I love food with healthy and simple ingredients. I am a recipe developer and food blogger who is inspired by many cultures around the world. Today, I could be in Thailand having a Tom Yum Soup, and tomorrow I will be in France eating bouillabaisse!
Rogue Foodies is for everyone who loves to travel through the food they eat without borders, labels, or travel restrictions!
Become a member to get new recipes in your email every week
Linux has a powerful command line utility called strings that will tell you what a binary file contains. However, that's only useful to you if you have the source code for the software you're working with: that's exactly what I used to understand the uhttpd Lua extensions for the router.
As I said above, you can use the binwalk tool to extract files from a firmware image. You can also use the binwalk tool to inspect an image and look for configuration and other data. For this, we need to first build a firmware image. To get a firmware image, we can download a firmware image from a vendor. You can find vendor firmware images here and you can find more information about them
Here you can see that there are a few files extracted from the firmware image. Using binwalk against the file you can see that there is a Vendor file for this particular firmware. There is also a info file, which contains several interesting strings. I will focus on the info file because you can see the string kerninfo.lz4 in it. That is the name of the Lua interpreter used for this firmware.
I haven’t gotten very far, but I think I have found a couple of interesting things. I found the original firmware on the router using binwalk and from there, I was able to extract the filesystem.binwalk is able to extract files from mounted filesystems, without mounting it. I’m not sure if you need to have the root access on the host, or if it’s possible to extract files from the filesystem even if you don’t have root access. Either way, here are some interesting files that I discovered:
System.img: This is the filesystem image of the router. It has the encrypted configuration and the default configuration, along with other configuration files. The binwalk command will extract a .img file. I have read somewhere that you need the default password to decrypt the image, but I couldn’t get this to work. The default password is something like admin or password. 827ec27edc