[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
How to xmodem dump firmware over ssh -- sonicwall gpl license compliance
Karl O. Pinc
How to xmodem dump firmware over ssh -- sonicwall gpl license compliance testing
Wed, 08 Sep 2010 10:20:12 -0500
This email contains a short description of a proposed technique to
do xmodem file transfers without a physical RS232 serial
connection, when only a network connection is
available. This may be useful for obtaining firmware
from embedded devices in order to test for GPL or other
FOSS license violations.
Some months ago I temporarily possessed a sonicwall firewall
appliance and after sshing in found clues that it may possibly be
running Linux, although it did not come with a GPL notice
or offer for source. (IIRC output indicated that the firmware
was compiled on an Linux system. I don't recall any more
at this time.)
The device dumped and loaded firmware using xmodem, but there
was no available documentation as to what pins were what
on the serial port. The command to load/dump firmware was
available from network access via ssh.
I fretted over how to obtain the firmware to further investigate
the licensing question and came up with the following technique.
I was unable to test this method having lost access to the
sonicwall hardware but wanted to publicly document my thoughts
in the hope that someone will someday find this helpful.
If anyone ever does an analysis of the sonicwall firmware
I would be interested in hearing the result.
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
How to dump the firmware from a sonicwall.
In window 1 (make pty for minicom):
In window 2 (start mincom, connect to sonicwall):
minicom -p $(readlink $HOME/foo) port0
ssh -l admin 192.168.168.168
In window 1 (enter password):
In window 2 (dump firmware):
firmware download current
In window 1 (start xmodem receive):