This email contains a short description of a proposed technique to
do xmodem file transfers without a physical RS232 serial 
connection, when only a network connection is
available.  This may be useful for obtaining firmware
from embedded devices in order to test for GPL or other
FOSS license violations.

Some months ago I temporarily possessed a sonicwall firewall
appliance and after sshing in found clues that it may possibly be
running Linux, although it did not come with a GPL notice
or offer for source.  (IIRC output indicated that the firmware
was compiled on an Linux system.  I don't recall any more
at this time.)

The device dumped and loaded firmware using xmodem, but there
was no available documentation as to what pins were what
on the serial port.  The command to load/dump firmware was 
available from network access via ssh.
I fretted over how to obtain the firmware to further investigate
the licensing question and came up with the following technique.
I was unable to test this method having lost access to the
sonicwall hardware but wanted to publicly document my thoughts
in the hope that someone will someday find this helpful.

If anyone ever does an analysis of the sonicwall firmware
I would be interested in hearing the result.


Karl <k...@meme.com>
Free Software:  "You don't pay back, you pay forward."
                 -- Robert A. Heinlein

How to dump the firmware from a sonicwall.

In window 1 (make pty for minicom):
socat PTY,link=$HOME/foo,raw,nonblock,echo=0  

In window 2 (start mincom, connect to sonicwall):
minicom -p $(readlink $HOME/foo) port0
ssh -l admin

In window 1 (enter password):

In window 2 (dump firmware):
firmware download current

In window 1 (start xmodem receive):

gnu-misc-discuss mailing list

Reply via email to