From 7a462ff674827fad8f3b196b13e5af9ddf49f270 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Stucke?= Date: Thu, 15 Aug 2024 15:06:21 +0200 Subject: [PATCH] added bneg unpacker --- .../plugins/unpacking/bneg/__init__.py | 0 .../plugins/unpacking/bneg/code/__init__.py | 0 .../plugins/unpacking/bneg/code/bneg.py | 44 ++++++++++++++++++ .../plugins/unpacking/bneg/test/__init__.py | 0 .../unpacking/bneg/test/data/test.bneg | Bin 0 -> 35 bytes .../plugins/unpacking/bneg/test/test_bneg.py | 27 +++++++++++ 6 files changed, 71 insertions(+) create mode 100644 fact_extractor/plugins/unpacking/bneg/__init__.py create mode 100644 fact_extractor/plugins/unpacking/bneg/code/__init__.py create mode 100644 fact_extractor/plugins/unpacking/bneg/code/bneg.py create mode 100644 fact_extractor/plugins/unpacking/bneg/test/__init__.py create mode 100644 fact_extractor/plugins/unpacking/bneg/test/data/test.bneg create mode 100644 fact_extractor/plugins/unpacking/bneg/test/test_bneg.py diff --git a/fact_extractor/plugins/unpacking/bneg/__init__.py b/fact_extractor/plugins/unpacking/bneg/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/fact_extractor/plugins/unpacking/bneg/code/__init__.py b/fact_extractor/plugins/unpacking/bneg/code/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/fact_extractor/plugins/unpacking/bneg/code/bneg.py b/fact_extractor/plugins/unpacking/bneg/code/bneg.py new file mode 100644 index 00000000..0e9994d1 --- /dev/null +++ b/fact_extractor/plugins/unpacking/bneg/code/bneg.py @@ -0,0 +1,44 @@ +import os +import struct +from pathlib import Path + +NAME = 'Instar BNEG' +MIME_PATTERNS = ['firmware/bneg'] +VERSION = '0.1.0' +HEADER_SIZE = 20 + + +class BnegHeader: + def __init__(self, data: bytes): + ( + self.magic, + self.major_version, + self.minor_version, + *self.partitions, + ) = struct.unpack('<4sIIII', data) + + def to_dict(self): + return self.__dict__ + + +def unpack_function(file_path: str, tmp_dir: str) -> dict: + input_file = Path(file_path) + output_dir = Path(tmp_dir) + with input_file.open('rb') as fp: + header = BnegHeader(fp.read(HEADER_SIZE)) + output = [f'Found BNEG v{header.major_version}.{header.minor_version}'] + offset = HEADER_SIZE + for idx, partition in enumerate(header.partitions, start=1): + if partition: + with (output_dir / f'partition_{idx}.bin').open('wb') as fp_out: + os.sendfile(fp_out.fileno(), fp.fileno(), offset, partition) + output.append(f'Unpacked partition {idx} at offset {offset} to partition_{idx}.bin (size {partition})') + offset += partition + + return {'output': '\n'.join(output)} + + +# ----> Do not edit below this line <---- +def setup(unpack_tool): + for item in MIME_PATTERNS: + unpack_tool.register_plugin(item, (unpack_function, NAME, VERSION)) diff --git a/fact_extractor/plugins/unpacking/bneg/test/__init__.py b/fact_extractor/plugins/unpacking/bneg/test/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/fact_extractor/plugins/unpacking/bneg/test/data/test.bneg b/fact_extractor/plugins/unpacking/bneg/test/data/test.bneg new file mode 100644 index 0000000000000000000000000000000000000000..5907bcb11b9e903c97fbc9a088cac55ef99b4573 GIT binary patch literal 35 lcmZ?rb9HBAU|?VZVs;?r0OGX#{G`Mpu9DQ^5