[+] Final aggregator
[+] Tested firmware: /home/genesis/firmwaretest/A1610_11_6_16_1.bin
[+] EMBA start command: ./emba -l ../A1618 -f ../A1610_11_6_16_1.bin -p ./scan-profiles/default-scan.emba
[+] Detected architecture and endianness (verified): ARM / EL
[+] Operating system detected (verified): Linux / v5.10.52
[+] 3378 files and 767 directories detected.
[+] Entropy analysis of binary firmware is: 7.996846 bits per byte.
[+] Entropy analysis of binary firmware is available: /logs/firmware_entropy.png
[+] Found 1102 issues in 182 shell scripts.
[+] Found 47 successful emulated processes (user mode emulation).
[+] Verified 27 kernel vulnerabilities (kernel symbols).
[+] Found the following configuration issues:
Found 9 password related details via STACS.
Found 13 outdated certificates in 140 certificates.
Found 110 kernel modules with 0 licensing issues.
Found 0 interesting files and 2 files that could be useful for post-exploitation.
[+] Found 116 (11%) binaries without enabled RELRO in 1071 binaries.
[+] Found 113 (11%) binaries without enabled NX in 1071 binaries.
[+] Found 4 (0%) binaries without enabled PIE in 1071 binaries.
[+] Found 960 (90%) stripped binaries without symbols in 1071 binaries.
[+] Found 214 usages of strcpy in 1071 binaries.
[+] STRCPY - top 10 results:
34 : zabbix_agentd : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
23 : libpaho-mqtt3a. : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
15 : libpaho-mqtt3c. : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
14 : fwmgr : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
12 : libc.so.6 : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
9 : httpd : common linux file: yes | RELRO | Canary | NX enabled | No Symbols | No Networking |
7 : libncurses.so.5 : common linux file: yes | RELRO | Canary | NX enabled | No Symbols | No Networking |
5 : xfrm_user.ko : common linux file: yes | No RELRO | Canary | NX disabled | Symbols | No Networking |
5 : libsoup-2.4.so. : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
5 : ip_vs.ko : common linux file: yes | No RELRO | Canary | NX disabled | Symbols | No Networking |
[+] SYSTEM - top 10 results:
588 : mqtt-messaging- : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
51 : libnbixweb-api- : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
32 : monolith : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
27 : zabbix_agentd : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
27 : ws-datastreamin : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
27 : kmod : common linux file: yes | RELRO | Canary | NX enabled | No Symbols | No Networking |
20 : libpacsio-api.s : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
15 : libpinchart-api : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
14 : netd_migrate : common linux file: no | RELRO | Canary | NX enabled | No Symbols | No Networking |
13 : mod_systemd.so : common linux file: yes | RELRO | Canary | NX enabled | No Symbols | No Networking |
[*] Identified the following software inventory, vulnerabilities and exploits:
[+] Found version details: busybox : 1.35.0 : CVEs: 2 : Exploits: 2 : Source: STAT/UEMU
[+] Found version details: chrony : 4.3 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: curl : 8.1.0 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: mosquitto : 2.0.15 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: e2fsprogs : 1.46.5 : CVEs: 1 : Exploits: 1 : Source: STAT/UEMU
[+] Found version details: dbus : 1.14.6 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: ethtool : 5.19 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: glibc : 2.36 : CVEs: 1 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: dbus : 1 : CVEs: 7 : Exploits: 3 : Source: STAT/UEMU
[+] Found version details: expat : 2.5.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: ncurses : 6.3.20220423 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: sed : 4.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: gnutls : 3.7.8 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: gsoap : 2.7 : CVEs: 2 : Exploits: 0 : Source: STAT
[+] Found version details: gnupg : 1.4.7 : CVEs: 14 : Exploits: 8 : Source: UEMU
[+] Found version details: zip : 3.0 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: zipcloak : 3.0 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: iproute2 : 5.19.0 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: zipnote : 3.0 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: kmod : 30 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: libarchive : 3.6.2 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: libcurl : 8.1.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: libsoup : 2.74.2 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: lldpd : 1.0.15 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: logrotate : 3.20.1 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: lsattr : 1.46.5 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: net-snmp : 5.9.3 : CVEs: 2 : Exploits: 2 : Source: UEMU
[+] Found version details: nettle : 3.8.1 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: openssh : 9.0p1 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: openssl : 1.1.1u : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: opkg : 0.6.1 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: pcre : 1.2.13 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: sysstat : 12.6.1 : CVEs: 1 : Exploits: 0 : Source: UEMU
[+] Found version details: openssl : 1.1.1 : CVEs: 29 : Exploits: 28 : Source: STAT/UEMU
[+] Found version details: systemd : 251 : CVEs: 3 : Exploits: 2 : Source: UEMU
[+] Found version details: udhcp : 1.35.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: util-linux : 2.38.1 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: wpa_supplicant : 2.10 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: zlib : 1.2.13 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: kernel : 5.10.52 : CVEs: 432 (27) : Exploits: 91 : Source: STAT
[+] Identified 40 software components with version details.
[+] Identified 494 CVE entries.
Identified 208 High rated CVE entries / Exploits: 76
Identified 268 Medium rated CVE entries / Exploits: 56
Identified 18 Low rated CVE entries /Exploits: 4
136 possible exploits available (4 Metasploit modules).
Remote exploits: 0 / Local exploits: 7 / DoS exploits: 2 / Github PoCs: 129 / Known exploited vulnerabilities: 3 / Verified Exploits: 0