00000000 01 01 00 01 19 48 64 62 67 61 72 65 61 00 00 00 |.....Hdbgarea...|
00000010 00 00 00 00 18 00 00 00 01 48 00 00 00 00 00 00 |.........H......|
00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000160 00 00 00 00 00 00 00 00 52 ca c0 ea de ad be af |........R.......|
00000170 00 00 00 0e 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000180 05 03 00 ad 52 c9 a4 e5 80 46 e7 50 ff ff a1 f4 |....R....F.P....|
00000190 00 00 00 19 00 00 00 00 05 03 00 d4 52 c9 a4 e5 |............R...|
000001a0 80 46 e7 50 ff ff 9e 08 00 00 00 64 80 09 89 ac |.F.P.......d....|
000001b0 04 03 00 d5 52 c9 bb 21 80 46 eb b8 ff ff a2 30 |....R..!.F.....0|
000001c0 00 09 3a c9 00 00 00 00 04 03 00 d6 52 c9 bb 21 |..:.........R..!|
000001d0 80 46 eb b8 ff ff a2 2f 00 09 3a c9 00 00 00 00 |.F...../..:.....|
000001e0 04 03 00 d7 52 c9 ba 49 80 46 eb b8 ff ff a2 35 |....R..I.F.....5|
000001f0 52 c9 ba 49 00 00 00 00 04 03 00 d8 52 c9 ba 49 |R..I........R..I|
00000410 80 46 e7 50 ff ff 9e 08 00 00 00 64 80 09 8b 3c |.F.P.......d...<|
00000420 55 55 55 55 00 00 00 00 00 00 00 00 00 00 00 00 |UUUU............|
00000430 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000006d0 00 00 00 00 55 55 55 55 00 00 00 00 80 41 00 00 |....UUUU.....A..|
000006e0 00 00 00 00 00 00 00 0e 00 00 00 00 00 00 00 01 |................|
000006f0 00 00 00 00 ff ff ff fe 00 00 ff 14 00 00 00 01 |................|
00000700 00 00 00 30 00 00 00 01 80 45 cc f0 00 00 00 01 |...0.....E......|
00000710 00 00 00 01 00 00 00 63 80 41 4c 78 00 00 00 01 |.......c.ALx....|
和
00002000 02 94 00 03 1f fc 62 6f 6f 74 00 00 00 00 00 00 |......boot......|
00002010 00 00 00 00 00 20 00 0c 01 48 73 70 74 2e 64 61 |..... ...Hspt.da|
00002020 74 00 00 00 00 00 00 00 1a b0 13 52 01 68 61 75 |t..........R.hau|
00002030 74 6f 65 78 65 63 2e 6e 65 74 00 00 01 f4 01 dc |toexec.net......|
00002040 1c 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00002050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
这里是我的
00000000 01 01 00 01 00 00 19 48 64 62 67 61 72 65 61 00 |.......Hdbgarea.|
00000010 00 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |................|
00000020 01 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.H..............|
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000150 00 00 00 00 00 00 00 05 00 00 00 01 00 00 00 02 |................|
00000160 00 00 00 03 00 00 00 01 00 00 00 00 de ad be af |................|
00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000180 03 03 00 30 38 6d 46 1a 00 00 00 18 ff ff a1 f4 |...08mF.........|
00000190 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001b0 00 00 00 00 00 00 00 00 05 03 00 5c 38 6d 46 1a |...........mF.|
000001c0 00 00 00 18 ff ff 9e 08 00 00 00 64 80 09 e0 5c |...........d...\|
000001d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000001f0 05 03 00 32 38 6d 46 2a 00 00 00 20 ff ff a1 f4 |...28mF*... ....|
00000200 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000210 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000220 00 00 00 00 00 00 00 00 04 03 00 5d 38 6d 46 2a |...........]8mF*|
00000230 00 00 00 20 ff ff a2 29 00 00 00 00 00 00 00 00 |... ...)........|
00000240 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ea0 04 03 00 2e 38 6d 45 ee 00 00 00 20 ff ff a1 f4 |....8mE.... ....|
00000eb0 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ec0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ed0 00 00 00 00 00 00 00 00 04 03 00 59 38 6d 45 ee |...........Y8mE.|
00000ee0 00 00 00 20 ff ff a2 33 00 00 00 00 00 00 00 00 |... ...3........|
00000ef0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000f10 04 03 00 5a 38 6d 45 ee 00 00 00 20 ff ff a2 2e |...Z8mE.... ....|
00000f20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000f40 00 00 00 00 00 00 00 00 03 03 00 5b 38 6d 45 f7 |...........[8mE.|
00000f50 00 00 00 15 ff ff a5 fc ff ff f4 47 80 9a e2 98 |...........G....|
00000f60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000f80 55 55 55 55 00 00 00 00 00 00 00 00 00 00 00 00 |UUUU............|
00000f90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00001b90 00 00 00 00 55 55 55 55 00 00 00 00 ff ff ff ff |....UUUU........|
00001ba0 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00001fd0 80 7a 00 00 bf c0 5f 90 80 66 00 00 00 00 00 00 |.z...._..f......|
00001fe0 80 5e 05 b4 80 40 11 c8 00 00 00 00 00 00 00 00 |.^...@..........|
00001ff0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00002000 02 c8 00 03 00 00 9f fc 62 6f 6f 74 00 00 00 00 |........boot....|
00002010 00 00 00 00 00 00 00 00 00 20 00 00 00 0c 00 00 |......... ......|
00002020 01 48 73 70 74 2e 64 61 74 00 00 00 00 00 00 00 |.Hspt.dat.......|
00002030 00 00 9a b0 00 00 3f 6c 00 00 01 68 61 75 74 6f |......?l...hauto|
00002040 65 78 65 63 2e 6e 65 74 00 00 00 00 01 f4 00 00 |exec.net........|
00002050 01 52 00 00 9c 18 00 00 00 00 00 00 00 00 00 00 |.R..............|
00002060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
如上所示,我分离了文件的某些部分,所以Binwalk在“普通”文件上说了什么LZMA标头“不正确”,无法解压缩,也许它的修改不知道,因此文件具有dbgarea,spt.dat,autoexec.net标准块,但是它是否与“修改过的” lzs相提并论?您能告诉我们吗?
RE代表“旧” rom-0
所以我看到righnt现在“无济于事”,所以我将发布整个文件,以便您可以看到整个图片
我限制在30000以内字符,所以这是文件的链接
http://pastebin.com/2X00B6rJ谁能帮助我“揭示”他们对lzs压缩所做的(更改),我想它是lzs
许多建议,欢呼
#1 楼
它使用LZS(Lempel-Ziv-Stack)压缩。我正尝试以pythonic方式提取密码,足以看一下这个shell脚本和一小段C代码:
shell + C解决方案
用python提取LZS的方法
并在同一python脚本中替换'dd'用法: >导入sys
fpos = 8568
fend = 8788
fhandle = file(fname)
fhandle.seek(fpos)
chunk =“ *”
amount = 221
而fpos
amount = fend-fpos
块= fhandle.read(amount) = len(chunk)
返回块
取rom-0,用切刀切割,然后提取结果LZS ....
#2 楼
它使用LZS(Lempel-Ziv-Stack)压缩。我正尝试以pythonic方式提取密码,足以看一下这个shell脚本和一小段C代码:
shell + C解决方案
用python提取LZS的方法
并在相同的python脚本中替换'dd'用法:取rom-0,用切刀切开,然后提取结果LZS。...
评论
自上次我玩ZynOS rom以来已经有一段时间了,但是他们通常将旧的LZMA算法用于ARM设备(取决于您要解压缩的LZMA版本可能会失败,请尝试下载+构建+使用官方LZMA版本,而不是Linux发行版随附的版本)或MIPS的BZ2版本。也许是另一回事了;抱歉,我现在不记得了:/您认为它是LZMA的修改版本还是旧版本?有趣的是,我会确定尝试的,请咨询tnx
嗯...顺便说一句,我下载了该设备的固件,但就我而言,它不是LZMA而是BZ :?是您的P-660HW-T3_340UU7C0吗?
我找不到后面的数字:D型号:P-660HW-T3 v3 ZyNOS固件版本:V3.70(BYO.0)如果您喜欢查看,可以将其发送给您
当然:joxeankoret.com/contact.html