Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom extfs extractor #784

Open
qkaiser opened this issue Feb 20, 2024 · 0 comments
Open

Custom extfs extractor #784

qkaiser opened this issue Feb 20, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@qkaiser
Copy link
Contributor

qkaiser commented Feb 20, 2024

We were initially extracting extfs filesystems with 7z but the support was not extensive enough so we moved to debugfs.

Since then we had to fight with multiple bugs in debugfs, forcing us to fork e2fsprogs at https://github.com/onekey-sec/e2fsprogs. With the most recent bug report (#778), we had an internal discussion and decided that we need to go further.

We will implement our own extfs extractor binary by linking into the e2fsprogs library. The sole purpose of this binary is to receive a path to an extfs image and extract it in a specified directory. Prior to executing the extraction, the filesystem image will be fixed in-memory by implementing the equivalent of e2fsck -y so that the source file is not modified on disk. Issues identified during this fixing pass will be reported by the extfs extractor in unblob.

Interested parties: @orosam @vlaci
@qkaiser qkaiser added the enhancement New feature or request label Feb 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@qkaiser