Jump to content

Miko

Recommended Posts

Hi to everyone,



I was just looking through the latest upgrade release for the Pineapple Nano, and what I found was possibly a cause for concern.



I was using the Hex editor wxHexEditor easily downloadable or installable through kali linux. Its a GUI editor so its easy to read and use.



I dont profess to know loads about code but was thinking of possibly giving it a go in trying to re-engineer this code with better code at some point in the future.




I was a bit dismayed and taken aback when I used the Disassembler panel feature to find that a lot of the code seems to have invalid instruction flagged!!



I dont know whether this is in anyway some kind of normal for so much code or is there something to be alarmed about ?



This may explain the reasons why so many Pineapple users are witnessing extraneous problems with their nano Pineapples.



Please see the printscreen uploads taken of the editor with disassembler on the far right.



 



Best,



Miko



 



 


Screenshot from 2017-06-08 17-42-18_2nd.png

Screenshot from 2017-06-08 17-26-36_3rd.png

Link to comment
Share on other sites

I haven't disassembled anything, but to my understanding it is just trying to guess what the code is doing.  There could be obfuscation they did to protect it against disassembly or partial code that isn't being used/hasn't been actually implemented yet, or it could just be it's making bad guesses.  Since it's not open source you can't compare, but maybe try something that is open sourced first and compare/learn about disassembly first then move on to "trying to re-engineer this code with better code at some point in the future".

You may want to try a different disassembler as well.  I believe IDA Pro (they have an old version that is freeware or a demo version as well) is the industry standard but this stack-exchange question has some other alternatives listed out as well: https://reverseengineering.stackexchange.com/questions/1817/is-there-any-disassembler-to-rival-ida-pro

Like I said I haven't disassembled anything from Hak5 myself and I've only done brief tests to see how well the obfuscator I have for my dotNet programs performed against a novice (myself) attempt to look at the source code.  This is just some of the info I learned along the way of doing that.

<rant>I really doubt this would have anything to do with any issues people may have on the pineapple.  More than likely those are probably issues with the users actions/environments or small bugs in the code that people keep running into possibly in various un-thought-of-ways.  Having written programs myself for a decent sized user base, this is more often the case.  The people that actually report (read as 'complain loudly about') bugs usually aren't taking into account the several different aspects that may play a role in what they see as a small/quick fix problem. I look at code like writing a book, bugs sometimes mean you have to add a whole new main character at some point in the story and then rewrite the whole rest of the story to account for their appearance.  That's not always how it actually is, but that's how it feels to me sometimes at least.</rant>

Link to comment
Share on other sites

On 11/06/2017 at 0:40 PM, Sebkinne said:

Uh, the bin file is not really viewable in a hexeditor. It's an entire firmware, kernel, rootfs and all. 

Hi Sebkinne,

So what would you recommend to view/edit a .bin file ?

When I did a Google search, it recommended the above program wxhexedit.

Link to comment
Share on other sites

15 minutes ago, Miko said:

Hi Sebkinne,

So what would you recommend to view/edit a .bin file ?

When I did a Google search, it recommended the above program wxhexedit.

https://github.com/WiFiPineapple/openwrt-pineapple-nano might give you more info I guess.

Edited by Just_a_User
Link to comment
Share on other sites

On 6/14/2017 at 3:39 AM, Miko said:

Hi Sebkinne,

So what would you recommend to view/edit a .bin file ?

When I did a Google search, it recommended the above program wxhexedit.

So, what you're doing here with with wxhexedit is essentially peering into a zip file. The .bin file is flashable code containing a modified version of OpenWRT. Essentially when you use a hexedit, you're seeing padding/etc. .bin's can be extracted.. it's alot of work but can be done if you nose around. Seb has said there are a few minor issues, I've had my nano for quite a while and while it does have a few minor, minor quirks the code is pretty solid.

  • Upvote 1
Link to comment
Share on other sites

7 hours ago, Thecolorchanges said:

So, what you're doing here with with wxhexedit is essentially peering into a zip file. The .bin file is flashable code containing a modified version of OpenWRT. Essentially when you use a hexedit, you're seeing padding/etc. .bin's can be extracted.. it's alot of work but can be done if you nose around. Seb has said there are a few minor issues, I've had my nano for quite a while and while it does have a few minor, minor quirks the code is pretty solid.

Yup. 

Also, the architecture is mips - something you'll have to keep in mind. Either way, simply hexediting this bin file means very little :) 

  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...