Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Trustwave SpiderLabs
- #A script that decodes the inner flash from the sundown flash wrapper for CVE-2016-4117
- filename = '1_Go_var1.bin'
- f=open(filename,'rb')
- content=f.read()
- dataBytes = bytearray(content)
- f.close()
- key=dataBytes[-1]
- b=dataBytes[0]
- if key ^ b == 70:
- #k9
- for i in xrange(len(dataBytes)):
- dataBytes[i]=dataBytes[i] ^ key
- key = (key + 17) & 255
- outfile = open(filename + "_2nd_flash", "wb")
- outfile.write(dataBytes)
- outfile.close()
- print "Done"
- else:
- print "ERROR: this does not appear to be a sundown flash file"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement