[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
How to xmodem dump firmware over ssh -- sonicwall gpl license compliance
From: |
Karl O. Pinc |
Subject: |
How to xmodem dump firmware over ssh -- sonicwall gpl license compliance testing |
Date: |
Wed, 08 Sep 2010 14:29:01 -0500 |
Resent to list after finding out I must first subscribe.
I will now unsubscribe.
Subject: How to xmodem dump firmware over ssh -- sonicwall gpl
license compliance testing
To: tech@lists.gpl-violations.org, help@softwarefreedom.org,
compliance@fsf.org, gnu@gnu.org, gnu-misc-discuss@gnu.org, bat-
devel@binaryanalysis.org
Hello,
FYI.
This email contains a short description of a proposed technique to
do xmodem file transfers without a physical RS232 serial
connection, when only a network connection is
available. This may be useful for obtaining firmware
from embedded devices in order to test for GPL or other
FOSS license violations.
Some months ago I temporarily possessed a sonicwall firewall
appliance and after sshing in found clues that it may possibly be
running Linux, although it did not come with a GPL notice
or offer for source. (IIRC output indicated that the firmware
was compiled on an Linux system. I don't recall any more
at this time.)
The device dumped and loaded firmware using xmodem, but there
was no available documentation as to what pins were what
on the serial port. The command to load/dump firmware was
available from network access via ssh.
I fretted over how to obtain the firmware to further investigate
the licensing question and came up with the following technique.
I was unable to test this method having lost access to the
sonicwall hardware but wanted to publicly document my thoughts
in the hope that someone will someday find this helpful.
If anyone ever does an analysis of the sonicwall firmware
I would be interested in hearing the result.
Regards,
Karl <kop@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
-------------<snip>-------------
How to dump the firmware from a sonicwall.
In window 1 (make pty for minicom):
socat PTY,link=$HOME/foo,raw,nonblock,echo=0
EXEC:bash,raw,pty,nonblock,echo=0
In window 2 (start mincom, connect to sonicwall):
minicom -p $(readlink $HOME/foo) port0
ssh -l admin 192.168.168.168
In window 1 (enter password):
password
In window 2 (dump firmware):
firmware download current
In window 1 (start xmodem receive):
Ctrl-A,Z,...
- How to xmodem dump firmware over ssh -- sonicwall gpl license compliance testing,
Karl O. Pinc <=