Python bindings for Binwalk v3

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for kevinmuoz from gravatar.com kevinmuoz

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Requires: Python >=3.8
Report project as malware

Project description

pybinwalk

Python bindings for Binwalk v3, built with PyO3 and maturin.

Provides direct access to binwalk's signature scanning and extraction from Python. Also exposes a C API for use from other languages.

Requirements

  • Python >= 3.8
  • Rust toolchain (for building from source)

Installation

pip install pybinwalk

To build from source:

pip install maturin
maturin build --release
pip install target/wheels/pybinwalk-*.whl

Usage

Scan bytes in memory

import pybinwalk

bw = pybinwalk.Binwalk()
data = open("firmware.bin", "rb").read()

for result in bw.scan_bytes(data):
    print(f"0x{result.offset:08X}  {result.name}  {result.description}")

Scan a file from disk

bw = pybinwalk.Binwalk()

for result in bw.scan_path("/path/to/firmware.bin"):
    print(f"0x{result.offset:08X}  {result.name}  {result.description}")

Configure with filters

bw = pybinwalk.Binwalk.configure(
    include=["gzip", "squashfs"],
    exclude=["jpeg"],
    full_search=False,
)

results = bw.scan_path("firmware.bin")

Extract

bw = pybinwalk.Binwalk.configure(
    target_file_name="firmware.bin",
    output_directory="./extracted",
)

analysis = bw.analyze_path(bw.base_target_file, do_extraction=True)

for sig in analysis.file_map:
    print(f"0x{sig.offset:08X}  {sig.name}")

for sig_id, extraction in analysis.extractions.items():
    print(f"{sig_id}: success={extraction.success}, dir={extraction.output_directory}")

Version

print(pybinwalk.version())

API reference

Binwalk

Method Description
Binwalk() Create an instance with default settings.
Binwalk.configure(...) Create an instance with custom options.
scan_bytes(data: bytes) Scan in-memory data. Returns list[SignatureResult].
scan_path(file_path: str) Scan a file on disk. Returns list[SignatureResult].
extract_bytes(data, file_path, file_map) Extract from in-memory data using a prior scan result. Returns dict[str, ExtractionResult].
analyze_path(target_file, do_extraction) Scan and optionally extract a file. Returns AnalysisResults.

Properties: signature_count, base_target_file, base_output_directory.

Binwalk.configure() parameters

Parameter Type Default Description
target_file_name str or None None Path to target file (required for extraction).
output_directory str or None None Directory for extracted files.
include list[str] or None None Only scan for these signature types.
exclude list[str] or None None Skip these signature types.
full_search bool False Search all offsets instead of optimized locations.

SignatureResult

Properties: offset, id, size, name, confidence, description, always_display, extraction_declined, preferred_extractor.

ExtractionResult

Properties: size, success, extractor, do_not_recurse, output_directory.

AnalysisResults

Properties: file_path, file_map (list of SignatureResult), extractions (dict mapping signature id to ExtractionResult).

C API

When built without the python feature (cargo build --release --no-default-features), the library exposes a C-compatible API:

Function Description
bw_scan(data, len) Scan a buffer. Returns JSON string.
bw_scan_with_options(data, len, options_json) Scan with filter options. Returns JSON string.
bw_version() Get version info. Returns JSON string.
bw_list_signatures() List available signatures. Returns JSON string.
bw_free(ptr) Free a string returned by any of the above.

All C API functions return a *mut c_char pointer to a JSON string. The caller must free it with bw_free().

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for kevinmuoz from gravatar.com kevinmuoz

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Requires: Python >=3.8

Release history Release notifications | RSS feed

0.0.3

0.0.2

This version

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pybinwalk-0.0.1.tar.gz (3.9 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pybinwalk-0.0.1-cp38-abi3-macosx_11_0_arm64.whl (773.0 kB view details)

Uploaded CPython 3.8+macOS 11.0+ ARM64

File details

Details for the file pybinwalk-0.0.1.tar.gz.

File metadata

  • Download URL: pybinwalk-0.0.1.tar.gz
  • Upload date:
  • Size: 3.9 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: maturin/1.11.5

File hashes

Hashes for pybinwalk-0.0.1.tar.gz
Algorithm Hash digest
SHA256 fb0669acc71cf2a16c2b114f0a7790b03001333e95091af83648f38e64df3222
MD5 d4b95e661b5b06d6a131fbd1f91002da
BLAKE2b-256 6f325e2c038458df6956dfe8caa919b307c8db392e3e2869ddc9758354984dcd

See more details on using hashes here.

File details

Details for the file pybinwalk-0.0.1-cp38-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for pybinwalk-0.0.1-cp38-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 539b246ccbb3f6ce2052a475841c2eaf2c942848da7129fb370ec163407e6f1c
MD5 f1934f64aae1b15f5050b60f70806ebb
BLAKE2b-256 6412576393a4de3c42a1830388666fa1e5696e9a2d88dfe6ea0b3007512cdfe9

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page