https://github.com/anki/security-afat

Anki - Firmware Analyzer Tool: Script for searching the extracted or mounted firmware file system for items of interest
https://github.com/anki/security-afat

Last synced: 11 months ago
JSON representation

Anki - Firmware Analyzer Tool: Script for searching the extracted or mounted firmware file system for items of interest

• Host: GitHub
• URL: https://github.com/anki/security-afat
• Owner: anki
• Created: 2018-05-11T02:51:06.000Z (about 8 years ago)
• Default Branch: master
• Last Pushed: 2018-05-11T03:07:54.000Z (about 8 years ago)
• Last Synced: 2025-04-26T22:34:16.632Z (about 1 year ago)
• Language: Shell
• Homepage:
• Size: 5.86 KB
• Stars: 4
• Watchers: 52
• Forks: 11
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# afat (Anki - Firmware Analyzer Tool)

Script for searching the extracted or mounted firmware file system for items of interest such as:

* etc/shadow and etc/passwd

* list out the etc/ssl directory

* search for SSL and private keys e.g. .pem, .crt, etc.

* search for configuration files

* look for script files

* search for other .bin .fw files

* look for keywords such as admin, password, remote, etc.

* search for common web servers 

* search for common binaries such as ssh, tftp, adbd, dropbear, etc.

* search for URLs, email addresses and IP addresses

* Experimental support for making calls to the Shodan API using the Shodan CLI

## Usage

1 make a tmp directory to mount root filesystem `$ mkdir fsmount`

2 mount image `$ sudo mount -o loop /home/tt/apq8009-robot-sysfs.img fsmount/`

3 Run afat `$ sudo ./afat.sh fsmount/`

4 Review log file with afat stamp

* If you wish to use the static code analysis portion of the script, please install eslint: `npm i -g eslint`

* `./afat path to root file system`

## How to extend

* Have a look under 'data' where the checks live or add eslint rules - http://eslint.org/docs/rules/ to eslintrc.json