bcheck
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than Firmware Slap.
Install
sudo apt install rabbitmq
pip install -e .
Usage
bcheck.py -h
usage: bcheck.py [-h] [-p] [-s] file
positional arguments:
file Binary file to check
optional arguments:
-h, --help show this help message and exit
-p, --printf Enable printf checking
-s, --system Enable command injection checking
Example
b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Bootloader' ">
$ bcheck.py -s examples/upload.cgi
[~] Checking for command injections
100% |############################################################| Elapsed Time: 0:00:01 Time: 0:00:01
Found 5 test sites in binary
[-] Scanned functions:
[-] : 0x401a28 : getLanIP
[+] : 0x4012b8 : mtd_write_firmware
0x7ffefdf8 -> b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Kernel'
[-] : 0x4009f0 : main
[+] : 0x4010d0 : write_flash_kernel_version
0x7ffefdf8 -> b'nvram_set 2860 old_firmware "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x00"'
[+] : 0x401338 : mtd_write_bootloader
0x7ffefdf8 -> b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Bootloader'
1 Dec 31, 2021
9 Oct 05, 2022
102 Jan 04, 2023
4 Dec 14, 2021
29 Jul 27, 2021
20 Nov 11, 2022
5 Nov 23, 2021
5 Mar 15, 2022
2 Feb 09, 2022
2 Dec 16, 2021
7 Aug 06, 2022
2 Jan 11, 2022
2 Jan 11, 2022
87 Dec 13, 2022
2 May 16, 2022
50 Dec 26, 2022
29 Jul 14, 2022
11 Dec 22, 2022
1 Apr 18, 2022
25 Nov 24, 2022