[+] Final aggregator
[+] Tested firmware: /home/genesis/firmwaretest/A1610_10_12_172_1.bin
[+] EMBA start command: ./emba -l ../A1618VAPIX -f ../A1610_10_12_172_1.bin -p ./scan-profiles/default-scan.emba -y
[+] Detected architecture and endianness (verified): ARM / EL
[+] Operating system detected (verified): Linux / v5.10.52
[+] 4887 files and 775 directories detected.
[+] Entropy analysis of binary firmware is: 7.997770 bits per byte.
[+] Entropy analysis of binary firmware is available: /logs/firmware_entropy.png
[+] Found 1109 issues in 181 shell scripts.
[+] Found 56 successful emulated processes (user mode emulation).
[+] Verified 27 kernel vulnerabilities (kernel symbols).
[+] Found the following configuration issues:
Found 9 password related details via STACS.
Found 11 outdated certificates in 138 certificates.
Found 115 kernel modules with 0 licensing issues.
Found 0 interesting files and 3 files that could be useful for post-exploitation.
[+] Found 117 (13%) binaries without enabled RELRO in 904 binaries.
[+] Found 117 (13%) binaries without enabled NX in 904 binaries.
[+] Found 789 (87%) stripped binaries without symbols in 904 binaries.
[+] Found 424 usages of strcpy in 904 binaries.
[+] STRCPY - top 10 results:
115 : pacsd : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
95 : systemctl : common linux file: yes | RELRO | Canary | NX enabled | No Symbols | No Networking |
33 : zabbix_agentd : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
23 : libpaho-mqtt3a. : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
22 : libupnp.so.17.1 : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
15 : libpaho-mqtt3c. : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
12 : libc.so.6 : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
9 : libimpl_wsd_tds : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
6 : fwmgr : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
5 : xfrm_user.ko : common linux file: yes | No RELRO | Canary | NX disabled | Symbols | No Networking |
[+] SYSTEM - top 10 results:
71 : pzstd : common linux file: yes | RELRO | Canary | NX enabled | No Symbols | No Networking |
51 : kmod : common linux file: yes | RELRO | Canary | NX enabled | No Symbols | No Networking |
27 : zabbix_agentd : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
27 : ws-datastreamin : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
19 : netd_migrate : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
15 : api-discovery : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
13 : mod_systemd.so : common linux file: yes | RELRO | Canary | NX enabled | No Symbols | No Networking |
8 : libhttp_auth.so : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
7 : libsdjournal.so : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
6 : libgio-2.0.so.0 : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
[*] Identified the following software inventory, vulnerabilities and exploits:
[+] Found version details: busybox : 1.34.1 : CVEs: 1 : Exploits: 1 : Source: STAT/UEMU
[+] Found version details: e2fsprogs : 1.46.4 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: mosquitto : 2.0.13 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: curl : 8.0.1 : CVEs: 4 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: bc : 3 : CVEs: 7 : Exploits: 0 : Source: STAT
[+] Found version details: ethtool : 5.13 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: dbus : 1.12.20 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: expat : 2.4.7 : CVEs: 2 : Exploits: 2 : Source: STAT
[+] Found version details: glibc : 2.34 : CVEs: 5 : Exploits: 2 : Source: STAT/UEMU
[+] Found version details: sed : 4.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: gsoap : 2.7 : CVEs: 2 : Exploits: 0 : Source: STAT
[+] Found version details: zip : 3.0 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: zipcloak : 3.0 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: zipnote : 3.0 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: gnupg : 1.4.7 : CVEs: 14 : Exploits: 8 : Source: UEMU
[+] Found version details: kmod : 29 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: iproute2 : 5.13.0 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: libcurl : 8.0.1 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: libarchive : 3.5.3 : CVEs: 2 : Exploits: 1 : Source: STAT/UEMU
[+] Found version details: libsoup : 2.72.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: logrotate : 3.18.1 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: lldpd : 1.0.8 : CVEs: 1 : Exploits: 0 : Source: UEMU
[+] Found version details: lsattr : 1.46.4 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: mtd-utils : 2.1.3 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: net-snmp : 5.9.1 : CVEs: 2 : Exploits: 2 : Source: UEMU
[+] Found version details: openssh : 8.7p1 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: openssl : 1.1.1t : CVEs: 4 : Exploits: 3 : Source: STAT/UEMU
[+] Found version details: opkg : 0.4.5 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: pcre : 1.2.13 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: sysstat : 12.4.3 : CVEs: 2 : Exploits: 0 : Source: UEMU
[+] Found version details: openssl : 1.1.1 : CVEs: 29 : Exploits: 28 : Source: STAT/UEMU
[+] Found version details: udhcp : 1.34.1 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: util-linux : 2.37.4 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: systemd : 249 : CVEs: 4 : Exploits: 4 : Source: UEMU
[+] Found version details: wpa_supplicant : 2.10 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: zlib : 1.2.12 : CVEs: 1 : Exploits: 1 : Source: STAT
[+] Found version details: kernel : 5.10.52 : CVEs: 432 (27) : Exploits: 91 : Source: STAT
[+] Identified 37 software components with version details.
[+] Identified 512 CVE entries.
Identified 225 High rated CVE entries / Exploits: 81
Identified 271 Medium rated CVE entries / Exploits: 58
Identified 16 Low rated CVE entries /Exploits: 3
142 possible exploits available (4 Metasploit modules).
Remote exploits: 0 / Local exploits: 8 / DoS exploits: 1 / Github PoCs: 135 / Known exploited vulnerabilities: 3 / Verified Exploits: 0