From 19a3a56c3565691319a18b6c96d79b17c3f8c3f0 Mon Sep 17 00:00:00 2001 From: Plato Mavropoulos Date: Thu, 28 Feb 2019 22:09:34 +0200 Subject: [PATCH] Fujitsu SFX Packager Extractor v1.0 Parses Fujitsu SFX Packager executables and extracts their contents. --- .../Fujitsu_Package_Extract.py | 85 +++++++++++++++++++ README.md | 51 +++++++++++ 2 files changed, 136 insertions(+) create mode 100644 Fujitsu SFX Packager Extractor/Fujitsu_Package_Extract.py diff --git a/Fujitsu SFX Packager Extractor/Fujitsu_Package_Extract.py b/Fujitsu SFX Packager Extractor/Fujitsu_Package_Extract.py new file mode 100644 index 0000000..99cf31e --- /dev/null +++ b/Fujitsu SFX Packager Extractor/Fujitsu_Package_Extract.py @@ -0,0 +1,85 @@ +#!/usr/bin/env python3 + +""" +Fujitsu Package Extractor +Fujitsu SFX Packager Extractor +Copyright (C) 2019 Plato Mavropoulos +""" + +print('Fujitsu SFX Packager Extractor v1.0') + +import os +import re +import sys +import subprocess + +if len(sys.argv) >= 2 : + # Drag & Drop or CLI + fjsfx_exec = sys.argv[1:] +else : + # Folder path + fjsfx_exec = [] + in_path = input('\nEnter the full folder path: ') + print('\nWorking...') + for root, dirs, files in os.walk(in_path): + for name in files : + fjsfx_exec.append(os.path.join(root, name)) + +# "FjSfxBinay" + Microsoft CAB Header XOR 0xFF (Tag[4] + Res[4] + Size[4] + Res[4] + Offset[4] + Res[4] + Ver[2]) pattern +mscf_pattern = re.compile(br'\x46\x6A\x53\x66\x78\x42\x69\x6E\x61\x79\xB2\xAC\xBC\xB9\xFF{4}.{4}\xFF{4}.{4}\xFF{4}\xFC\xFE', re.DOTALL) + +for input_file in fjsfx_exec : + file_path = os.path.abspath(input_file) + file_dir = os.path.dirname(file_path) + file_name = os.path.basename(file_path) + + print('\nFile: ' + file_name) + + # Open Fujitsu SFX Binary Packager executable as mutable bytearray + with open(input_file, 'rb') as in_file : FjSfx = bytearray(in_file.read()) + + match_mscf = mscf_pattern.search(FjSfx) # Search for Fujitsu Microsoft CAB Header XOR 0xFF pattern + + # Check if Microsoft CAB Header XOR 0xFF pattern exists + if match_mscf : + print('\n Detected obfuscated Microsoft CAB image.') + + mscf_start = match_mscf.start() + 0xA # Microsoft CAB Header XOR 0xFF starts after "FjSfxBinay" signature + + # Determine the Microsoft CAB image Size + cab_size_hex = bytearray(4) # Initialize LE Hex CAB Size as mutable bytearray + cab_size_xor = FjSfx[mscf_start + 0x8:mscf_start + 0xC] # Get LE XOR-ed CAB Size + for idx in range(4) : # Parse each CAB Size byte + cab_size_hex[idx] = cab_size_xor[idx] ^ 0xFF # Perform XOR 0xFF + cab_size = int.from_bytes(cab_size_hex, 'little') # Get BE Actual CAB Size + + print('\n Removing Obfuscation...') # May take a while + + # Determine the Microsoft CAB image Data + cab_data = bytearray(cab_size) # Initialize CAB Data as mutable bytearray + cab_data_xor = FjSfx[mscf_start:mscf_start + cab_size] # Get XOR-ed CAB Data + for idx in range(cab_size) : # Parse each CAB Data byte + cab_data[idx] = cab_data_xor[idx] ^ 0xFF # Perform XOR 0xFF and get Actual CAB Data + + print('\n Extracting...') + + with open('fjsfx_temp.cab', 'wb') as cab_file : cab_file.write(cab_data) # Create temporary CAB image + + extr_path = os.path.join(file_dir, file_name[:-4], '') # Create CAB image extraction path + + try : + decomp = subprocess.run(['7z', 'x', '-aou', '-bso0', '-bse0', '-bsp0', '-o' + extr_path, 'fjsfx_temp.cab']) # 7-Zip + except : + print('\n Error: Could not decompress Microsoft CAB image!') + print(' Make sure that "7z" executable exists!\n') + + os.remove('fjsfx_temp.cab') # Remove temporary CAB image + + print('\n Extracted!') + + else : + print('\n Error: No Fujitsu SFX Packager found!') + continue # Next input file + +else : + input('\nDone!') \ No newline at end of file diff --git a/README.md b/README.md index bbd1b21..c48df77 100644 --- a/README.md +++ b/README.md @@ -214,6 +214,9 @@ At dist folder you should find the final utility executable ## **Panasonic BIOS Update Extractor** +![](https://i.imgur.com/uZAoMGR.png) +*Icon owned by Panasonic* + #### **Description** Parses Panasonic BIOS Update executables and extracts their SPI/BIOS image. The utility automatically uses [Rustam Abdullaev's unpack_lznt1](https://github.com/rustyx/unpack_lznt1) tool in order to decompress the initially Microsoft LZNT1 compressed resource data. @@ -266,6 +269,9 @@ At dist folder you should find the final utility executable ## **VAIO Packaging Manager Extractor** +![](https://i.imgur.com/rg4xrxJ.png) +*Icon owned by VAIO* + #### **Description** Parses VAIO Packaging Manager executables and extracts their contents. If direct extraction fails, it unlocks the executable in order to run at all systems and allow the user to choose the extraction location. The utility automatically uses [Igor Pavlov's 7-Zip](https://www.7-zip.org/) tool in order to decompress the initially obfuscated Microsoft CAB compressed contents. @@ -306,6 +312,51 @@ PyInstaller can build/freeze/compile the utility at all three supported platform At dist folder you should find the final utility executable +## **Fujitsu SFX Packager Extractor** + +![](https://i.imgur.com/NlZGBsy.png) +*Icon owned by FUJITSU* + +#### **Description** + +Parses Fujitsu SFX Packager executables and extracts their contents. The utility automatically uses [Igor Pavlov's 7-Zip](https://www.7-zip.org/) tool in order to decompress the initially obfuscated Microsoft CAB compressed contents. + +#### **Usage** + +You can either Drag & Drop or manually enter the full path of a folder containing Fujitsu SFX Packager executables. + +#### **Download** + +An already built/frozen/compiled binary is provided by me for Windows only. Thus, **you don't need to manually build/freeze/compile it under Windows**. Instead, download the latest version from the [Releases](https://github.com/platomav/BIOSUtilities/releases) tab. To extract the already built/frozen/compiled archive, you need to use programs which support RAR5 compression. Note that you need to manually apply any prerequisites. + +#### **Compatibility** + +Should work at all Windows, Linux or macOS operating systems which have Python 3.6 support. Windows users who plan to use the already built/frozen/compiled binary must make sure that they have the latest Windows Updates installed which include all required "Universal C Runtime (CRT)" libraries. + +#### **Prerequisites** + +To run the python script or its built/frozen/compiled binary, you need to have the following 3rd party tool at the same directory: + +* [7-Zip Console](https://www.7-zip.org/) (i.e. 7z.exe) + +#### **Build/Freeze/Compile with PyInstaller** + +PyInstaller can build/freeze/compile the utility at all three supported platforms, it is simple to run and gets updated often. + +1. Make sure Python 3.6.0 or newer is installed: + +> python --version + +2. Use pip to install PyInstaller: + +> pip3 install pyinstaller + +3. Build/Freeze/Compile: + +> pyinstaller --noupx --onefile Fujitsu_Package_Extract.py + +At dist folder you should find the final utility executable + ## **Award BIOS Module Extractor** #### **Description**