Welcome to my script, designed specifically for Arch Linux. Other tools were not fully functional on this system, which was quite frustrating.
This is officially my first time uploading my tool to GitHub. I hope you all give it a star, and feel free to raise any issues!
from 2024.1.24 N1nEmAn
The current simulation tools such as FirmAE and FAT are very convenient, but sometimes, some new firmware requires a higher level of DIY simulation. This open-source project is based on Archlinux and is configured directly from the QEMU level. It can be booted into the file system without manual operations and retains a high level of customization. Contributions of other system versions are also welcome. IoTSec FoR FUN!
from 2024.3.28 N1nEmAn
███████╗███████╗██╗ ██╗███╗ ██╗██╗ ██╗██████╗
██╔════╝██╔════╝██║ ██║████╗ ██║██║ ██║██╔══██╗
███████╗█████╗ ██║ ██║██╔██╗ ██║██║ ██║██████╔╝
╚════██║██╔══╝ ╚██╗ ██╔╝██║╚██╗██║██║ ██║██╔═══╝
███████║███████╗ ╚████╔╝ ██║ ╚████║╚██████╔╝██║
╚══════╝╚══════╝ ╚═══╝ ╚═╝ ╚═══╝ ╚═════╝ ╚═╝
This tool currently provides simulation of MIPSel firmware file systems. As I delve deeper into IoT security, more features will be developed in the future. Stay tuned!
Before using this script, make sure you have the following components installed:
-
yay -S qemu-user-static
-
tunctl (from the
uml_utilitiespackage)yay -S uml_utilities
-
sudo pacman -S python
-
Clone the repository:
git clone https://github.com/N1nEmAn/Sevnup.git cd Sevnup -
Run the script with the path to the squashfs-root as an argument:
#At first it will download images ./run.sh /path/to/squashfs-root -
Follow the instructions provided by the script.
-
If other steps are completed, you can run test.py to test whether it is successful.
-
use
gdb-multiarchto debug,command as follow:#if not install,install first yay -S gdb-multiarch #run as follow gdb-multiarch #then run as follow to debug kernel set architecture {arch} file {here fill in the location of the kernel} {here fill in the location of the program you need to debug(if any)} target remote :1234
if you need to debug the program running in the virtual machine, you need to break at the address inside the program, and then break at the function name, and continue over. This is the operation of gdb, so I won't go into details.
Here is a simple example provided for everyone's reference and convenience of use.
