extractbins.sh - Extract kickstart/system from infra bundle

dsw_cisco · ‎01-25-2017

Hello everyone,

Please find attached a basic script to extract the kickstart, system and ucsm firmware from the ucs infra bundle (and others..). I am not sure as to the exact legality of this, so admin, if you object to this material, feel free to remove it. This is hardly ground-breaking stuff though, and no encryption is used. Maybe there's already a well-known way to extract this - let me know if so!

Background

The background here is - Cisco bundle the relevant firmware objects in a large blob. This is not helpful when you need to boot off of an alternate kickstart (for example, during a failed FI upgrade, from tftp) and/or if your system image is corrupt, and you want to copy scp: bootflash:, etc..... during such failed upgrades, we've had to rely on TAC providing them to us, which is not entirely uncomfortable, but does take a bit of time.

If you're downloading firmware for a Nexus device, you conveniently have access to the individual kickstart/system from the outset.

Cisco's blob format

Cisco's ".bin" files are headed by a small header, which describes a few things about the bin package, such as the size of the bundled package, the type of hardware platform its for, etc.. Here is some typical output from the 'show' operation of a certain UCS system command, which is available when accessing the system via the debug plugin... however, I won't mention any names (Incidentally, this command and a helper wrapper script are what perform the exact thing my script does... but of course they do it better, and provide more functionality.)

**********************************************

HEADER CONTENTS

**********************************************

Header version: 1.0

Len: 800 byte

Image length:488933830 byte

Magic number: 21326

Platform type: 7

Verification type: 1

Software family: 2

Image type: 11

Debug attribute: 2

Hardware type: 0

Compression type: 2

Run time location: 1

Packaged by: 0

Memsize: 256

Timestamp: 1482316264

Version string: 3.1(2e)B

Interim version string: 3.1(2e)B

Image full name: ucs-k9-bundle-b-series.3.1.2e.B.bin

Features:

Build ID: S0

**********************************************

-------------------------------

So, Cisco bin files begin with this header, and straight after consist of (usually) an inline tarred-gzip archive. Depending on the bin file, there may be one or more archvies, as well as a NetBoot Linux image (in the case of kickstart) which is loopback-mountable, and cpio archives (in the case of the IOM/fex/chassis image).

I've only so far implemented basic tar/gzip extraction of the first archive, which is what we actually need - the rest can be done via xxd and searching for the magic numbers of certain archives + dd'ing the image out... and is left as an exercise for the curious... but the script can also be applied to most sub-bin files which arise from the extraction of the main bin file (infra bundle, then system, then plugins, etc...), as most all contain the same cisco header + tgz format.

Extraction

Trivial use of the script:

./extractbins.sh: [file.bin] [directory_to_extract_to]

Actual use:

./extractbins.sh ucs-6300-k9-bundle-infra.3.1.2e.A.bin extracted

cisco image extractor 1.1 - dsw(c),2017

[.] cisco image of 756 bytes found in ucs-6300-k9-bundle-infra.3.1.2e.A.bin

[.] seeking past header length 756....

[.] wrote header-less image ucs-6300-k9-bundle-infra.3.1.2e.A.bin.nohdr

[.] gzip found; decompressing..

[.] tar found; untarring..

./

./isan/

./isan/etc/

./isan/etc/climib/

./isan/etc/imghdr.bin

./isan/plugin_img/

./isan/plugin_img/ucs-6300-k9-system.5.0.3.N2.3.12e.bin

./isan/plugin_img/ucs-manager-k9.3.1.2e.bin

./isan/plugin_img/ucs-2300-6300.3.1.2e.bin

./isan/plugin_img/ucs-6300-k9-kickstart.5.0.3.N2.3.12e.bin

./isan/plugin_img/ucs-2200-6300.3.1.2e.bin

[.] cleaning up..

[.] done

Much can be improved and added, but the basic functionality is there. Bugs: almost certainly. Please heed the disclaimer in the script.

Cheers

dan

bbusse · ‎09-25-2017

I haven't tested this yet, but I just thought i'd say thanks in advance. We recently had some problems (again) doing firmware updates on UCS FI's from 3.1(2b) to 3.1(3a) where 1 failed in a remote pair and Cisco ultimately decided to replace it, and 2 (same pair, one after another) failed but we were able to recovery using those 3 files provided by Cisco. Being able to extract these files ourselves for future versions (the file we got from them are specific to 3.1(3a) makes me feel a lot better. The process for recovering from a failed/corrupt bootflash during an upgrade is fairly painless now that i know what it is and having the files without having to call in is perfect.

Brian

bbusse · ‎09-25-2017

Just tested it and it worked without issue extracting the 3 files i needed from the Infrastructure bundle for 3.2(1b). Nicely done sir.

Brian

ron2 · ‎12-06-2017

so..I'm an FI newbie and for the life of me I could not figure out how to do this. what system did you download the bundle and script to? linux, another FI, a switch?

I did find 7-zip will allow you to open the bin file and you can browse and extract what you want.

But I do want to know how you extract via the script you made.

thanks and advance!

subimalsahoo · ‎12-03-2024

loader> dir

loader> cmdline recoverymode=1
loader> dir

loader> set SWITCH_IGNORE_STARTUP_CFG=1
error: Invalid argument. Please do "help <cmd_name>" to get the usage.
loader> SWITCH_IGNORE_STARTUP_CFG=1
loader> dir

loader> dir
usb2:
ucs-6300-k9-bundle-infra.4.3.3a.A.bin

loader> boot usb2: ucs-6300-k9-bundle-infra.4.3.3a.A.bin

Security Lock
Booting kickstart image: usb2:kickstart.bin
File does not exist, boot failed.
loader>
loader> dir
usb2:

ucs-6300-k9-bundle-infra.4.3.3a.A.nbi

loader> boot usb2:ucs-6300-k9-bundle-infra.4.3.3a.A.nbi
Booting kickstart image: usb2:ucs-6300-k9-bundle-infra.4.3.3a.A.nbi
error: Invalid kickstart image.
loader>

can anyone explain me what is the real issue