adi0x90 / attifyos Goto Github PK

Here's the error message

Could not create the imported medium

VMDK: Compressed image is corrupted '

Cant login to the Vm I got from the usrl http://tinyurl.com/attifyos
tried attify and attify123 also AtiffyOS all donot let me log in.
Does anyone have the login credentials for this vm?
you can mailme at [email protected]
many thanks
Adrian

I want to install some new software and need root password but I don’t know. Can you tell me? Thank you

Would you please add the links for Older versions also.
Attify oS V1.0 or v2.0.
Where can I get that?

OS: AttifyOS
Device: ApiMote v4

While opening the Attify Zigbee Framework in order to connect my Apimote device I try to open settings but nothing happens. Any clues? Thank you.

I am getting wrong password at login.
Yes, I did check twice that the password typed is attify123

Maybe the password got updated respect the README?

hi ,adi
i received the error like this when i emulated Dlink using fat tool.
sudo ./fat.py

Welcome to the Firmware Analysis Toolkit - v0.1
Offensive IoT Exploitation Training  - http://offensiveiotexploitation.com
By Attify - https://attify.com  | @attifyme

Enter the name or absolute path of the firmware you want to analyse : new-firmware.bin
Enter the brand of the firmware : Dlink
new-firmware.bin
Now going to extract the firmware. Hold on..
/home/oit/tools/fat//sources/extractor/extractor.py -b Dlink -sql 127.0.0.1 -np -nk "new-firmware.bin" images
test
The database ID is 1
Getting image type
Password for user firmadyne:
Found image type of mipsel
Putting information to database
Traceback (most recent call last):
File "/home/oit/tools/fat//scripts/tar2db.py", line 100, in
main()
File "/home/oit/tools/fat//scripts/tar2db.py", line 97, in main
process(iid, infile)
File "/home/oit/tools/fat//scripts/tar2db.py", line 77, in process
insertObjectToImage(iid, file2oid, links, cur)
File "/home/oit/tools/fat//scripts/tar2db.py", line 57, in insertObjectToImage
for x in files2oids])
psycopg2.IntegrityError: duplicate key value violates unique constraint "object_to_image_oid_iid_filename_key"
DETAIL: Key (oid, iid, filename)=(1, 1, /lib/iptables/libipt_NETMAP.so) already exists.

Already done earlier
Creating Image
Executing command

sudo /home/oit/tools/fat//scripts/makeImage.sh 1
Password for user firmadyne:
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0xee73a908.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
Building a new DOS disklabel with disk identifier 0x4b6f8148.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
mke2fs 1.42.9 (4-Feb-2014)
Please check the makeImage function
Everything is done for the image id 1
Setting up the network connection
Password for user firmadyne:
qemu: terminating on signal 2 from pid 4836
Querying database for architecture... mipsel
Running firmware 1: terminating after 60 secs...
Inferring network...
Interfaces: []
Done!

Running the firmware finally :
/home/oit/tools/fat//scratch/1/run.sh: line 15: $1: unbound variable
Traceback (most recent call last):
File "./fat.py", line 113, in
main()
File "./fat.py", line 109, in main
final_run(image_id)
File "./fat.py", line 89, in final_run
print subprocess.check_output(final_run_cmd, shell=True)
File "/usr/lib/python2.7/subprocess.py", line 573, in check_output
raise CalledProcessError(retcode, cmd, output=output)
subprocess.CalledProcessError: Command 'sudo /home/oit/tools/fat//scratch/1/run.sh' returned non-zero exit status 1

i tried sudo ./reset.sh and then ./fat.py still failed.
how can i solve the problem ?
thank u for ur time.

Dear owner:
I tried to unzip the files after download it from Google Drive, but it asked for password to unzip the files. Could you tell me what is the password for unzipping

hello i try convert file to vhdx but didn't work got some error
thank you

Is there an iso Image for the OS? Im trying to install on M2 Mac and the ova file is not working.

thanks a lot.

When I try to use killerbee I'm getting some error messages:

iot@attifyos ~/t/k/tools> sudo zbid
Dev Product String Serial Number
3:6 KILLERB001 FFFFFFFFFFFF

iot@attifyos ~/t/k/tools> sudo zbstumbler -v
Warning: You are using pyUSB 1.x, support is in beta.
zbstumbler: Transmitting and receiving on interface '3:6'
Setting channel to 11.
Transmitting beacon request.
Traceback (most recent call last):
File "/usr/local/bin/zbstumbler", line 4, in
import('pkg_resources').run_script('killerbee==2.7.1', 'zbstumbler')
File "/home/iot/.local/lib/python2.7/site-packages/pkg_resources/init.py", line 666, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/home/iot/.local/lib/python2.7/site-packages/pkg_resources/init.py", line 1460, in run_script
exec(script_code, namespace, namespace)
File "/usr/local/lib/python2.7/dist-packages/killerbee-2.7.1-py2.7-linux-x86_64.egg/EGG-INFO/scripts/zbstumbler", line 199, in

File "build/bdist.linux-x86_64/egg/killerbee/init.py", line 358, in pnext
File "build/bdist.linux-x86_64/egg/killerbee/dev_rzusbstick.py", line 546, in pnext
File "build/bdist.linux-x86_64/egg/killerbee/dev_rzusbstick.py", line 385, in sniffer_on
File "build/bdist.linux-x86_64/egg/killerbee/dev_rzusbstick.py", line 355, in _open_stream
File "build/bdist.linux-x86_64/egg/killerbee/dev_rzusbstick.py", line 334, in __usb_write
Exception: Error: Semantical Error

Can you script-ify the process to create the VM? It would be easier for everyone.

P.S: To reduce the VM size you could create a new disk and sync the contents with rsync, then remove the original one.

Hi,

I have recently installed AttifyOS for practice but when I launch the appliance it is not able to get IP address from DHCP. All other VM running on my machine get the IP address in both Bridge and NAT but none of them work for AttifyOS. Also every time when VM is started I get the message on the terminal that zsh_history is corrupted. I tried to fix this issue but when I restarted the VM the issue was still there and because of this issue I was not able to run basic commands like ifconfig.
Request you to please advise

Shrunk your AppSec beta VM to under 4GB, which would let you forgo the ZIP mess and keep fat32.

Here's how:
#remove old kernels
sudo apt purge linux-generic-lts-wily linux-headers-4.2.0-42 linux-headers-4.2.0-42-generic linux-headers-generic-lts-wily linux-image-4.2.0-42-generic linux-image-extra-4.2.0-42-generic linux-image-generic-lts-wily linux-headers-4.4.0-83 linux-headers-4.4.0-83-generic linux-image-4.4.0-83-generic linux-image-extra-4.4.0-83-generic
#cleanup apt package cache
sudo apt-get clean

#cleanup RVM
sudo -i rvm cleanup all

#empty filemanager trash
#(do this in the filemanager GUI)

Then, shutdown the VM and boot into a live CD. I use the xubuntu cd, use what you like

In the live CD, run the following:
sudo apt-get install zerofree
sudo zerofree /dev/sda1

#run checkdisk to make sure filesystem is OK
sudo fsck -f /dev/sda1

#clean up swap
sudo blkid /dev/sda5 #note UUID for later
sudo swapoff -a && sudo dd if=/dev/zero of=/dev/sda5 bs=512
sudo mkswap /dev/sda5 -U UUID-FROM_ABOVE_HERE

Then shutdown the livecd session and export your VM however you normally do. Between unnecessary files being cleaned up and the empty parts of the filesystem and swap being zeroed out, the ova exports about 1/2 the size.

Hi Adi,

I have a problem when emulating a firmware, i receive this error, i did reset.sh as advised in another post but problem still exist

sudo python fat.py

Welcome to the Firmware Analysis Toolkit - v0.1
Offensive IoT Exploitation Training  - http://offensiveiotexploitation.com
By Attify - https://attify.com  | @attifyme

Enter the name or absolute path of the firmware you want to analyse : /home/oit/Desktop/TE/HG8245HV300R018C00SPC108_common_all.bin
Enter the brand of the firmware : huawei
/home/oit/Desktop/TE/HG8245HV300R018C00SPC108_common_all.bin
Now going to extract the firmware. Hold on..
/home/oit/tools/fat//sources/extractor/extractor.py -b huawei -sql 127.0.0.1 -np -nk "/home/oit/Desktop/TE/HG8245HV300R018C00SPC108_common_all.bin" images
test
The database ID is 1
Getting image type
Password for user firmadyne:
Found image type of armel
Putting information to database
Tar2DB
Creating Image
Executing command

sudo /home/oit/tools/fat//scripts/makeImage.sh 1
Password for user firmadyne:
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0xa5dd6c4f.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
Building a new DOS disklabel with disk identifier 0x5ceea72e.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
mke2fs 1.42.9 (4-Feb-2014)
mknod: /dev/null: File exists
mknod: /dev/zero: File exists
mknod: /dev/tty: File exists
mknod: /dev/console: File exists
Please check the makeImage function
Everything is done for the image id 1
Setting up the network connection
Password for user firmadyne:
qemu: terminating on signal 2 from pid 6589
Querying database for architecture... armel
Running firmware 1: terminating after 60 secs...
Inferring network...
Interfaces: []
Done!

Running the firmware finally :
sudo: /home/oit/tools/fat//scratch/1/run.sh: command not found
Traceback (most recent call last):
File "fat.py", line 113, in
main()
File "fat.py", line 109, in main
final_run(image_id)
File "fat.py", line 89, in final_run
print subprocess.check_output(final_run_cmd, shell=True)
File "/usr/lib/python2.7/subprocess.py", line 573, in check_output
raise CalledProcessError(retcode, cmd, output=output)
subprocess.CalledProcessError: Command 'sudo /home/oit/tools/fat//scratch/1/run.sh' returned non-zero exit status 1

I have tried this OS and it contains a lot of useful tools but all of them are obsolete and the entire system is out of date.
I think it would be nice to create a brand new one based on the latest Ubuntu to get the project up and fresh again.

People download the OS because they just want to use the tools out-of-the-box, it would be a pain in the butt if the tools needs to be configured over and over again.

For example, fat.py has the wrong configuration.

Please double check the tool configurations and make sure the tools you've put there are actually WORKING before releasing future OS versions.

The spiflash.py script does not work due to the program not being compiled yet. Please compile the binary.

I can't find Firmware-Mod-Kit (FMK) in /home/iot/Desktop/tools, where is the tool located?

Unable to download the attifyos form the links provide. it says the site cannot be reached.

AttifyOS v3.0 failed in emulating dlink using firmadyne（cannot get the IP address）

My English is not good, please forgive me

Questions are as follows

Excuting an order“./scripts/inferNetwork.sh 1 mipseb” it cannot get the IP address in AttifyOS v3.0

Excuting an order“./scripts/inferNetwork.sh 1” it can get the IP address in AttifyOS v1.3

AttifyOS v3.0

root@attifyos:/home/iot/tools/firmware-analysis-toolkit/firmadyne# ./scripts/inferNetwork.sh 1 
Querying database for architecture... Password for user firmadyne: 

Error: Unable to lookup architecture. Please specify {armel,mipseb,mipsel} as the second argument!
root@attifyos:/home/iot/tools/firmware-analysis-toolkit/firmadyne# ./scripts/inferNetwork.sh 1 mipseb
Running firmware 1: terminating after 60 secs...
qemu-system-mips: terminating on signal 2 from pid 25865 (timeout)
Inferring network...
Interfaces: []
Done!
root@attifyos:/home/iot/tools/firmware-analysis-toolkit/firmadyne#

AttifyOS v1.3

root@ubuntu:/home/oit/tools/firmadyne# ./scripts/inferNetwork.sh 1
Querying database for architecture... Password for user firmadyne: 
mipseb
Running firmware 1: terminating after 60 secs...
qemu: terminating on signal 2 from pid 23578
Inferring network...
Interfaces: [('br0', '192.168.0.1')]
Done!
root@ubuntu:/home/oit/tools/firmadyne# ./scratch/1/run.sh
Creating TAP device tap1...
Set 'tap1' persistent and owned by uid 0
Bringing up TAP device...
Adding route to 192.168.0.1...
Starting emulation of firmware... Done!
The emulated firmware may not be accessible while booting.
Press any key to destroy the network and shutdown emulation.

Dlink version

DIR850LA1_FW114b07WW.bin
ftp://ftp2.dlink.com/PRODUCTS/DIR-850L/REVA/

Looking forward to your reply
@adi0x90 @adi0x90

The file app-device-communication.pcap is not contained in the image as part of the lab files.

Hi Adi,

Could you please advise, for the below issue:

/home/oit/tools/firmadyne [git::master *] [oit@ubuntu] [3:22]

sudo ./fat.py

Welcome to the Firmware Analysis Toolkit - v0.1
Offensive IoT Exploitation Training  - http://offensiveiotexploitation.com
By Attify - https://attify.com  | @attifyme

Enter the name or absolute path of the firmware you want to analyse : WNAP320_V3.6.9.0_firmware.tar
Enter the brand of the firmware : Netgear
WNAP320_V3.6.9.0_firmware.tar
Now going to extract the firmware. Hold on..
/home/oit/tools/firmadyne/sources/extractor/extractor.py -b Netgear -sql 127.0.0.1 -np -nk "WNAP320_V3.6.9.0_firmware.tar" images
test
The database ID is 2
Getting image type
Password for user firmadyne:
Found image type of mipseb
Putting information to database
Traceback (most recent call last):
File "/home/oit/tools/firmadyne/scripts/tar2db.py", line 100, in
main()
File "/home/oit/tools/firmadyne/scripts/tar2db.py", line 97, in main
process(iid, infile)
File "/home/oit/tools/firmadyne/scripts/tar2db.py", line 77, in process
insertObjectToImage(iid, file2oid, links, cur)
File "/home/oit/tools/firmadyne/scripts/tar2db.py", line 57, in insertObjectToImage
for x in files2oids])
psycopg2.IntegrityError: duplicate key value violates unique constraint "object_to_image_oid_iid_filename_key"
DETAIL: Key (oid, iid, filename)=(1183, 2, /home/www/help/help_PacketCapture.html) already exists.

Already done earlier
Creating Image
Executing command

sudo /home/oit/tools/firmadyne/scripts/makeImage.sh 2
Password for user firmadyne:
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0xa9812e5c.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
Building a new DOS disklabel with disk identifier 0x9665c0af.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
mke2fs 1.42.9 (4-Feb-2014)
/dev/mapper/loop0p1 is mounted; will not make a filesystem here!
Please check the makeImage function
Everything is done for the image id 2
Setting up the network connection
Password for user firmadyne:
qemu: terminating on signal 2 from pid 5672
Querying database for architecture... mipseb
Running firmware 2: terminating after 60 secs...
Inferring network...
Interfaces: []
Done!

Running the firmware finally :
sudo: /home/oit/tools/firmadyne/scratch/2/run.sh: command not found
Traceback (most recent call last):
File "./fat.py", line 113, in
main()
File "./fat.py", line 109, in main
final_run(image_id)
File "./fat.py", line 89, in final_run
print subprocess.check_output(final_run_cmd, shell=True)
File "/usr/lib/python2.7/subprocess.py", line 573, in check_output
raise CalledProcessError(retcode, cmd, output=output)
subprocess.CalledProcessError: Command 'sudo /home/oit/tools/firmadyne/scratch/2/run.sh' returned non-zero exit status 1

/home/oit/tools/firmadyne [git::master *] [oit@ubuntu] [3:25]