
    │   ├── BasicMenu.htm
    │   ├── BasicNetWork.htm
    │   ├── BasicPPPoE.htm
    │   ├── BasicStaticIp.htm
    │   ├── BasicWireless.htm
    │   ├── Content.htm
    │   ├── DHCPServer.htm
    │   ├── DMZCfg.htm
    │   ├── DateTimeCfg.htm
    │   ├── DdnsCfg.htm
    │   ├── Diagnostic.htm
    │   ├── DynamicIp.htm
    │   ├── Foot.htm
    │   ├── Help.htm
    │   ├── IPMACBind.htm
    │   ├── Index.htm
    │   ├── LanCfg.htm
    │   ├── Login.htm
    │   ├── LoginChgPwd.htm
    │   ├── MacClone.htm
    │   ├── ManageSettingUp.htm
    │   ├── PPPoE.htm
    │   ├── ParentControl.htm
    │   ├── PhoneBasicNetWork.htm
    │   ├── PhoneBasicWireless.htm
    │   ├── PhoneDynamicIp.htm
    │   ├── PhoneEquipManage.htm
    │   ├── PhoneEquipManageDetail.htm
    │   ├── PhoneIndex.htm
    │   ├── PhoneLogin.htm
    │   ├── PhoneLoginChgPwd.htm
    │   ├── PhoneMenu.htm
    │   ├── PhoneOtherSet.htm
    │   ├── PhoneOtherSetChgPwd.htm
    │   ├── PhonePPPoE.htm
    │   ├── PhoneStaticIp.htm
    │   ├── PhoneWizard.htm
    │   ├── PhoneWizardDynamicIp.htm
    │   ├── PhoneWizardEnd.htm
    │   ├── PhoneWizardPPPoE.htm
    │   ├── PhoneWizardStaticIp.htm
    │   ├── PhoneWizardWireless.htm
    │   ├── RouteTable.htm
    │   ├── StaticIp.htm
    │   ├── SysBakNRestore.htm
    │   ├── SysChangeLgPwd.htm
    │   ├── SysReboot.htm
    │   ├── SysReset.htm
    │   ├── SysUpgrade.htm
    │   ├── SystemLog.htm
    │   ├── UpnpCfg.htm
    │   ├── VirtualServerCfg.htm
    │   ├── WanCfg.htm
    │   ├── Wizard.htm
    │   ├── WizardDynamicIp.htm
    │   ├── WizardEnd.htm
    │   ├── WizardPPPoE.htm
    │   ├── WizardStaticIp.htm
    │   ├── WizardWireless.htm
    │   ├── WlanGuestNetWorkCfg.htm
    │   ├── WlanNetwork.htm
    │   ├── WlanWDSCfg.htm
    │   ├── WlanWDSCfgEnd.htm
    │   ├── WlanWDSCfgFirst.htm
    │   ├── WlanWDSCfgFive.htm
    │   ├── WlanWDSCfgFour.htm
    │   ├── WlanWDSCfgSecond.htm
    │   └── WlanWDSCfgThird.htm
    ├── dynaform
    │   ├── DataGrid.css
    │   ├── DataGrid.js
    │   ├── class.css
    │   ├── class.js
    │   ├── macFactory.js
    │   ├── menu.css
    │   ├── menu.js
    │   ├── phoneClass.css
    │   └── phoneClass.js
    ├── images
    │   ├── QRcode_me.png
    │   ├── advance_me.png
    │   ├── backwardBtn_me.png
    │   ├── basic_me.png
    │   ├── circleLeft_me.png
    │   ├── circleRight_me.png
    │   ├── detailArrow_me.png
    │   ├── equipMng_me.png
    │   ├── errorPic_me.png
    │   ├── icon_me.ico
    │   ├── icon_wifi_me.png
    │   ├── logo_me.png
    │   ├── mngPwd_me.png
    │   ├── netSet_me.png
    │   ├── otherSet_me.png
    │   ├── rightIcon_me.png
    │   ├── wanDetecting_me.gif
    │   ├── wdsDetect_me.gif
    │   ├── wifiSet_me.png
    │   ├── wzdWarningWhite_me.png
    │   └── wzd_me.png
    ├── language
    │   └── cn
    │       ├── error.js
    │       └── str.js
    ├── lib
    │   ├── DM.js
    │   ├── Quary.js
    │   ├── ajax.js
    │   ├── jquery-1.10.1.min.js
    │   ├── model.js
    │   └── verify.js
    └── upnp
        ├── ifc.xml
        ├── igd.xml
        ├── ipc.xml
        ├── l3f.xml
        ├── wfa.xml
        └── wps.xml

9 directories, 124 files

  • The file items displayed in 010Editor:

Reference

  1. http://patentlib.net/mnt/sipo/A/20200818/5/CN102020000408790CN00001115525110AFULZH20200818CN00V/
Owner
IoT Security Researcher, IoT firmware hacker.
GitHub Repository
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

3 Feb 20, 2022
Program that mathematically generates and validates CPF numbers

✔️ Gerador e Validador de CPF Programa que gera e valida números de CPF Requisitos • Como usar • Capturas de Tela Requisitos Antes de começar, você va

João Victor Vilela dos Santos 1 Nov 07, 2021
automatically crawl every URL and find cross site scripting (XSS)

scancss Fastest tool to find XSS. scancss is a fastest tool to detect Cross Site scripting (XSS) automatically and it's also an intelligent payload ge

Md. Nur habib 30 Sep 24, 2022
Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe

Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu

HubbleStack 368 Jan 04, 2023
Automated tool to exploit basic buffer overflow remotely and locally & x32 and x64

Automated tool to exploit basic buffer overflow (remotely or locally) & (x32 or x64)

5 Oct 09, 2022
威胁情报播报

Threat-Broadcast 威胁情报播报 运行环境 项目介绍 从以下公开的威胁情报来源爬取并整合最新信息: 360:https://cert.360.cn/warning 奇安信:https://ti.qianxin.com/advisory/ 红后:https://redqueen.tj-u

东方有鱼名为咸 148 Nov 09, 2022
Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1

CVE-2021-22911 Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1 The getPasswordPolicy method is vulnerable to NoS

Enox 47 Nov 09, 2022
This tool allows to automatically test for Content Security Policy bypass payloads.

CSPass This tool allows to automatically test for Content Security Policy bypass payloads. Usage [cspass]$ ./cspass.py -h usage: cspass.py [-h] [--no-

Ruulian 30 Nov 22, 2022
A python script written for lazy people to hack their school systen ;D

F-ck-the-system A python script written for lazy people to hack their school systen ;D Python voice notes writer This is a python script to record you

Sachit 2 Jan 09, 2022
Lazarus analysis tools and research report

Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python

JPCERT Coordination Center 50 Sep 13, 2022
Zero-attacker is an multipurpose hacking tool with over 12 tools

Zero Attacker Zero Attacker is bunch of tools which we made for people.These all tools are for purpose of ethical hacking and discord tools. Who is th

Asjad 300 Dec 28, 2022
A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck

Malware Configuration Extractor A Malware Configuration Extraction Tool and Modules for MalDuck This project is FREE as in FREE 🍺 , use it commercial

c3rb3ru5 103 Dec 18, 2022
A python package with tools to read and postprocess the output of the channel DNS-solver (davecats/channel), as well as its associated postprocessing tools.

Python tools for davecats/channel A python package with tools to read and postprocess the output of the channel dns solver, as well as its associated

Andrea Andreolli 1 Dec 13, 2021
Simples brute forcer de diretorios para web pentest.

🦑 dirbruter Simples brute forcer de diretorios para web pentest. ❕ Atenção Não ataque sites privados. Isto é illegal. 🖥️ Pré-requisitos Ultima versã

Dio brando 6 Jan 22, 2022
A forensic collection tool written in Python.

CHIRP A forensic collection tool written in Python. Watch the video overview 📝 Table of Contents 📝 Table of Contents 🧐 About 🏁 Getting Started Pre

Cybersecurity and Infrastructure Security Agency 1k Dec 09, 2022
Hadoop Yan RPC unauthorized RCE

Vuln Impact On November 15, 2021, A security researcher disclosed that there was an unauthorized access vulnerability in Hadoop yarn RPC. This vulnera

Al1ex 25 Nov 24, 2022
For educational purposes only. (Uzbek Edition)

DISCLAIMER 💣 Ushbu skriptdagi materiallar bilan bog'liq har qanday xatti-harakatlar faqat sizning javobgarligingizdir. Ushbu skriptdagi ma'lumotlarda

Husniddin Murodov 1 Feb 12, 2022
Acc-Data-Gen - Allows you to generate a password, e-mail & token for your Minecraft Account

Acc-Data-Gen Allows you to generate a password, e-mail & token for your Minecraft Account How to use the generator: Move all the files in a single dir

KarmaBait 2 May 16, 2022
compact and speedy hash cracker for md5, sha1, and sha256 hashes

hash-cracker hash cracker is a multi-functional and compact...hash cracking tool...that supports dictionary attacks against three kinds of hashes: md5

Abdullah Ansari 3 Feb 22, 2022
A GitHub action for organizations that enables advanced security code scanning on all new repos

Advanced-Security-Enforcer What this repository does This code is for an active GitHub Action written in Python to check (on a schedule) for new repos

Zack Koppert 30 May 17, 2022