Windows中如何安装和使用binwalk

文章目录

binwalk安装
使用快捷方式打开binwalk(方便使用
binwalk使用

Binwalk是用于搜索给定二进制镜像文件以获取嵌入的文件和代码的工具。具体来说，它被设计用于识别嵌入固件镜像内的文件和代码。

Binwalk使用libmagic库，因此它与Unix文件实用程序创建的魔术签名兼容。 Binwalk还包括一个自定义魔术签名文件，其中包含常见的诸如压缩/存档文件，固件头，Linux内核，引导加载程序，文件系统等的固件映像中常见文件的改进魔数签名

binwalk安装

binwalkGitHub项目地址：https://github.com/ReFirmLabs/binwalk

下载完成后进入binwalk文件夹，然后运行：

python .\setup.py install

然后在Python的Scrtips目录里面可以看到生成了一个：binwalk文件

python binwalk [文件路径]

使用快捷方式打开binwalk(方便使用

)
为了方便使用，如果每次使用binwalk都要找这个Scripts目录，岂不是有点烦，所以在桌面创建一个cmd快捷方式指定到这个目录即可，这样每次使用就只需要在桌面点击binwalk的cmd命令终端即可

首先在桌面右键创建一个快捷方式，

C:\Windows\System32\cmd.exe

然后点击Next下一步

名字就叫Binwalk
点击Finish完成后，右键属性，修改起始位置Start in为你的PythonScripts目录

然后就完成了，要使用binwalk的时候点击这个Binwalk就可以了

binwalk使用

D:\Python\Python3\Scripts>python binwalk -hBinwalk v2.2.0-dcc8e86
Craig Heffner, ReFirmLabs
https://github.com/ReFirmLabs/binwalkUsage: binwalk [OPTIONS] [FILE1] [FILE2] [FILE3] ...Signature Scan Options:-B, --signature              Scan target file(s) for common file signatures-R, --raw=<str>              Scan target file(s) for the specified sequence of bytes-A, --opcodes                Scan target file(s) for common executable opcode signatures-m, --magic=<file>           Specify a custom magic file to use-b, --dumb                   Disable smart signature keywords-I, --invalid                Show results marked as invalid-x, --exclude=<str>          Exclude results that match <str>-y, --include=<str>          Only show results that match <str>Extraction Options:-e, --extract                Automatically extract known file types-D, --dd=<type[:ext[:cmd]]>  Extract <type> signatures (regular expression), give the files an extension of <ext>, and execute <cmd>-M, --matryoshka             Recursively scan extracted files-d, --depth=<int>            Limit matryoshka recursion depth (default: 8 levels deep)-C, --directory=<str>        Extract files/folders to a custom directory (default: current working directory)-j, --size=<int>             Limit the size of each extracted file-n, --count=<int>            Limit the number of extracted files-r, --rm                     Delete carved files after extraction-z, --carve                  Carve data from files, but don't execute extraction utilities-V, --subdirs                Extract into sub-directories named by the offsetEntropy Options:-E, --entropy                Calculate file entropy-F, --fast                   Use faster, but less detailed, entropy analysis-J, --save                   Save plot as a PNG-Q, --nlegend                Omit the legend from the entropy plot graph-N, --nplot                  Do not generate an entropy plot graph-H, --high=<float>           Set the rising edge entropy trigger threshold (default: 0.95)-L, --low=<float>            Set the falling edge entropy trigger threshold (default: 0.85)Binary Diffing Options:-W, --hexdump                Perform a hexdump / diff of a file or files-G, --green                  Only show lines containing bytes that are the same among all files-i, --red                    Only show lines containing bytes that are different among all files-U, --blue                   Only show lines containing bytes that are different among some files-u, --similar                Only display lines that are the same between all files-w, --terse                  Diff all files, but only display a hex dump of the first fileRaw Compression Options:-X, --deflate                Scan for raw deflate compression streams-Z, --lzma                   Scan for raw LZMA compression streams-P, --partial                Perform a superficial, but faster, scan-S, --stop                   Stop after the first resultGeneral Options:-l, --length=<int>           Number of bytes to scan-o, --offset=<int>           Start scan at this file offset-O, --base=<int>             Add a base address to all printed offsets-K, --block=<int>            Set file block size-g, --swap=<int>             Reverse every n bytes before scanning-f, --log=<file>             Log results to file-c, --csv                    Log results to file in CSV format-t, --term                   Format output to fit the terminal window-q, --quiet                  Suppress output to stdout-v, --verbose                Enable verbose output-h, --help                   Show help output-a, --finclude=<str>         Only scan files whose names match this regex-p, --fexclude=<str>         Do not scan files whose names match this regex-s, --status=<int>           Enable the status server on the specified port