Releases: e-m-b-a/emba
EMBA v1.2.1
Beside a huge number of bug fixes this release introduces multiple new features. You are invited to celebrate the new EMBA version with us.
Spread the word and secure the Internet of Things with EMBA!
As usual we have fixed a huge number of little bugs everywhere within EMBA. Beside these fixes we also introduced the following highlights:
- Renamed emba.sh to emba
- Packetstorm as PoC/Exploit source for matching the SBOM against (see #434)
- Snyk as PoC/Exploit source for matching the SBOM against (see #434)
- Kernel vulnerability verification via Symbols and kernel compilation (see #451 and https://arxiv.org/pdf/2209.05217.pdf)
- Hexagon support (see #395 and #467)
- Allow for kernel config tests only with the EMBA parameter
-k
- Multiple system-mode emulation improvements (improved emulation rate, improved service startups, better stop handling, ...)
- Kali Linux 2022.4 is fully supported and the docker image is updated to the current Kali release
Beside your ongoing support with feedback, testing, working on issues and spreading EMBA you can now become a sponsor.
Check it out here and start being an essential part of the future of EMBA
What's Changed
- Exit of add_partition in L10 by @m-1-k-3 in #430
- log dir on dep check by @m-1-k-3 in #428
- Nikto dep fix by @m-1-k-3 in #429
- cwe-checker install latest master by @m-1-k-3 in #431
- Further trickest blacklist entries by @m-1-k-3 in #432
- Freetzng-fix by @BenediktMKuehne in #433
- update sub-shell pwd fix by @BenediktMKuehne in #435
- Add Packetstorm and Snyk PoC sources by @m-1-k-3 in #434
- Full install fixes by @m-1-k-3 in #436
- s115 - empty log handling by @m-1-k-3 in #438
- Minimal cve-search installation / Dependency issues by @m-1-k-3 in #442
- blacklist update by @m-1-k-3 in #441
- Introducing module_wait helper function by @m-1-k-3 in #439
- Fix dependencies by @m-1-k-3 in #445
- Code cleanup - comments by @m-1-k-3 in #446
- Copyright updates 2023 by @m-1-k-3 in #447
- Kernel downloader and vulnerability verifier by @m-1-k-3 in #451
- cron job fix by @m-1-k-3 in #453
- L10 improvements, more services by @m-1-k-3 in #454
- Kernel config analysis by @m-1-k-3 in #455
- Update the known exploit behaviour by @m-1-k-3 in #458
- example disable profile by @m-1-k-3 in #457
- Refactoring by @m-1-k-3 in #462
- exploit databases updated by @m-1-k-3 in #466
- S12 - checksec implementation fix by @m-1-k-3 in #463
- Improve stop of system emulation by @m-1-k-3 in #465
- Hexagon support by @m-1-k-3 in #467
Full Changelog: 1.2.0-London-Calling...1.2.1
EMBA v1.2.0 - London Calling
Beside bug fixes this release introduces many new features. You are invited to celebrate the new EMBA version with us.
Spread the word and secure the Internet of Things with EMBA!
Since version 1.1.0 we introduced several new features and a lot of improved areas:
- New architecture support for system-mode emulation (ARM64, MIPS64, x86)
- New Metasploit integration into system-mode emulation
- New Kernel config identification, extraction and testing
- New extraction module for Qemu QCOW2 firmware
- Improved Unblob integration
- Improved UEFI extraction and analysis
- Improved RTOS analysis
- New module blacklisting feature
- Zyxel extraction module
- Improved rootfs detection
What's Changed in detail
- Shadow file detection, mipsn32 in user mode emulation, fixes by @m-1-k-3 in #285
- Fix notification system on Ubuntu installation by @m-1-k-3 in #286
- FwHunt, CWE-Checker, Cyclone SBOM, Bug fixes, kernel-to-elf by @m-1-k-3 in #291
- Improve cwe-checker integration by @m-1-k-3 in #292
- v1.1.1 by @m-1-k-3 in #293
- fix for installer.sh failing with non-english locale by @nuschpl in #296
- Limit check to modules directory by @p4cx in #300
- NIOS2 architecture, Unblob eval, restart scan, semgrep, ... by @m-1-k-3 in #306
- Installer updates by @m-1-k-3 in #312
- Grepit and semgrep improvements by @m-1-k-3 in #311
- Sanitizing environment by @m-1-k-3 in #314
- Cleanup: Tabs vs spaces by @m-1-k-3 in #323
- Routersploit state fix by @m-1-k-3 in #322
- CWE check output bug by @m-1-k-3 in #320
- Replace chroot with jchroot by @m-1-k-3 in #313
- Semgrep integration into S20 module by @m-1-k-3 in #321
- Module blacklisting by @m-1-k-3 in #317
- semgrep fixes for status bar by @m-1-k-3 in #315
- Zyxel extract module by @m-1-k-3 in #316
- zyxel cleanup for usg310 by @m-1-k-3 in #325
- Respect docker group - no sudo by @m-1-k-3 in #324
- Deep extractor improvements by @m-1-k-3 in #326
- Beware of memory issues by @m-1-k-3 in #328
- 1.1.2 cleanup by @m-1-k-3 in #329
- Version 1.1.2 by @m-1-k-3 in #333
- Restart of directory based firmware not possible by @m-1-k-3 in #337
- Remove grepit 0 results by @m-1-k-3 in #339
- Little fixes (S06, S03, S109) by @m-1-k-3 in #340
- cleanup, P03 removed by @m-1-k-3 in #344
- fix php iniscan by @m-1-k-3 in #343
- RTOS analysis improvements by @m-1-k-3 in #341
- restore bindip instead of delete file by @BenediktMKuehne in #346
- pip install for requests by @m-1-k-3 in #351
- docker-compose version check by @m-1-k-3 in #347
- shellcheck disable cleanup by @m-1-k-3 in #349
- Kernel config search and check by @m-1-k-3 in #348
- Dependency checker includes the container by @m-1-k-3 in #352
- SECURITY.md by @m-1-k-3 in #354
- Create semgrep.yml by @m-1-k-3 in #355
- Create codacy.yml by @m-1-k-3 in #358
- Metasploit system emulation integration by @m-1-k-3 in #357
- Multiple style fixes by @m-1-k-3 in #359
- Linting by @m-1-k-3 in #360
- fix fail if already satisfied by @BenediktMKuehne in #361
- Print function fix by @m-1-k-3 in #363
- Kernel config extraction in S24 by @m-1-k-3 in #364
- Cleanup round by @m-1-k-3 in #365
- EMBA v1.1.3 by @m-1-k-3 in #366
- exit code fix by @m-1-k-3 in #373
- lzo - ubi extractor fix by @m-1-k-3 in #381
- Prepare support for further architectures by @m-1-k-3 in #380
- typo by @m-1-k-3 in #384
- Check disk space for installation by @m-1-k-3 in #385
- New Kernels for system emulation, qcow extractor by @m-1-k-3 in #396
- installer - missed this by @m-1-k-3 in #397
- Add rootfs detection by path of /bin/sh by @jlucius in #394
- Qualcom DSP6 - basic support by @m-1-k-3 in #399
- Installer fix by @m-1-k-3 in #401
- nikto install fix by @m-1-k-3 in #398
- Better UEFI extractor by @BenediktMKuehne in #374
- Make installer.sh executeable again by @jlucius in #403
- ARM64 support by @m-1-k-3 in #402
- Check project updates by @m-1-k-3 in #406
- Improve CSV export of s24 by @m-1-k-3 in #408
- Trickest blacklist by @m-1-k-3 in #411
- log color, init sort, web reporter by @m-1-k-3 in #412
- Add CVE Trickest Blacklist by @jlucius in #413
- User-mode emulator fixes by @m-1-k-3 in #414
- Remove wget log during installation by @m-1-k-3 in #416
- s115 jchroot bypass by @m-1-k-3 in #417
- Sasquatch split binwalk vs unblob by @m-1-k-3 in #418
- Unblob it in case binwalk fails by @m-1-k-3 in #421
- Exit on sasquatch dependency error by @m-1-k-3 in #420
- P61 tree output fix by @m-1-k-3 in #422
- l10 vlan infos by @m-1-k-3 in #423
- v1.2.0 by @m-1-k-3 in #424
New Contributors
Full Changelog: 1.1.0-Las-Vegas-Edt...1.2.0-London-Calling
EMBA v1.1.3 - Metasploit Edt.
Highlights:
We included the awesome Metasploit Framework into EMBA's system emulation engine! Check this PR for further details including a link to a testing firmware for your smooth start.
What's Changed
- Restart of directory based firmware not possible by @m-1-k-3 in #337
- Remove grepit 0 results by @m-1-k-3 in #339
- Little fixes (S06, S03, S109) by @m-1-k-3 in #340
- cleanup, P03 removed by @m-1-k-3 in #344
- fix php iniscan by @m-1-k-3 in #343
- RTOS analysis improvements by @m-1-k-3 in #341
- restore bindip instead of delete file by @BenediktMKuehne in #346
- pip install for requests by @m-1-k-3 in #351
- docker-compose version check by @m-1-k-3 in #347
- shellcheck disable cleanup by @m-1-k-3 in #349
- Kernel config search and check by @m-1-k-3 in #348
- Dependency checker includes the container by @m-1-k-3 in #352
- SECURITY.md by @m-1-k-3 in #354
- Create semgrep.yml by @m-1-k-3 in #355
- Create codacy.yml by @m-1-k-3 in #358
- Metasploit system emulation integration by @m-1-k-3 in #357
- Multiple style fixes by @m-1-k-3 in #359
- Linting by @m-1-k-3 in #360
- fix fail if already satisfied by @BenediktMKuehne in #361
- Print function fix by @m-1-k-3 in #363
- Kernel config extraction in S24 by @m-1-k-3 in #364
- Cleanup round by @m-1-k-3 in #365
- EMBA v1.1.3 by @m-1-k-3 in #366
Full Changelog: 1.1.2-Knight-Rider-Edt...1.1.3-Metasploit-Edt
EMBA v1.1.2 - Knight Rider Edt.
Highlights:
Bonnie: I have a new feature integrated into K.I.T.T.
Michael: Give me more details
K.I.T.T.: With my new friend EMBA I am able to find the weak spot in every firmware.
40 years later ... K.I.T.T. is definitive able to analyze firmware with EMBA
Beside bug fixes this release introduces many new features. Since version 1.1.1 we introduced several new features and multiple improved areas:
- Thx to @nuschpl the Installer supports non-english systems (see #296)
- NIOS2 architecture support (see #306)
- Semgrep introduction into bash checking module S20 (see #321)
- Module, CVE blacklisting (see #305 and #317)
- Deep extractor improvements and module split (P59 and P60) (see #326)
- Zyxel extractor as P22 (see #316 and DC30 Slides)
- Respect docker user group (see #324)
- Initial unblob integration as evaluation module P61 (see #306)
What's Changed in more detail
- fix for installer.sh failing with non-english locale by @nuschpl in #296
- Limit check to modules directory by @p4cx in #300
- NIOS2 architecture, Unblob eval, restart scan, semgrep, ... by @m-1-k-3 in #306
- Installer updates by @m-1-k-3 in #312
- Grepit and semgrep improvements by @m-1-k-3 in #311
- Sanitizing environment by @m-1-k-3 in #314
- Cleanup: Tabs vs spaces by @m-1-k-3 in #323
- Routersploit state fix by @m-1-k-3 in #322
- CWE check output bug by @m-1-k-3 in #320
- Replace chroot with jchroot by @m-1-k-3 in #313
- Semgrep integration into S20 module by @m-1-k-3 in #321
- Module blacklisting by @m-1-k-3 in #317
- semgrep fixes for status bar by @m-1-k-3 in #315
- Zyxel extract module by @m-1-k-3 in #316
- zyxel cleanup for usg310 by @m-1-k-3 in #325
- Respect docker group - no sudo by @m-1-k-3 in #324
- Deep extractor improvements by @m-1-k-3 in #326
- Beware of memory issues by @m-1-k-3 in #328
- 1.1.2 cleanup by @m-1-k-3 in #329
- Version 1.1.2 by @m-1-k-3 in #333
New Contributors
Full Changelog: 1.1.1...1.1.2-Knight-Rider-Edt
EMBA v1.1.1 - UEFI analysis intro
Highlights:
Since version 1.1.0 we introduced several new features and multiple improved areas:
- Better shadow file and hash detection based on the feedback of jaylagorio
- mipsn32 support in user-mode emulation module (s115) based on the feedback of jaylagorio
- Experimental UEFI firmware support (p35 and s02) based on FwHunt / See wiki post
- Improved SBOM creation (f21) with Cyclonedx
- Improved kernel analysis via vmlinuz-to-elf (s24)
- Fixing (hopefully) and improving cwe-checker integration (see issue #290) (s120)
What's Changed
- Shadow file detection, mipsn32 in user mode emulation, fixes by @m-1-k-3 in #285
- Fix notification system on Ubuntu installation by @m-1-k-3 in #286
- FwHunt, CWE-Checker, Cyclone SBOM, Bug fixes, kernel-to-elf by @m-1-k-3 in #291
- Improve cwe-checker integration by @m-1-k-3 in #292
- v1.1.1 by @m-1-k-3 in #293
Full Changelog: 1.1.0-Las-Vegas-Edt...1.1.1
EMBA v1.1.0 - Las Vegas Edt.
Beside bug fixes this release introduces many new features and it was so much fun working on it. We think this release is very beautiful and we are really proud of it! You are invited to celebrate the new EMBA version with us.
Spread the word and secure the Internet of Things with EMBA!
Since version 1.0.0 we introduced several new features and a lot of improved areas:
- Complete reworked system-mode emulation environment can be enabled with the
-Q
switch (see also our wiki page) - New status bar can be enabled with
-B
option (see also #272) - Support of Ubuntu 22.04 LTS in default installation mode
- Experimental WSL support in default installation mode (see also #273)
- Massive speed improvements
- New testing modules (S08, S99, S109)
- New and improved extractor modules (P05, P20, P21)
- Removed modules (S30, S103)
- Possibility to overwrite auto-detected threading values (parameters -T and -P)
- Improved CSV logging
What's Changed
- Deep extraction of android ota update files by @m-1-k-3 in #246
- #247 and removed FACT by @m-1-k-3 in #248
- CSV logging by @m-1-k-3 in #250
- CRASS module of grepit by @m-1-k-3 in #251
- Add exception for s99 webreport by @p4cx in #252
- Multiple fixes (p05, p10, p60, s24, s99, installer) by @m-1-k-3 in #253
- Cleanup, S35 updates, P60 updates by @m-1-k-3 in #254
- versions, fritz extractor by @m-1-k-3 in #257
- f20 cleanup, installer fixes, s15 cleanup by @m-1-k-3 in #259
- Fix links in web report and new parameters by @p4cx in #261
- Foscam/Buffalo firmware decryption module / BigIP detection / Bug fixes by @m-1-k-3 in #262
- Buffallo decryptor by @m-1-k-3 in #265
- Yara search path fix by @m-1-k-3 in #266
- Refactoring, cleanup, jtr module, suid module by @m-1-k-3 in #268
- Os change by @BenediktMKuehne in #258
- Threading, notifications, CVSSv3 by @m-1-k-3 in #271
- Status bar by @p4cx in #272
- Experimental WSL support by @m-1-k-3 in #274
- Ubuntu-recommendations by @BenediktMKuehne in #279
- System emulation replacement for EMBA by @m-1-k-3 in #275
- Setup status bar option by @m-1-k-3 in #277
- Speed improvements for module s106 and s110 by @m-1-k-3 in #281
- Restore ownership by @BenediktMKuehne in #280
- Version 1.1.0 by @m-1-k-3 in #282
Full Changelog: 1.0.0-Singapore-Edt...1.1.0-Las-Vegas-Edt
EMBA v1.0.3
EMBA version 1.0.3 is available!
Beside bug fixes, this release introduces the following relevant changes:
- EMBA now also supports ubuntu:jammy (22.04 LTS) for default installation - w00t
- Final fixes of the web reporter
- New John the ripper password cracking module runs on hashes identified with STACS in s108
- Gtfobins integration in SUID detection (module s40)
- Massive speed improvements for module s13 and s14
What's Changed
- Refactoring, cleanup, jtr module, suid module by @m-1-k-3 and @p4cx in #268
- Ubuntu support by @BenediktMKuehne in #258
Full Changelog: 1.0.2...1.0.3
EMBA v1.0.2
EMBA version 1.0.2 is available!
Beside bug fixes, this release introduces the following relevant changes:
- Foscam firmware decryption module
- Buffalo firmware decryption module
- Multiple fixes in web report generator
- New options: -y overwrite log dir automatically, -j ignore cve-search check
What's Changed in more detail:
- Cleanup, S35 updates, P60 updates by @m-1-k-3 in #254
- Versions update, freetz-ng extractor by @m-1-k-3 in #257
- F20 cleanup, installer fixes, S15 cleanup by @m-1-k-3 in #259
- Fix links in web report and new parameters by @p4cx in #261
- Foscam/Buffalo firmware decryption module / BigIP detection / Bug fixes by @m-1-k-3 in #262
- Buffallo decryptor by @m-1-k-3 in #265
Full Changelog: 1.0.1...1.0.2
For bugs please open an issue.
EMBA v1.0.1
EMBA version 1.0.1 is available!
Beside bug fixes, this release introduces the following relevant changes:
- Removed FACT extractor
- Introduced S99-grepit module - see also https://github.com/floyd-fuh/crass/blob/master/grep-it.sh
- More CSV logging
What's Changed in more detail:
- Deep extraction of android ota update files by @m-1-k-3 in #246
- #247 and removed FACT by @m-1-k-3 in #248
- CSV logging by @m-1-k-3 in #250
- CRASS module of grepit by @m-1-k-3 in #251
- Add exception for s99 webreport by @p4cx in #252
- Multiple fixes (p05, p10, p60, s24, s99, installer) by @m-1-k-3 in #253
Full Changelog: 1.0.0-Singapore-Edt...1.0.1