Firmwalker on Github

Firmwalker videos on YouTube

A simple bash script for searching the extracted or mounted firmware file system.

It will search through the extracted or mounted firmware file system for things of interest such as:

  • etc/shadow and etc/passwd
  • list out the etc/ssl directory
  • search for SSL related files such as .pem, .crt, etc. (can extract certificate serial number for searching in Shodan)
  • search for configuration files
  • look for script files
  • search for other .bin files
  • look for keywords such as admin, password, remote, for common web servers used on IoT devices
  • search for common binaries such as ssh, tftp, dropbear, etc.
  • search for URLs, email addresses and IP addresses
  • Experimental support for making calls to the Shodan API using the Shodan CLI