Intro

Recently I’ve decided to dedicate a fresh Debian environment for my RE tools and having binwalk seemed as a good idea so I can play with firmware binaries. I followed the general install instructions from the project wiki and it seemed that all the dependencies were installed. On starting the executable however I got the following error:

$ binwalk 
Traceback (most recent call last):
  File "/usr/local/bin/binwalk", line 60, in <module>
    main()
  File "/usr/local/bin/binwalk", line 45, in main
    usage(modules)
  File "/usr/local/bin/binwalk", line 32, in usage
    sys.stderr.write(modules.help())
  File "/usr/local/lib/python2.7/dist-packages/binwalk/core/module.py", line 622, in help
    for module in self.list(attribute="CLI"):
  File "/usr/local/lib/python2.7/dist-packages/binwalk/core/module.py", line 601, in list
    import binwalk.modules
  File "/usr/local/lib/python2.7/dist-packages/binwalk/modules/__init__.py", line 10, in <module>
    from binwalk.modules.codeid import CodeID
  File "/usr/local/lib/python2.7/dist-packages/binwalk/modules/codeid.py", line 1, in <module>
    import capstone

Further review of the binwalk source code led me to the conclusion that binwalk requires capstone RE framework as well. I am using wheezy stable release and capstone packages are included in the debian sid repo and since I do not want to upgrade my entire distro to unstable some apt-pinning needs to be done.

Setup process

1) Add sid repo

$sudo vim /etc/apt/sources.list

add the following lines and save the file

#sid
deb http://ftp.uk.debian.org/debian unstable main non-free contrib
deb-src http://ftp.uk.debian.org/debian unstable main non-free contrib

2) Create preferences for the apt-pinning

$sudo vim /etc/apt/preferences

Add the following lines to the newly created file. They specify the repository priority i.e. if there are different versions of a particular package in more than one repository the repository with the highest priority will be considered. In this case I am keeping the stable repo with the highest priority thus the lib

Package: *
Pin: release a=stable
Pin-Priority: 700

Package: *
Pin: release a=unstable
Pin-Priority: 600

3) Update

$sudo apt-get update

4) Install capstone core

$sudo apt-get install libcapstone2/unstable

5) Install capstone python binding

$sudo easy_install capstone

That was it.
At the end it came out that my binwalk installation was messed up and I needed to do it all over again. Anyhow … Capstone is a nice addition to my RE toolkit :)

Setting up capstone (Debian Wheezy)

Leave a Reply

Your email address will not be published. Required fields are marked *

*