@@ -0,0 +1,125 @@
#! /bin/bash
# this tool will automate firmware extraction and unpacking using FT232R-type adaptors (like BusPirate) and a SOIC clip placed on a chip to dump
# install the necessary software:
# $ sudo apt install flashrom binwalk || echo 'git clone?'
# pump up binwalk with additional packages and libraries
# $ bash <(curl -s https://raw.githubusercontent.com/devttys0/binwalk/master/deps.sh)
# place the clip on the chip, connect it to the adaptor, which sould be connected to your PC (with drivers installed) and launch the script:
# chip => clip => adaptor => PC => script
# the placement for clips may wary, but in most cases it should be like this:
# 5Vorange purple grey
# VCC _ CLK MOSI
# | | | |
# *------------*
# | ModelName |
# | o |
# *------------*
# | | | |
# CS MISO _ GND
# white black brown
# for 16-24 SOIC pins, just skip the middle pins and invert connections:
# CLK MOSI ... GND _
# | | ... | |
# *------ ... ------*
# | ModelName |
# | o |
# *------ ... ------*
# | | ... | |
# _ VCC ... CS MISO
FILE=firmware.bin
FILES=_$FILE .extracted
FS=filesystem
DEVICE=/dev/serial/by-id/usb-FTDI_FT232R_USB*
DEVICE=$( ls $DEVICE ) & > /dev/null
echo -e " \033[01;32m"
echo ' .---------------------------------.'
echo ' | .---------------------------. |'
echo ' |[]| |[]|'
echo ' | | | |'
echo ' | | | |'
echo ' | | ╔═╗┬┬─┐┌┬┐╔═╗╔╦╗ | |'
echo ' | | ╠╣ │├┬┘│││╠═╣ ║║ | |'
echo ' | | ╚ ┴┴└─┴ ┴╩ ╩═╩╝ | |'
echo ' | | | |'
echo ' | | | |'
echo ' | | | |'
echo ' | `---------------------------' ' |'
echo ' | __________________ _____ |'
echo ' | | ___ | | |'
echo ' | | | | | | |'
echo ' | | | | | | |'
echo ' | | | | | | |'
echo ' | | |___| | | |'
echo ' \_____|__________________|_____|__|'
echo ' '
echo ' Firmware Automatic Dumping & Extraction Tool'
echo ' '
echo -e " \e[0m"
echo ' VERIFYING ROOT PERMISSIONS ...'
if [[ $UID -ne 0 ]]
then
echo ' sudo !!'
exit 1
fi
echo ' SEARCHING FOR DEVICES ...'
if [[ ! " $DEVICE "
then
echo ' !!! NO DEVICE FOUND !!!'
echo ' ENSURE THAT THE DEVICE IS PLUGGED IN AND THE KERNEL HAS THE APPROPRIATE DRIVERS'
exit 2
fi
echo " *** FOUND $DEVICE ***"
echo ' SEARCHING FOR SERIAL FLASH EEPROM CHIP ...'
CHIP=$( flashrom -p buspirate_spi:dev=$DEVICE | grep Found | cut -d ' )' )
echo $CHIP | grep -v ' 0 kB'
if [ $? -ne 0 ] || [ " $CHIP " = " "
then
echo ' !!! NO CHIPSET FOUND !!!'
echo ' ENSURE THAT THE CLIP IS PLACED PROPERLY AND THE CABLES ARE CONNECTED CORRECTLY ACCORDING TO THE SERIAL PROTOCOL'
echo ' YOU CAN ALSO SPECIFY THE MODEL MANUALLY : (blank to quit)'
read CHIP
if [[ ! " $CHIP "
then
exit 3
fi
fi
CHIP=$( echo $CHIP | cut -d ' .' )
if [[ ! " $CHIP "
then
CHIP=$( echo $CHIP | cut -d ' .' )
fi
echo " *** ${CHIP^^} ) ***"
CHIP=$( echo $CHIP | cut -d ' "' )
echo " DUMPING THE FIRMWARE TO $FILE (<10 minutes) ..."
# flashrom -p buspirate_spi:dev=$DEVICE -c $CHIP -r $FILE 2>&1 >/dev/null | tr [[:lower:]] [[:upper:]]
flashrom -p buspirate_spi:dev=$DEVICE -c $CHIP -r $FILE > /dev/null
# TODO timeout
if [[ $? -ne 0 ]]
then
echo " !!! ERROR WHILE DUMPING !!!"
echo ' ENSURE THAT THE CONTACTS WERENT DISRUPTED AND THE CHIP MODEL IS CORRECT'
exit 4
fi
echo " *** DUMPED TO $FILE ***"
echo " EXTRACTING FILE SYSTEM TO $FS ..."
binwalk -Me -d 256 $FILE > /dev/null
if [[ $? -ne 0 ]]
then
echo " !!! ERROR WHILE EXTRACTING !!!"
echo ' ENSURE THAT THE DEPENDENCIES WERE PROPERLY INSTALLED AND FUNCTIONAL'
exit 5
fi
mv $FILES /squashfs-root $FS || mv $FILES /_* .extracted $FS 2> /dev/null
rm -r $FILES
ls -F1 $FS
echo " *** EXTRACTED TO $FS ***"
cryptolok created this gist