Skip to content

Commit

Permalink
simplify s08 array
Browse files Browse the repository at this point in the history
  • Loading branch information
@BenediktMKuehne
BenediktMKuehne committed Feb 26, 2025
1 parent 97170be commit 74c89ae
Show file tree
Hide file tree
Showing 3 changed files with 172 additions and 204 deletions.
182 changes: 172 additions & 10 deletions helpers/helpers_emba_defaults.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,16 +19,178 @@


set_defaults() {
# read and export all vars in .env
if [[ -f "${INVOCATION_PATH}/config/.env" ]]; then
# readin .env
set -a # automatically export all variables
# shellcheck source=/dev/null
source "${INVOCATION_PATH}/config/.env"
set +a
else
echo -e "${RED}"" Missing ""${INVOCATION_PATH}/config/.env"" - check your installation""${NC}"
fi
{
# if this is a release version set RELEASE to 1, add a banner to config/banner and name the banner with the version details
echo "RELEASE=0"
echo "EMBA_VERSION=1.5.1"
echo "CLEANED=0" # used for the final cleaner function for not running it multiple times
echo "STRICT_MODE=${STRICT_MODE:-0}"
echo "DEBUG_SCRIPT=${DEBUG_SCRIPT:-0}"
echo "UPDATE=${UPDATE:-0}"
echo "ARCH_CHECK=${ARCH_CHECK:-1}"
echo "RTOS=${RTOS:-1}" # Testing RTOS based OS - 1 -> no Linux / 0 -> Linux
echo "BINARY_EXTENDED=${BINARY_EXTENDED:-0}"
echo "MAX_EXT_CHECK_BINS=${MAX_EXT_CHECK_BINS:-20}"
echo "CONTAINER_EXTRACT=${CONTAINER_EXTRACT:-0}"
echo "DISABLE_DEEP=${DISABLE_DEEP:-0}"
echo "DEEP_EXT_DEPTH=${DEEP_EXT_DEPTH:-4}"
echo "FACT_EXTRACTOR=${FACT_EXTRACTOR:-0}"
echo "FIRMWARE=${FIRMWARE:-0}"
echo "FORCE=${FORCE:-0}"
echo "FORMAT_LOG=${FORMAT_LOG:-0}"
echo "HTML=${HTML:-0}"
echo "IN_DOCKER=${IN_DOCKER:-0}"
echo "USE_DOCKER=${USE_DOCKER:-1}"
echo "KERNEL=${KERNEL:-0}"
echo "KERNEL_CONFIG=${KERNEL_CONFIG:-''}"
echo "FIRMWARE_PATH=${FIRMWARE_PATH:-''}"
echo "FIRMWARE_PATH1=${FIRMWARE_PATH1:-''}"
echo "DIFF_MODE=${DIFF_MODE:-0}"
echo "FW_VENDOR=${FW_VENDOR:-''}"
echo "FW_VERSION=${FW_VERSION:-''}"
echo "FW_DEVICE=${FW_DEVICE:-''}"
echo "FW_NOTES=${FW_NOTES:-''}"
echo "ARCH=${ARCH:-''}"
echo "EFI_ARCH=${EFI_ARCH:-''}"
echo "EXLUDE=${EXLUDE:-()}"
echo "SELECT_MODULES=${SELECT_MODULES:-()}"
echo "MODULES_EXPORTED=${MODULES_EXPORTED:-()}"
echo "MD5_DONE_DEEP=${MD5_DONE_DEEP:-()}" # for tracking the extracted files in deep extractor
echo "ROOT_PATH=${ROOT_PATH:-()}"
echo "FILE_ARR=${FILE_ARR:-()}"
echo "MAX_MODS=${MAX_MODS:-0}"
echo "MAX_MOD_THREADS=${MAX_MOD_THREADS:-0}"
echo "RESTART=${RESTART:-0}" # if we find an unfinished EMBA scan we try to only process not finished modules
echo "FINAL_FW_RM=${FINAL_FW_RM:-0}" # remove the firmware working copy after testing (do not waste too much disk space)
echo "ONLY_DEP=${ONLY_DEP:-0}" # test only dependency
echo "PHP_CHECK=${PHP_CHECK:-1}"
echo "PRE_CHECK=${PRE_CHECK:-0}" # test and extract binary files with binwalk afterwards do a default EMBA scan
echo "SKIP_PRE_CHECKERS=${SKIP_PRE_CHECKERS:-0}" # we can set this to 1 to skip all further pre-checkers (WARNING: use this with caution!!!)
echo "PYTHON_CHECK=${PYTHON_CHECK:-1}"
# enable L10_DEBUG_MODE in scan profile or default config for further debugging capabilities:
# * create_emulation_archive for all attempts
# * do not stop after 2 detected network services
echo "L10_DEBUG_MODE=${L10_DEBUG_MODE:-0}"
echo "FULL_EMULATION=${FULL_EMULATION:-0}" # full system emulation - set it via command line parameter -Q
echo "QEMULATION=${QEMULATION:-0}" # user-mode emulation - set it via command line parameter -E
# some processes are running long and logging a lot
# to protect the host we are going to kill them on a QEMU_KILL_SIZE limit
echo "QEMU_KILL_SIZE=${QEMU_KILL_SIZE:-'10M'}"
echo "L10_KERNEL_V_LONG=${L10_KERNEL_V_LONG:-'4.1.52'}"
echo "L10_BB_VER=${L10_BB_VER:-'1.36.1'}"
# with this variable we can control the behavior of s16 and s120 -> 0 is default an tests only
# non Linux binaries (binaries not listed in config/linux_common_files.txt. 1 means we test every
# binary which results in long runtimes
echo "FULL_TEST=${FULL_TEST:-0}"
# to get rid of all the running stuff we are going to kill it after RUNTIME
echo "QRUNTIME=${QRUNTIME:-'20s'}"
echo "SHELLCHECK=${SHELLCHECK:-1}"
echo "QUEST_CONTAINER=${QUEST_CONTAINER:-''}"
echo "GPT_OPTION=${GPT_OPTION:-0}" # 0 -> off 1-> unpayed plan 2 -> no rate-limit
echo "GPT_QUESTION=${GPT_QUESTION:-'For the following code I need you to tell me how an attacker could exploit it and point out all vulnerabilities:'}"
echo "MINIMUM_GPT_PRIO=${MINIMUM_GPT_PRIO:-1}" # everything above this value gets checked
echo "SHORT_PATH=${SHORT_PATH:-0}" # short paths in cli output
echo "THREADED=${THREADED:-1}" # 0 -> single thread, 1 -> multi threaded
echo "YARA=${YARA:-0}" # default: disable yara tests
echo "OVERWRITE_LOG=${OVERWRITE_LOG:-0}" # automaticially overwrite log directory, if necessary
echo "MAX_EXT_SPACE=${MAX_EXT_SPACE:-110000}" # ensure we do not stop on extraction. If you are running into disk space issues you can adjust this variable
# Important directories
LOG_DIR="${INVOCATION_PATH:=.}/logs" # !set innvocation path if unset
echo "LOG_DIR=${LOG_DIR}"
# echo "ERROR_LOG=${LOG_DIR}/emba_error.log"
echo "TMP_DIR=${LOG_DIR}/tmp"
echo "CSV_DIR=${LOG_DIR}/csv_log"
echo "JSON_DIR=${LOG_DIR}/json_logs"
echo "MAIN_LOG_FILE=${MAIN_LOG_FILE:-'emba.log'}"
CONFIG_DIR="${INVOCATION_PATH}/config"
echo "CONFIG_DIR=${CONFIG_DIR}"
EXT_DIR="${INVOCATION_PATH}/external"
echo "EXT_DIR=${EXT_DIR}"
HELP_DIR="${INVOCATION_PATH}/helpers"
echo "HELP_DIR=${HELP_DIR}"
echo "MOD_DIR=${INVOCATION_PATH:-''}/modules"
echo "MOD_DIR_LOCAL=${INVOCATION_PATH:-''}/EMBA-Non-free/modules_local"
echo "PID_LOGGING=${PID_LOGGING:-0}"
# this will be in TMP_DIR/pid_notes.log
echo "PID_LOG_FILE=${PID_LOG_FILE:-'pid_notes.log'}"
echo "BASE_LINUX_FILES=${INVOCATION_PATH:-''}/config/linux_common_files.txt"
if [[ -f "${CONFIG_DIR}/known_exploited_vulnerabilities.csv" ]]; then
echo "KNOWN_EXP_CSV=${CONFIG_DIR}/known_exploited_vulnerabilities.csv"
fi
if [[ -f "${CONFIG_DIR}/msf_cve-db.txt" ]]; then
echo "MSF_DB_PATH=${CONFIG_DIR}/msf_cve-db.txt"
fi
echo "MSF_INSTALL_PATH=${MSF_INSTALL_PATH:-'/usr/share/metasploit-framework'}"
if [[ -f "${CONFIG_DIR}/trickest_cve-db.txt" ]]; then
echo "TRICKEST_DB_PATH=${CONFIG_DIR}/trickest_cve-db.txt"
fi
echo "GTFO_CFG=${CONFIG_DIR}/gtfobins_urls.cfg" # gtfo urls
echo "SILENT=${SILENT:-0}"
echo "DISABLE_STATUS_BAR=${DISABLE_STATUS_BAR:-1}"
# as we encounter issues with the status bar on other system we disable it for non Kali systems
if [[ -f "/etc/debian_version" ]] && grep -q kali-rolling /etc/debian_version; then
echo "DISABLE_NOTIFICATIONS=${DISABLE_NOTIFICATIONS:-0}" # disable notifications and further desktop experience
else
echo "DISABLE_NOTIFICATIONS=${DISABLE_NOTIFICATIONS:-1}" # disable notifications and further desktop experience
fi
echo "NOTIFICATION_ID=${NOTIFICATION_ID:-0}" # initial notification id - needed for notification overlay/replacement
echo "EMBA_ICON=${HELP_DIR}/emba.svg"
echo "WSL=${WSL:-0}" # wsl environment detected
echo "UNBLOB=${UNBLOB:-1}" # additional extraction with unblob - https://github.com/onekey-sec/unblob
# currently the extracted results are not further used. The current implementation
# is for evaluation purposes
echo "CVE_BLACKLIST=${CONFIG_DIR}/cve-blacklist.txt" # include the blacklisted CVE values to this file
echo "CVE_WHITELIST=${CONFIG_DIR}/cve-whitelist.txt" # include the whitelisted CVE values to this file
echo "NVD_DIR=${EXT_DIR}/nvd-json-data-feeds"
echo "EPSS_DATA_PATH=${EXT_DIR}/EPSS-data/EPSS_CVE_data"
if [[ -f "${CONFIG_DIR}/module_blacklist.txt" ]]; then
readarray -t MODULE_BLACKLIST < "${CONFIG_DIR}/module_blacklist.txt"
echo "MODULE_BLACKLIST=${MODULE_BLACKLIST:-()}"
fi
# usually no memory limit is needed, but some modules/tools are wild and we need to protect our system
echo "TOTAL_MEMORY=$(grep MemTotal /proc/meminfo | awk '{print $2}' || true)"
echo "Q_MOD_PID=${Q_MOD_PID:-''}"
echo "UEFI_VERIFIED=${UEFI_VERIFIED:-0}"
echo "MAIN_CONTAINER=${MAIN_CONTAINER:-''}"
echo "QUEST_CONTAINER=${QUEST_CONTAINER:-''}"
echo "DISABLE_DOTS=${DISABLE_DOTS:-0}" # set to 1 to disable dotting for showing EMBA is alive
echo "CPE_VERSION=${CPE_VERSION:-'2.3'}"
# we limit the maximal file log of our SBOM -> change this in the scanning profile
echo "SBOM_MAX_FILE_LOG=${SBOM_MAX_FILE_LOG:-200}"
echo "SBOM_MINIMAL=${SBOM_MINIMAL:-0}"
echo "SBOM_UNTRACKED_FILES=${SBOM_UNTRACKED_FILES:-1}"
echo "VEX_METRICS=${VEX_METRICS:-1}"
# usually we test firmware that is already out in the field
# if this changes this option can be adjusted in the scanning profile
echo "SBOM_LIFECYCLE_PHASE=${SBOM_LIFECYCLE_PHASE:-'operations'}"
# we can enable/disable the s08 submodules with the following array configuration
# -> just comment the submodule that should not be used
# usually this should be done via a scan-profile
echo "S08_MODULES_ARR=( "\
'S08_submodule_debian_pkg_mgmt_parser '\
'S08_submodule_deb_package_parser '\
'S08_submodule_openwrt_pkg_mgmt_parser '\
'S08_submodule_openwrt_ipk_package_parser '\
'S08_submodule_rpm_pkg_mgmt_parser '\
'S08_submodule_rpm_package_parser '\
'S08_submodule_bsd_package_parser '\
'S08_submodule_python_pip_package_mgmt_parser '\
'S08_submodule_python_requirements_parser '\
'S08_submodule_python_poetry_lock_parser '\
'S08_submodule_java_archives_parser '\
'S08_submodule_ruby_gem_archive_parser '\
'S08_submodule_alpine_apk_package_parser '\
'S08_submodule_windows_exifparser '\
'S08_submodule_rust_cargo_lock_parser '\
'S08_submodule_node_js_package_lock_parser '\
'S08_submodule_c_conanfile_txt_parser '\
")"
} > "${INVOCATION_PATH}/config/.env" 2>/dev/null # store that into env file
# readin .env
set -a # automatically export all variables
# shellcheck source=/dev/null
source "${INVOCATION_PATH}/config/.env"
set +a
}

set_log_paths() {
Expand Down
1 change: 0 additions & 1 deletion installer.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -343,7 +343,6 @@ fi

# initial installation of the host environment:
I01_default_apps_host
I01_default_vars # writes config/.env

if [[ "${OTHER_OS}" -eq 1 ]]; then
# UBUNTU
Expand Down
Loading

0 comments on commit 74c89ae

Please sign in to comment.