EMBA v1.4.0 - ICS testing Edt.
As we do a lot of ICS/OT testing in our daily business, we thought this release should reflect our usual EMBA usage scenario. Welcome to another huge EMBA release with a lot new features: EMBA v1.4.0 - ICS testing Editition
This time we have collected the following highlights for you:
- less bugs -> more code -> more bugs? -> report all our bugs here
- Extended binary analysis via semgrep (see module s16)
- New static perl analysis via zarn (see module s27)
- Toolchain identification (see wiki)
- Improved update checking (see wiki)
- New scan interface (with integrated status bar) automatically enabled in most scan-profiles
- Improved multiple backend workflows
- Massive speedup of multiple EMBA modules (see #1006 / #996)
- Updated docker base image (see wiki)
- You can get in contact with us on the following social networks: X / Mastodon / NEW: Bluesky
- We can meet in real life at BlackHat Asia this year (see Arsenal schedule)
- Special thanks to our awesome community for releasing multiple new articles around EMBA - see our dedicated section in the wiki
Now, start your fresh Kali Linux (put enough CPU power and RAM into it) and install EMBA:
└─$ git clone https://github.com/e-m-b-a/emba.git
└─$ cd emba
└─$ sudo ./installer.sh -d
This will install all pre-requisites, including the docker base image and the cve database, which will need some bandwith, harddrive space and time.
Afterwards, you are ready to analyse your first firmware with EMBA:
└─$ sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/quick-scan.emba
Beside your ongoing support with feedback, testing, working on issues and spreading EMBA you can now also support EMBA as a sponsor.
Check it out here and start being an essential part of the future of EMBA
It is always a pleasure to welcome new contributors to EMBA. This time we can welcome:
- @413x8 made their first contribution in #931
- @mj138 made their first contribution in #939
- @jblu42 made their first contribution in #987
- @floyd-fuh made their first contribution in #1030
Welcome to the EMBA firmware analysis environment and thank you for your valuable contribution.
What's Changed
- Internet check not blocking by @m-1-k-3 in #722
- Fix docker build workflow by @m-1-k-3 in #723
- disable disk space monitor by @m-1-k-3 in #724
- print fix, http crawler by @m-1-k-3 in #732
- Code cleanup by @m-1-k-3 in #733
- Fix updater by @m-1-k-3 in #749
- Unblob v23.8.11 by @m-1-k-3 in #750
- PEM file with multiple certificates by @HoxhaEndri in #736
- Update README.md by @m-1-k-3 in #757
- add file-command to default deps by @BenediktMKuehne in #763
- Update semgrep workflow by @m-1-k-3 in #764
- Debian repos - https only for Kali by @m-1-k-3 in #766
- Curl online check by @m-1-k-3 in #774
- Improve PW cracking module s107 by @m-1-k-3 in #773
- Check container nr disable for dev mode by @m-1-k-3 in #776
- Set variable by @m-1-k-3 in #777
- Installer updates by @m-1-k-3 in #779
- fix gpt path by @m-1-k-3 in #789
- Improve web page crawler by @m-1-k-3 in #795
- little fix by @m-1-k-3 in #796
- disable the trickest exploit db by @m-1-k-3 in #797
- Debian installer support by @m-1-k-3 in #798
- grep -v -> tail by @m-1-k-3 in #812
- Proxy support by @m-1-k-3 in #811
- Firmware diffing preparation by @m-1-k-3 in #804
- nikto setup, compose cleanup by @m-1-k-3 in #814
- System emulation fs mount improvements by @m-1-k-3 in #815
- L10 Fix SC2250 shellcheck by @HoxhaEndri in #822
- Installer debian package file format by @m-1-k-3 in #826
- Cleanup of PS crawler by @m-1-k-3 in #833
- Check for arachni user and shellcheck braces by @HoxhaEndri in #834
- Try cve db update multiple times during installation by @m-1-k-3 in #837
- Firmware diffing modules by @m-1-k-3 in #838
- fix #839 by @m-1-k-3 in #844
- Semgrep checks and shellcheck braces checks by @HoxhaEndri in #835
- check for space at the end of a line by @HoxhaEndri in #845
- Update installer, dep-check by @m-1-k-3 in #846
- strict mode grep error by @HoxhaEndri in #848
- BMC firmware extractor by @m-1-k-3 in #853
- braces check for all scripts inside "helpers" folder and "installer" folder by @HoxhaEndri in #854
- kernel-hardening-checker fix by @m-1-k-3 in #855
- Version 1.3.1 by @m-1-k-3 in #856
- Version identifiers, Arch check in installer, diff updates by @m-1-k-3 in #860
- check braces for modules scripts by @HoxhaEndri in #861
- braces checked for all script files by @HoxhaEndri in #865
- shellcheck braces check in check_project and in workflow by @HoxhaEndri in #866
- Improve diff mode by @m-1-k-3 in #867
- Fix grep -R by @m-1-k-3 in #869
- CPU check for SSSE3 by @m-1-k-3 in #870
- Diff threading + improved reporting by @m-1-k-3 in #871
- #873 fix by @m-1-k-3 in #874
- zlib string from dell bios firmware by @HoxhaEndri in #872
- Create first_interaction.yml by @m-1-k-3 in #877
- UEFI analysis improvements by @m-1-k-3 in #876
- fwhunt check entire firmware first by @HoxhaEndri in #881
- new version strings and comment for fwhunt by @HoxhaEndri in #882
- integrate cveXplore settings by @BenediktMKuehne in #884
- Install CveXplore v0.3.16++ by @m-1-k-3 in #892
- Full system emulation dependency s24 by @m-1-k-3 in #896
- Cvexplore integration by @BenediktMKuehne in #887
- switch pip install for cvexplore to git repo by @BenediktMKuehne in #899
- Docker-compose cleanup by @m-1-k-3 in #891
- Issue 889 by @m-1-k-3 in #902
- L10, S05 fixes by @m-1-k-3 in #903
- L23 VNC checker modules by @m-1-k-3 in #904
- update first interaction by @m-1-k-3 in #906
- Update check again - #908 by @m-1-k-3 in #909
- Make Routersploit work again by @m-1-k-3 in #910
- Stick to version and check it from requests and urllib3 by @m-1-k-3 in #911
- Improve dep checker by @m-1-k-3 in #912
- Replacement of current cve query mechanism by @m-1-k-3 in #913
- Fix workflows, improve CVE identification by @m-1-k-3 in #919
- rootfs check in uefi extractor by @m-1-k-3 in #921
- fix install workflow by @m-1-k-3 in #922
- check for versions (emba, git and docker) by @HoxhaEndri in #918
- S26 module fix by @m-1-k-3 in #928
- remove update scripts by @m-1-k-3 in #923
- Pre templates by @413x8 in #931
- Multiple fixes by @m-1-k-3 in #930
- Contributors update by @m-1-k-3 in #937
- update default profile for EMBArk by @m-1-k-3 in #938
- Fix parsing of version number from binary version string by @mj138 in #939
- Update Contributors, version by @m-1-k-3 in #940
- Fix parsing of binary name from binary version string by @mj138 in #942
- little cleanup by @m-1-k-3 in #944
- Docker build updates for Kali 2023.4 by @m-1-k-3 in #945
- Include 0xdea semgrep rules and haruspex ghidra script, improve cwe-search integration by @m-1-k-3 in #946
- s14 r2 startup command update by @m-1-k-3 in #952
- r2 bin cache by @m-1-k-3 in #953
- fix for #954 by @m-1-k-3 in #955
- Enable workflow dispatch by @m-1-k-3 in #956
- Version bump - v1.3.2 by @m-1-k-3 in #957
- pip3 docker version warning by @BenediktMKuehne in #959
- true the docker by @m-1-k-3 in #960
- remove disable shellcheck from installer folder scripts by @HoxhaEndri in #941
- Support docker compose v2 API by @m-1-k-3 in #961
- fix version by @m-1-k-3 in #962
- copyright and exceptions linter functions by @BenediktMKuehne in #965
- force utf8 for htmls by @BenediktMKuehne in #964
- Another big update PR by @m-1-k-3 in #979
- Multi grep in version detection by @m-1-k-3 in #981
- Install dji firmware tools by @m-1-k-3 in #988
- massive cleanup by @m-1-k-3 in #989
- multi_grep_fix by @m-1-k-3 in #995
- Add a few component identifications by @jblu42 in #987
- GPT improvements by @m-1-k-3 in #996
- BusyBox applet verification module by @m-1-k-3 in #1003
- Refactor variable usages by @m-1-k-3 in #997
- Change component identification license to SPDXIDs by @jblu42 in #998
- Speedup s09 by @m-1-k-3 in #1006
- Drone extraction module / Silent mode by @m-1-k-3 in #993
- Improve s24/s25 handling by @m-1-k-3 in #1011
- GCC toolchain identification by @m-1-k-3 in #1017
- Multiple little fixes / Enable silent mode in most profiles by @m-1-k-3 in #1019
- Quickfixes by @m-1-k-3 in #1020
- remove netgear telnet module by @m-1-k-3 in #1021
- Enhanced binary analysis/0day detection by @m-1-k-3 in #1022
- Workflow - generate VERSION.txt by @m-1-k-3 in #1027
- Update EMBA VERSION.txt by @github-actions in #1028
- Improved EMBA update checks by @m-1-k-3 in #1029
- Better error message that allows knowing which issue caused the error by @floyd-fuh in #1030
- Improved version checks by @m-1-k-3 in #1031
- little fixes by @m-1-k-3 in #1033
- Update EMBA VERSION.txt by @github-actions in #1032
- l10 bug fixes by @m-1-k-3 in #1040
- Remove printing of every single log file which could take a very long… by @floyd-fuh in #1042
- Multiple little fixes - make s15 work again by @m-1-k-3 in #1045
- Perl analysis with zarn by @m-1-k-3 in #1047
- fix install workflow by @m-1-k-3 in #1052
- identifying BMC AST2400 by @HoxhaEndri in #1004
- Docker image update check by @m-1-k-3 in #1053
- fix version check by @m-1-k-3 in #1055
- Help output cleanup by @m-1-k-3 in #1056
- Improve module_title log by @m-1-k-3 in #1057
- S15 - improve variable handling by @m-1-k-3 in #1059
- Update kali issue template by @m-1-k-3 in #1060
- warning if unthreaded by @m-1-k-3 in #1068
- help update by @m-1-k-3 in #1069
- version fix by @m-1-k-3 in #1071
- bump version by @m-1-k-3 in #1072
New Contributors
- @413x8 made their first contribution in #931
- @mj138 made their first contribution in #939
- @jblu42 made their first contribution in #987
- @floyd-fuh made their first contribution in #1030
Full Changelog: 1.3.0-AI-for-EMBA...1.4.0-ICS-testing-edt