bcheck
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than Firmware Slap.
Install
sudo apt install rabbitmq
pip install -e .
Usage
bcheck.py -h
usage: bcheck.py [-h] [-p] [-s] file
positional arguments:
file Binary file to check
optional arguments:
-h, --help show this help message and exit
-p, --printf Enable printf checking
-s, --system Enable command injection checking
Example
b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Bootloader' ">
$ bcheck.py -s examples/upload.cgi
[~] Checking for command injections
100% |############################################################| Elapsed Time: 0:00:01 Time: 0:00:01
Found 5 test sites in binary
[-] Scanned functions:
[-] : 0x401a28 : getLanIP
[+] : 0x4012b8 : mtd_write_firmware
0x7ffefdf8 -> b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Kernel'
[-] : 0x4009f0 : main
[+] : 0x4010d0 : write_flash_kernel_version
0x7ffefdf8 -> b'nvram_set 2860 old_firmware "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x00"'
[+] : 0x401338 : mtd_write_bootloader
0x7ffefdf8 -> b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Bootloader'
534 Dec 14, 2022
2 Oct 31, 2022
27 Dec 25, 2022
2 Mar 20, 2022
5 Oct 09, 2022
2.2k Jan 08, 2023
2.5k Jan 07, 2023
365 Nov 30, 2022
3 Dec 30, 2021
1 Dec 08, 2021
29 Nov 20, 2022
21 Dec 27, 2022
1.4k Jan 01, 2023
9 Oct 05, 2022
9 Jun 01, 2022
36 Dec 20, 2022
87 Dec 31, 2022
4 Jan 13, 2022
48 Jun 20, 2022
622 Jan 04, 2023