this is my first time analyzing firmware. Im trying to extract the Filesystem if possible, or at least extract the OS to load in IDA. Using Binwalk on the ELF binary gives me the output below.
DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
0 0x0 ELF, 32-bit MSB executable, version 1 (SYSV)
103395 0x193E3 Copyright string: "Copyright (c) 1986-2019 by Cisco Systems, Inc."
103688 0x19508 Zip archive data, at least v2.0 to extract, compressed size: 84959531, uncompressed size: 181511208, name: C1900-UN.BIN
85063319 0x511F697 End of Zip archive, footer length: 22
I then extracted the C1900-UN.BIN, which gave alot of zip, html, and giff files. It looked like the files used in the OS were seperated into each files, which is not what I wanted. So I used Binwalk again and it showed some possible OS offsets.
I tried extracting them with dd like ↓ but kept getting garbage. The Cisco IOS seemed like the most viable offset, but it doesnt even give the correct header. So I cant even tell CPU what arch it is.
dd if=Cisco-Firmware.bin of=Cisco.IOS bs=1 skip=19609809 count=22715204
I was thinking it might just be one big executable OS file, but wasn't so sure. There seems to be many possible OS strings like Cisco IOS, Broadcom firmware header, eCos RTOS, etc. I'm so confused.
Any Help would be appreciated, Thank you
