Dissect firmware

This article will show you how to quickly dissect firmware files and maybe get some information out of it. Here is no intention to debug or hack a firmware as a single article won't be sufficient for that. You will also need to have the tools available.

Get the firmware file and get started (example file: firmware.bin)

1. Basic analysis.

binwalk -E firmware.bin # If the entropy is close or 1 and the graph shows a straight line with no dips, your firmware is most likely encrypted or highly compressed. So this is a good indication ont to waste much more time).
binwalk firmware.bin # here you see information about the firmware structure. If nothing is detected, then you are out of luck for this article. (Also the graph above is most likely a straight line then).

Pick out the sections you would like to extract Start off with the hex offset that binwalk gave back:

dd if=firmware.bin  bs=1 skip=$(( 0xB72A80 )) of=section1.img # output will be in section1.img. You might or might not want to add count=$(( 0x849 )) to extract the exact range where the length is in hex

Now you can continue with the output section to your liking. Depending on the type, you will can follow the next few steps. Chose your topic based on the binwalk indications.

2. Analysing specific data types.

2.1 Squashfs

sudo unsquashfs -f -d /tmp/section1/ section1.img # The squashfs has been extracted to /tmp/section1. You can now browse the contents

2.2 Ubifs

ubireader_display_info firmware.bin
ubireader_list_files firmware.bin
ubireader_extract_images firmware.bin

If these fail although you assume Ubifs, you might have taken too many bytes off using dd. Maybe the offset is wrong. Attempt to run the whole firmware over those commands.