Let's travel back in time ... In EMBA version 1.2.3 we started removing the old, rusty and unmaintained binwalk (v2) as main extractor from EMBA. See here. Big thanks to the great folks of unblob for jumping in with the most powerful extraction engine that is currently available.
And now fast forward to September 2024 ... Check this bomb
Great news! The new binwalk was not just a quick update, it was a complete rewritten version in rust! As usual we are trying to implement cool projects quite early to get hands on experience ... especially if these are the projects from our own IoT hacking beginnings years ago ;)
Fast forward to Dezember 2024 ...
As the new binwalk is damn fast, EMBA got it as initial extractor into the extraction pipeline! Check it out and let us and Craig know how it performs and how you like it. In this place it is also quite easy to see where binwalk is failing and Unblob is jumping in. Btw. this does not mean that Binwalk is better compared to Unblob! In most of our testcases it was faster but from the success rate Unblob is currently the most powerful extraction engine which automatically jumps in as 2nd extraction engine and is also used for our deep-extraction mode.
The best extraction frameworks together in EMBA ... this must be true love :-D
Beside this big update we have a bunch of other little and big things for you:
- The SBOM engine which was introduced in version 1.5.0 got updates everywhere (new json engine, dependencies are now handled, untracked files can be included, improved package manager integration, optimised static version detection ...)
- EMBA is getting more and more powerful and faster, faster, faster
- Our huge code refactoring part 1 of X is finished
- Regular docker base image update (new capa version, new Ghidra version, ...)
- Kali Linux 2024.4 supported
Beside the technical updates, we were at BlackHat MEA with an Arsenal demo of EMBA. We talked to a lot of interested and interesting people and got some cool ideas for EMBA. You can check our Arsenal slides here and some pictures here
Beside your ongoing support with feedback, testing, working on issues and spreading EMBA you can now also support EMBA as a sponsor.
Check it out here and start being an essential part of the future of EMBA
It is always a pleasure to welcome new contributors to EMBA. This time we can welcome:
- @0xr3act0r made their first contribution in #1376
How can you reach us and stay up to date? Just take one of these channels:
Now, start your fresh Kali Linux (put enough CPU power and RAM into it) and install EMBA:
└─$ git clone https://github.com/e-m-b-a/emba.git
└─$ cd emba
└─$ sudo ./installer.sh -d
This will install all pre-requisites, including the docker base image and the CVE database, which will need some bandwith, harddrive space and time.
Afterwards, you are ready to analyse your first firmware with EMBA:
└─$ sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/quick-scan.emba
For updating your oudated EMBA installation, please check the update section in our wiki.
What's Changed
- Windows exe improvements by @m-1-k-3 in #1354
- Extend JSON SBOM by @m-1-k-3 in #1353
- SBOM - Duplicates / package files / dependencies by @m-1-k-3 in #1361
- SBOM - Add Poetry files by @m-1-k-3 in #1363
- Further SBOM updates (python pip, rpm, dependency tree) by @m-1-k-3 in #1368
- Json SBOM improvements by @m-1-k-3 in #1374
- Speedup find comands with exec threading / confidence level by @m-1-k-3 in #1375
- Added "apt install linux-modules-extra" package for proper installation of ubi and nandsim modules by @0xr3act0r in #1376
- exit on pre-checking selection by @m-1-k-3 in #1382
- Refactoring, enable threading by @m-1-k-3 in #1383
- Rename scan-profiles by @m-1-k-3 in #1395
- F50 refactoring by @m-1-k-3 in #1396
- helpers var refactor by @m-1-k-3 in #1397
- binwalk v3, refactoring, bugs, S09 speedup by @m-1-k-3 in #1398
- Unhandled files in SBOM by @m-1-k-3 in #1404
- Little fixes (csv, s25, s06, l25), s26 speedup by @m-1-k-3 in #1405
- Improve entropy pic integration by @m-1-k-3 in #1410
- bump version - v1.5.1 by @m-1-k-3 in #1412
New Contributors
- @0xr3act0r made their first contribution in #1376
Full Changelog: v1.5.0-SBOMdorado...v1.5.1-rise-from-the-dead