关于路由器漏洞利用，qemu环境搭建，网络配置的总结

FAT 搭建的坑

1 先按照官方步骤进行，完成后进行如下步骤

2 修改

1. move /firmadyne into /firmware-analysis-toolkit
2. navigate to the Firmadyne folder and execute "sudo ./download.sh" (seems like I missed this step when setting up Firmadyne)
3. move fat.py and reset.py into Firmadyne folder
4. modify the firmadyne_path (in fat.py) and FIRMWARE_DIR (in firmadyne.config) to the current path of Firmadyne.

---

mipsel-linux-gcc 编译大端程序

mipsel-linux-gcc demo.c -EB -c -static -o demo1

mipsel-linux-ld demo1 -EB -o demo

若是编译成共享库的话，两步都要加上 -shared 参数

---

qemu system 环境搭建，网络配置

1 下载

https://people.debian.org/~aurel32/qemu/mips/

2 配置网络

sudo tunctl -t tap0

sudo ifconfig tap0 10.0.0.1/24

 

3 进入虚拟机配置网络

sudo qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0" -netdev tap,id=tapnet,ifname=tap0,script=no -device rtl8139,netdev=tapnet -nographic

 

ifconfig eth0 10.0.0.2/24 up

 

4 进入虚拟机后

mount -o bind /dev ./squashfs-root/dev/

mount -t proc /proc/ ./squashfs-root/proc/ 

chroot squashfs-root sh

然后分析程序，手动启动程序

---

qemu system 网络配置虚拟机通外网

1

sudo tunctl -t br0

sudo ifconfig br0 10.0.0.1/24

 

sudo brctl addbr virbr0

sudo brctl addif virbr0 ens33

sudo brctl addif virbr0 br0

 

2 在/etc/network/interfaces 加入

auto virbr0

iface virbr0 inet dhcp

  bridge_ports eth0 

 

3 启动虚拟机

sudo qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0" -netdev tap,id=tapnet,ifname=br0,script=no -device rtl8139,netdev=tapnet -nographic