I am searching for security vulnerabilities in the firmware of this router, its architecture is mips. I have successfully unpacked the file system. I would like to disassemble the http daemon, located at /usr/sbin/httpd. How can I disassemble this program and run it in spim?
Asked
Active
Viewed 1.2k times
4
4 Answers
5
You can give a try to radare2. It has a pretty complete support for MIPS, and provides a lot functionalities to help during the reversing process.
jvoisin
- 2,516
- 16
- 23
-
Can you please tell me how? I'm new to reversing. – 0xcaff Apr 08 '14 at 19:39
-
I have been attempting to use radare2 for MIPS, and it was pretty dodgy (not analysing MIPSEL code, etc.) until I submitted several patches, so use a recent github version – 6EQUJ5 Jun 04 '14 at 05:42
5
I would like to second the suggestion of QEMU.
Craig has a post describing how to debug a MIPS binary running in QEMU using IDA:
http://www.devttys0.com/2011/09/exploiting-embedded-systems-part-3/
(you can also use GDB or another debugger speaking the GDB protocol)
Igor Skochinsky
- 36,553
- 7
- 65
- 115
-
All of these are such good answers I don't know which one to accept! Thank you all for helping me out :D – 0xcaff Apr 09 '14 at 13:50
-
4
Are you sure that you need spim ?
I'd suggest to use qemu instead of spim for emulation, radare2 for disassembly as @jvoisin mentioned and
retargetable decompiler for decompilation if you really need it.
w s
- 8,458
- 1
- 24
- 40
0
Regarding the disassembling part, you may want to check JEB (version >= 2.3.0), which provides advanced disassembly and decompilation of MIPS 32-bit code.
The MIPS debugger is only available for Android Linux though, so you won't be able to debug your program using this tool.
There is a demo available on PNF Software's website.
Nick
- 103
- 3