The Decompressoin tool for Vxworks MINIFS

Related tags

Security related resourcesMINIFS-Decompression
Overview

MINIFS-Decompression

The Decompression tool for Vxworks MINIFS filesystem.

USAGE

python minifs_decompression.py [target_firmware]

The example of Mercury router firmware:

$ python minifs_decompress.py ./MW305R.BIN
1173+0 records in
1173+0 records out
1173 bytes transferred in 0.006129 secs (191392 bytes/sec)
58+0 records in
58+0 records out
58 bytes transferred in 0.000298 secs (194616 bytes/sec)
2464+0 records in
2464+0 records out
2464 bytes transferred in 0.012085 secs (203890 bytes/sec)
127+0 records in
127+0 records out
127 bytes transferred in 0.000661 secs (192163 bytes/sec)
419+0 records in
419+0 records out
419 bytes transferred in 0.002342 secs (178908 bytes/sec)
1483+0 records in
1483+0 records out
1483 bytes transferred in 0.007509 secs (197497 bytes/sec)
10316+0 records in
10316+0 records out

The result of decompress:

$ tree
.
├── conf
│   ├── mcbDesc.bin
│   ├── modelDesc.bin
│   ├── oem.txt
│   ├── priv-key.pem
│   └── server-cert.pem
├── minifs_decompress.py
└── web
    ├── common
    │   ├── AccessCtrl.htm
    │   ├── Advance.htm
    │   ├── Basic.htm
    │   ├── BasicDynamicIp.htm
    │   ├── BasicEptManagement.htm
    │   ├── BasicHead.htm
    │   ├── BasicMenu.htm
    │   ├── BasicNetWork.htm
    │   ├── BasicPPPoE.htm
    │   ├── BasicStaticIp.htm
    │   ├── BasicWireless.htm
    │   ├── Content.htm
    │   ├── DHCPServer.htm
    │   ├── DMZCfg.htm
    │   ├── DateTimeCfg.htm
    │   ├── DdnsCfg.htm
    │   ├── Diagnostic.htm
    │   ├── DynamicIp.htm
    │   ├── Foot.htm
    │   ├── Help.htm
    │   ├── IPMACBind.htm
    │   ├── Index.htm
    │   ├── LanCfg.htm
    │   ├── Login.htm
    │   ├── LoginChgPwd.htm
    │   ├── MacClone.htm
    │   ├── ManageSettingUp.htm
    │   ├── PPPoE.htm
    │   ├── ParentControl.htm
    │   ├── PhoneBasicNetWork.htm
    │   ├── PhoneBasicWireless.htm
    │   ├── PhoneDynamicIp.htm
    │   ├── PhoneEquipManage.htm
    │   ├── PhoneEquipManageDetail.htm
    │   ├── PhoneIndex.htm
    │   ├── PhoneLogin.htm
    │   ├── PhoneLoginChgPwd.htm
    │   ├── PhoneMenu.htm
    │   ├── PhoneOtherSet.htm
    │   ├── PhoneOtherSetChgPwd.htm
    │   ├── PhonePPPoE.htm
    │   ├── PhoneStaticIp.htm
    │   ├── PhoneWizard.htm
    │   ├── PhoneWizardDynamicIp.htm
    │   ├── PhoneWizardEnd.htm
    │   ├── PhoneWizardPPPoE.htm
    │   ├── PhoneWizardStaticIp.htm
    │   ├── PhoneWizardWireless.htm
    │   ├── RouteTable.htm
    │   ├── StaticIp.htm
    │   ├── SysBakNRestore.htm
    │   ├── SysChangeLgPwd.htm
    │   ├── SysReboot.htm
    │   ├── SysReset.htm
    │   ├── SysUpgrade.htm
    │   ├── SystemLog.htm
    │   ├── UpnpCfg.htm
    │   ├── VirtualServerCfg.htm
    │   ├── WanCfg.htm
    │   ├── Wizard.htm
    │   ├── WizardDynamicIp.htm
    │   ├── WizardEnd.htm
    │   ├── WizardPPPoE.htm
    │   ├── WizardStaticIp.htm
    │   ├── WizardWireless.htm
    │   ├── WlanGuestNetWorkCfg.htm
    │   ├── WlanNetwork.htm
    │   ├── WlanWDSCfg.htm
    │   ├── WlanWDSCfgEnd.htm
    │   ├── WlanWDSCfgFirst.htm
    │   ├── WlanWDSCfgFive.htm
    │   ├── WlanWDSCfgFour.htm
    │   ├── WlanWDSCfgSecond.htm
    │   └── WlanWDSCfgThird.htm
    ├── dynaform
    │   ├── DataGrid.css
    │   ├── DataGrid.js
    │   ├── class.css
    │   ├── class.js
    │   ├── macFactory.js
    │   ├── menu.css
    │   ├── menu.js
    │   ├── phoneClass.css
    │   └── phoneClass.js
    ├── images
    │   ├── QRcode_me.png
    │   ├── advance_me.png
    │   ├── backwardBtn_me.png
    │   ├── basic_me.png
    │   ├── circleLeft_me.png
    │   ├── circleRight_me.png
    │   ├── detailArrow_me.png
    │   ├── equipMng_me.png
    │   ├── errorPic_me.png
    │   ├── icon_me.ico
    │   ├── icon_wifi_me.png
    │   ├── logo_me.png
    │   ├── mngPwd_me.png
    │   ├── netSet_me.png
    │   ├── otherSet_me.png
    │   ├── rightIcon_me.png
    │   ├── wanDetecting_me.gif
    │   ├── wdsDetect_me.gif
    │   ├── wifiSet_me.png
    │   ├── wzdWarningWhite_me.png
    │   └── wzd_me.png
    ├── language
    │   └── cn
    │       ├── error.js
    │       └── str.js
    ├── lib
    │   ├── DM.js
    │   ├── Quary.js
    │   ├── ajax.js
    │   ├── jquery-1.10.1.min.js
    │   ├── model.js
    │   └── verify.js
    └── upnp
        ├── ifc.xml
        ├── igd.xml
        ├── ipc.xml
        ├── l3f.xml
        ├── wfa.xml
        └── wps.xml

9 directories, 124 files

  • The file items displayed in 010Editor:

Reference

  1. http://patentlib.net/mnt/sipo/A/20200818/5/CN102020000408790CN00001115525110AFULZH20200818CN00V/
Owner
IoT Security Researcher, IoT firmware hacker.
GitHub Repository
𝙾𝚙𝚎𝚗 𝚂𝚘𝚞𝚛𝚌𝚎 𝚂𝚌𝚛𝚒𝚙𝚝 - 𝙽𝚘 𝙲𝚘𝚙𝚢𝚛𝚒𝚐𝚑𝚝 - 𝚃𝚎𝚊𝚖 𝚆𝚘𝚛𝚔 - 𝚂𝚒𝚖𝚙𝚕𝚎 𝙿𝚢𝚝𝚑𝚘𝚗 𝙿𝚛𝚘𝚓𝚎𝚌𝚝 - 𝙲𝚛𝚎𝚊𝚝𝚎𝚍 𝙱𝚢 : 𝙰𝚕𝚕 𝚃𝚎𝚊𝚖 - 𝙲𝚘𝚙𝚢𝙿𝚊𝚜𝚝 𝙲𝚊𝚗 𝙽𝚘𝚝 𝙼𝚊𝚔𝚎 𝚈𝚘𝚞 𝚁𝚎𝚊𝚕 𝙿𝚛𝚘𝚐𝚛𝚊𝚖𝚖𝚎𝚛

𝙾𝚙𝚎𝚗 𝚂𝚘𝚞𝚛𝚌𝚎 𝚂𝚌𝚛𝚒𝚙𝚝 - 𝙽𝚘 𝙲𝚘𝚙𝚢𝚛𝚒𝚐𝚑𝚝 - 𝚃𝚎𝚊𝚖 𝚆𝚘𝚛𝚔 - 𝚂𝚒𝚖𝚙𝚕𝚎 𝙿𝚢𝚝𝚑𝚘𝚗 𝙿𝚛𝚘𝚓𝚎𝚌𝚝 - 𝙲𝚛𝚎𝚊𝚝𝚎𝚍 𝙱𝚢 : 𝙰𝚕𝚕 𝚃𝚎𝚊𝚖 - 𝙲𝚘𝚙𝚢𝙿𝚊𝚜𝚝 𝙲𝚊𝚗 𝙽𝚘𝚝 𝙼𝚊𝚔𝚎 𝚈𝚘𝚞 𝚁𝚎𝚊𝚕 𝙿𝚛𝚘𝚐𝚛𝚊𝚖𝚖𝚎𝚛

CodeX-ID 2 Oct 27, 2022
Simplify getting and using cookies from the browser to use in Python.

CookieCache Simplify getting and using cookies from the browser to use in Python. NOTE: All the logic to interface with the browsers is done by the Br

pat_h/to/file 2 May 06, 2022
This repository is one of a few malware collections on the GitHub.

This repository is one of a few malware collections on the GitHub.

Andrew 1.7k Dec 28, 2022
Script checks provided domains for log4j vulnerability

log4j Script checks provided domains for log4j vulnerability. A token is created with canarytokens.org and passed as header at request for a single do

Matthias Nehls 2 Dec 12, 2021
A Modified version of TCC's Osprey poc framework......

fierce-fish fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写,去掉臃肿功能的精简版本poc框架 PS:真的用不惯其它臃肿的功能,不过作为一个收集漏洞poc && exp的框架还是非常不错的!!! osprey For beginners fr

lUc1f3r11 10 Dec 30, 2022
Details,PoC and patches for CVE-2021-45383 & CVE-2021-45384

CVE-2021-45383 & CVE-2021-45384 There are several network-layer vulnerabilities in the official server of Minecraft: Bedrock Edition (aka Bedrock Serv

20 Apr 07, 2022
The Devils Eye is an OSINT tool that searches the Darkweb for onion links and descriptions that match with the users query without requiring the use for Tor.

The Devil's Eye searches the darkweb for information relating to the user's query and returns the results including .onion links and their description

Richard Mwewa 135 Dec 31, 2022
adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.

adb - An exploitation tool for android devices. A tool that allows you to search for vulnerable android devices across the world and exploit them. Fea

136 Jan 02, 2023
Bypass 4xx HTTP response status codes.

Forbidden Bypass 4xx HTTP response status codes. To see all the test cases, check the source code - follow the NOTE comments. Script uses multithreadi

Ivan Šincek 165 Dec 28, 2022
Source code for "A Two-Stream AMR-enhanced Model for Document-level Event Argument Extraction" @ NAACL 2022

TSAR Source code for NAACL 2022 paper: A Two-Stream AMR-enhanced Model for Document-level Event Argument Extraction. 🔥 Introduction We focus on extra

21 Sep 24, 2022
CVE-2021-45232-RCE-多线程批量漏洞检测

CVE-2021-45232-RCE CVE-2021-45232-RCE-多线程批量漏洞检测 FOFA 查询 title="Apache APISIX Das

孤桜懶契 36 Sep 21, 2022
TightVNC Vulnerability.

CVE-2022-23967 In TightVNC 1.3.10, there is an integer signedness error and resultant heap-based buffer overflow in InitialiseRFBConnection in rfbprot

MaherAzzouzi 15 Jul 11, 2022
Mad Spammer is a python webhook spammer which is very easy and safe to use.

Mad Spammer 👿 Pre-Setup: Open your terminal/console and type: pip install module colorama python MadSpammer.py Setup: After doing that, you should be

1 Nov 26, 2021
A script to extract SNESticle from Fight Night Round 2

fn22snesticle.py A script for producing a SNESticle ISO from a Fight Night Round 2 ISO and any SNES ROM. Background Fight Night Round 2 is a boxing ga

Johannes Holmberg 57 Nov 22, 2022
"KeyLogger-WebService" Is a Keylogger Write In python.

KeyLogger-WebService "KeyLogger-WebService" Is a Keylogger Write In python. When you Inject the file on a computer once the file is opened on the comp

Freddox 21 Dec 16, 2022
CVE-2021-43798Exp多线程批量验证脚本

Grafana V8.*任意文件读取Exp--多线程批量验证脚本 漏洞描述 Grafana是一个开源的度量分析与可视化套件。经常被用作基础设施的时间序列数据和应用程序分析的可视化,它在其他领域也被广泛的使用包括工业传感器、家庭自动化、天气和过程控制等。其 8.*版本任意文件读取漏洞,该漏洞目前为0d

2 Dec 16, 2021
Convert a collection of features to a fixed-dimensional matrix using the hashing trick.

FeatureHasher Convert a collection of features to a fixed-dimensional matrix using the hashing trick. Note, this requires Jina=2.2.4. Example Here I

Jina AI 5 Mar 15, 2022
Übersicht remote command execution 0day exploit

Übersicht RCE 0day Unauthenticated remote command execution 0day exploit for Übersicht. Description Übersicht is a desktop widget application for m

BoofGang 10 Dec 21, 2021
recover Firefox and more browsers logins

Browser Creds this script will recover saved browsers logins into txt files. It currently only support windows 10. currently support : Chrome Opera Fi

HugoLB 41 Nov 09, 2022
Security system to prevent Shoulder Surfing Attacks

Surf_Sec Security system to prevent Shoulder Surfing Attacks. REQUIREMENTS: Python 3.6+ XAMPP INSTALLED METHOD TO CONFIGURE PROJECT: Clone the repo to

Aman Anand 1 Jan 27, 2022