# Check magic if data[:4] != OZIP_MAGIC: raise ValueError("Not a valid OZIP file")
if header[:4] == OZIP_MAGIC: # Check for version version = struct.unpack('<I', header[4:8])[0] if len(header) >= 8 else 0 return ('STANDARD_OZIP', version) elif header[:4] == b'ZTE\x00': return ('ZTE_OZIP', 1) else: return ('UNKNOWN', 0) def extract_standard_ozip(input_path, output_dir): """Extract standard OZIP (Asus style).""" with open(input_path, 'rb') as f: # Read full file (for small-to-medium OZIPs) data = f.read()
input_file = sys.argv[1] if not os.path.exists(input_file): print(f"[-] File not found: input_file") sys.exit(1) ozip extractor tool
# Often just raw ext4 or sparse image output_img = os.path.join(output_dir, 'system.img') with open(output_img, 'wb') as out: out.write(data) print(f"[+] Extracted ZTE OZIP to: output_img") Main function ------------------------------------------------------------ def main(): if len(sys.argv) < 2: print("Usage: ozip_extractor.py <input.ozip> [output_directory]") print("\nExample: ozip_extractor.py firmware.ozip ./extracted") sys.exit(1)
print(f"[*] Processing: input_file") ozip_type, version = detect_ozip_type(input_file) print(f"[*] Detected type: ozip_type") # Check magic if data[:4]
What is an OZIP file? An OZIP file is a proprietary compressed image format used primarily by Android OEMs (like Asus, ZTE, and older Motorola devices) for firmware updates and system images. It is often an encrypted or transformed version of a standard EXT4, sparse image, or ZIP archive.
# Decrypt using XOR decrypted = xor_decrypt(data[4:], XOR_KEY) 'rb') as f: header = f.read(12)
def detect_ozip_type(filepath): """Detect OZIP variant by reading header.""" with open(filepath, 'rb') as f: header = f.read(12)