[+] Final aggregator
[+] Tested firmware: /home/genesis/firmwaretest/P3375-LV_9_80_34.bin
[+] EMBA start command: ./emba -l ../log -f ../P3375-LV_9_80_34.bin -p ./scan-profiles/default-scan.emba
[+] Detected architecture and endianness (verified): MIPS / EL
[+] Operating system detected (verified): Linux / v4.9.206
[+] 3571 files and 793 directories detected.
[+] Entropy analysis of binary firmware is: 7.925573 bits per byte.
[+] Entropy analysis of binary firmware is available: /logs/firmware_entropy.png
[+] Found 1658 issues in 232 shell scripts.
[+] Found 90 successful emulated processes (user mode emulation).
[+] Verified 55 kernel vulnerabilities (kernel symbols).
[+] Found the following configuration issues:
Found 6 password related details via STACS.
Found 11 outdated certificates in 134 certificates.
Found 52 kernel modules with 1 licensing issues.
Found 0 interesting files and 3 files that could be useful for post-exploitation.
[+] Found 58 (6%) binaries without enabled RELRO in 1032 binaries.
[+] Found 1026 (99%) binaries without enabled NX in 1032 binaries.
[+] Found 18 (2%) binaries without enabled PIE in 1032 binaries.
[+] Found 980 (95%) stripped binaries without symbols in 1032 binaries.
[+] Found 658 usages of strcpy in 1032 binaries.
[+] STRCPY - top 10 results:
81 : libreadline.so. : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
53 : zip : common linux file: yes | No RELRO | Canary | NX disabled | No Symbols | No Networking |
41 : libsystemd-shar : common linux file: no | RELRO | Canary | NX disabled | No Symbols | Networking |
29 : libhistory.so.5 : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
19 : parhand : common linux file: no | RELRO | Canary | NX disabled | No Symbols | Networking |
19 : busybox.nosuid : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | Networking |
16 : libsoap.so : common linux file: no | RELRO | Canary | NX disabled | No Symbols | Networking |
15 : udevadm : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | Networking |
15 : libpaho-mqtt3as : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
15 : libpaho-mqtt3a. : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
[+] SYSTEM - top 10 results:
16 : dbus-daemon : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
12 : libfwmgr.so : common linux file: no | RELRO | Canary | NX disabled | No Symbols | Networking |
9 : dmonitord : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
6 : actionengined : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
4 : video-scene-man : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
3 : systemd : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | Networking |
3 : client.cgi : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
2 : vftpd : common linux file: no | RELRO | Canary | NX disabled | No Symbols | Networking |
2 : time-service : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
2 : tampering : common linux file: no | RELRO | Canary | NX disabled | No Symbols | Networking |
[*] Identified the following software inventory, vulnerabilities and exploits:
[+] Found version details: dosfstools : 2.11 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: alsa : 1.1.9 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: curl : 8.1.0 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: cryptsetup : 2.2.1 : CVEs: 1 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: busybox : 1.31.0 : CVEs: 12 : Exploits: 11 : Source: STAT/UEMU
[+] Found version details: dbus : 1.12.16 : CVEs: 1 : Exploits: 1 : Source: UEMU
[+] Found version details: ethtool : 5.2 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: e2fsprogs : 1.45.3 : CVEs: 2 : Exploits: 2 : Source: STAT/UEMU
[+] Found version details: expat : 2.2.8 : CVEs: 18 : Exploits: 14 : Source: STAT
[+] Found version details: glibc : 2.27 : CVEs: 24 : Exploits: 22 : Source: STAT
[+] Found version details: ncurses : 6.1.20190803 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: sed : 4.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: gnupg : 1.4.7 : CVEs: 14 : Exploits: 8 : Source: UEMU
[+] Found version details: gsoap : 2.7 : CVEs: 2 : Exploits: 0 : Source: STAT
[+] Found version details: zip : 3.0 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: kmod : 26 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: iproute2 : 170220 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: libarchive : 3.4.0 : CVEs: 6 : Exploits: 1 : Source: STAT/UEMU
[+] Found version details: libcurl : 8.1.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: libgcrypt : 1.8.4 : CVEs: 3 : Exploits: 3 : Source: STAT
[+] Found version details: libpng : 1.6.37 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: lldpd : 1.0.3 : CVEs: 2 : Exploits: 0 : Source: UEMU
[+] Found version details: logrotate : 3.15.1 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: lsattr : 1.45.3 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: lsof : 4.91 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: mkdosfs : 2.11 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: openssh : 8.6p1 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: openssl : 1.1.1u : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: opkg : 0.4.1 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: pcre : 1.2.11 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: start-stop-daemon : 1.19.7 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: sysstat : 12.1.6 : CVEs: 3 : Exploits: 0 : Source: UEMU
[+] Found version details: systemd : 243 : CVEs: 7 : Exploits: 7 : Source: UEMU
[+] Found version details: udhcp : 1.31.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: util-linux : 2.34 : CVEs: 4 : Exploits: 4 : Source: STAT/UEMU
[+] Found version details: veritysetup : 2.2.1 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: wpa_supplicant : 2.10 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: zlib : 1.2.12 : CVEs: 1 : Exploits: 1 : Source: STAT
[+] Found version details: kernel : 4.9.206 : CVEs: 916 (55) : Exploits: 161 : Source: STAT
[+] Identified 39 software components with version details.
[+] Identified 1016 CVE entries.
Identified 339 High rated CVE entries / Exploits: 126
Identified 640 Medium rated CVE entries / Exploits: 103
Identified 37 Low rated CVE entries /Exploits: 4
233 possible exploits available (4 Metasploit modules).
Remote exploits: 0 / Local exploits: 7 / DoS exploits: 4 / Github PoCs: 217 / Known exploited vulnerabilities: 1 / Verified Exploits: 0