Binwalk Review

Introduction

Binwalk can be consider as a tools for searching any binary image that will used for identifying any embedded files and executable code that resides inside the firmware. Binwalk is an tools that compatible with magic signatures which uses the libmagic library.

An image of files that compressed with firmware header, Linux Kernels and filesystems will be used from a custom magic signature where the tools are been used by Binwalk. Kali Linux Operating System should have Binwalk tools included but for those tools not installed in Kali Linux can install it via typing the command such as sudo apt-get install binwalk

Guideline of tool usage

What we need to do before running the tools would be starting your Kali Linux Operating System. After the OS is fully started, let go and run the tools by typing binwalk -h

The command above is normally used for getting a clue on what argument should we insert with the actual command. In my case, I would like to see the file signature using binwalk by running the command such as below:

binwalk -B <filename>

From the screenshot, we can see the Hexadecimal of the file that been analyze.

Another useful binwalk command would be binwalk -E <filename> and the result’s output will look something as below:

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *