Discussion:
Clone a block device using 'cat'
(too old to reply)
Foxtrot Mike via arch-general
2017-12-15 19:37:19 UTC
Permalink
Raw Message
Note: This is not an Arch related question. I tried asking this question elsewhere, but didnt get any useful response. In the past I have received very helpful responses on this mail list so I am posting this here in the hope that someone would be willing/able to help me out.

Hi,

I am able to telnet into a router that's running a customized linux firmware. It was compiled using 'buildroot'.

I was able to dig out some specs of the router. I intend to clone the router's firmware for further study. 'dd' is not available so I tried using cat to throw the entire contents of the flash drive (mtdblock0) to my pc using netcat:

Router:
cat /dev/mtdblock0 | nc ip port

PC:
nc -lp port > routerFirmware

Then on my PC I used 'binwalk' to examine the downloaded file. The result is:

DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
0 0x0 Squashfs filesystem, little endian, non-standard signature, version 4.0, compression:gzip, size: xxxxxxx bytes, xxx inodes, blocksize: xxxxxx bytes, created: xxxx-xx-xx xx:xx:xx

Seems good so far. But '# unsquash routerFlash' results in:

Can't find a SQUASHFS superblock on routerFlash

The most probable reason I think is that 'cat' and 'nc' are not able to clone the entire flash as I intend. I am stuck here. Any help would be appreciated!

Reg
Maciek Borzecki via arch-general
2017-12-15 20:03:17 UTC
Permalink
Raw Message
On Fri, Dec 15, 2017 at 8:37 PM, Foxtrot Mike via arch-general
Post by Foxtrot Mike via arch-general
Note: This is not an Arch related question. I tried asking this question elsewhere, but didnt get any useful response. In the past I have received very helpful responses on this mail list so I am posting this here in the hope that someone would be willing/able to help me out.
Hi,
I am able to telnet into a router that's running a customized linux firmware. It was compiled using 'buildroot'.
cat /dev/mtdblock0 | nc ip port
nc -lp port > routerFirmware
DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
0 0x0 Squashfs filesystem, little endian, non-standard signature, version 4.0, compression:gzip, size: xxxxxxx bytes, xxx inodes, blocksize: xxxxxx bytes, created: xxxx-xx-xx xx:xx:xx
Can't find a SQUASHFS superblock on routerFlash
The most probable reason I think is that 'cat' and 'nc' are not able to clone the entire flash as I intend. I am stuck here. Any help would be appreciated!
It's possible that squashfs used to build the image carried some
vendor modifications. Is not that uncommon actually. You can try your
luck with: https://github.com/devttys0/sasquatch or
https://github.com/rampageX/firmware-mod-kit

Cheers,
--
Maciek Borzecki
Foxtrot Mike via arch-general
2017-12-16 11:03:05 UTC
Permalink
Raw Message
Post by Maciek Borzecki via arch-general
On Fri, Dec 15, 2017 at 8:37 PM, Foxtrot Mike via arch-general
Post by Foxtrot Mike via arch-general
Note: This is not an Arch related question. I tried asking this question elsewhere, but didnt get any useful response. In the past I have received very helpful responses on this mail list so I am posting this here in the hope that someone would be willing/able to help me out.
Hi,
I am able to telnet into a router that's running a customized linux firmware. It was compiled using 'buildroot'.
cat /dev/mtdblock0 | nc ip port
nc -lp port > routerFirmware
DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
0 0x0 Squashfs filesystem, little endian, non-standard signature, version 4.0, compression:gzip, size: xxxxxxx bytes, xxx inodes, blocksize: xxxxxx bytes, created: xxxx-xx-xx xx:xx:xx
Can't find a SQUASHFS superblock on routerFlash
The most probable reason I think is that 'cat' and 'nc' are not able to clone the entire flash as I intend. I am stuck here. Any help would be appreciated!
It's possible that squashfs used to build the image carried some
vendor modifications. Is not that uncommon actually. You can try your
luck with: https://github.com/devttys0/sasquatch or
https://github.com/rampageX/firmware-mod-kit
Cheers,
Thanks a lot for the very helpful pointer. I got it working with
sasquatch. Turns out the file is actually compressed with lzma, not gzip
as wa

Loading...