zcutlip/nvram-faker zcutlip/nvram-faker

  • Stars
    star
    216
  • Rank 182,150 (Top 4 %)
  • Language
    C
  • License
    Other
  • Created about 11 years ago
  • Updated over 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
zcutlip/nvram-faker
github

zcutlip

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A simple library to intercept calls to libnvram when running embedded linux applications in emulated environments.

nvram-faker

When using emulation to run an application found in an embedded Linux firmware, such as a wireless router's web server, one of the main problems encountered is the application attempting to source NVRAM for configuration parameters. A common library, libnvram.so, is often used in embedded Linux to abstract access to NVRAM. This provides nvram_get() and nvram_set() functions to get and set configuration parameters. The calls to nvram_get() will fail, since the emulated environment has no NVRAM. Without configuration parameters the target application will likely fail to run.

nvram-faker is a simple library to intercept calls to libnvram using LD_PRELOAD. By providing sane values in an INI-style NVRAM configuration file you can answer queries to NVRAM, enabling the application to start up and run.

BUILDING

There should be no external dependencies. I have tested building in Ubuntu Linux.

You can build the shared library, libnvram-faker.so, simply by typing make. However, you'll almost certainly want to cross-compile for your target architecture. For convenience, I've provided shell scripts for building on big and little endian MIPS, since these are the most common architectures I work with. The shell scripts set up your toolchain variables such as $CC to point to your cross-compilation tools, if they're in your $PATH. If you need to cross compile with other architectures, such as ARM, this shouldn't be too hard to set up.

USING

Put libnvram-faker.so somewhere in your firmware's extracted filesystem. Edit nvram.ini and put it in the root of the firmware's filesystem. If you want to put the configuration file somewhere else, define INI_FILE_PATH at compile time however you like[1]. Set the LD_PRELOAD environment variable to load the library.

Every nvram query and the answer returned will be printed to standard output. If the answer is not found, NULL is returned by nvram_get and the query is printed to the console in red, so it will easy to notice.

The library currently does not support calls to nvram_set().

ACKNOWLEDGMENTS

I shamelessly aped this idea from Craig Heffner [email protected], (@devttyS0 on Twitter). I improved on it by adding support for INI configuration and colorized console output.

INI support is provided by this excellent project, which I have included in this source tree.

[1] You can export a CFLAGS environment variable on the command line to do this.

More Repositories

1

prefsniff

A utility to sniff preferences changes to macOS plist files
Python
213
star
2

bowcaster

Python
138
star
3

exploit-poc

Proof-of-Concept code for exploits
Python
81
star
4

gdbinit-mips

A gdbinit file that makes gdb much more usable for MIPS debugging.
39
star
5

crossbow

Crossbow is a lightweight, cross platform exploit development framework implemented in Python. Currently, Crossbow's focus is on MIPS Linux systems.
Python
32
star
6

pyonepassword

A python API to query a 1Password account using the 'op' command-line tool
Python
32
star
7

broken_abandoned

Example code for following along with my "Broken, Abandoned, and Forgotten Code" blog series
Python
25
star
8

dropbear-hacks

A fork of the dropbear SSH server with special hacks for running on minimal embedded systems.
C
19
star
9

py-dwarf-parser

A Python module to parse DWARF debugging data
Python
6
star
10

exploit-tools

Exploit development tools
Python
6
star
11

firmware-parsing

Modules to support parsing of firmware headers, etc.
Python
4
star
12

make_c_program

A utility to create a simple C source file with a `main()` and open it in an editor.
Python
3
star
13

py-singleton-metaclasses

A package of python metclasses for implementing singleton and related patterns.
Shell
3
star
14

py-object-file

Parsers for executable and library object files
Python
2
star
15

mock-cli-framework

A framework that can be called from a short Python console script to simulate the responses of an actual command-line tool.
Python
1
star
16

basic-data-structures

C library for basic data structures
C
1
star
17

rpi-fan-control

A python fan control utility for Linux on RPi
Python
1
star
18

py-obj-file-util

Python
1
star
19

video-encoding

Wrapper for Don Melton's video transcoding project, to automate batch encoding videos
Python
1
star
20

MouseCenter

Hammerspoon spoon for re-centering your mouse pointer
Lua
1
star
21

resume

1
star
22

rwl

Technical reading I wish I had time for.
Python
1
star
23

configure-with-sudo

A Python module to handle executing system commands using sudo
Python
1
star
24

easy-html-table

Python
1
star
25

ScreenLock

A Mac app to lock your screen on demand
Objective-C
1
star
26

mtdwriter

Utility from OpenWRT to write a flat image to a /dev/mtd flash memory device.
C
1
star