[+] Check binaries for weak functions (radare mode)
This module identifies the usage of critical binary functions in firmware via radare2.
Examples of binary functions are system, strcpy, printf and strcat. These functions are configured in the configuration
file config/functions.cfg. The module counts the usages per binary. For strcpy functions it also counts strlen functions
right before the strcpy function. Additionally it checks if the binary is a known Linux binary or unknown and probably
a vendor binary.
[*] Vulnerable functions: fprintf mmap popen printf sprintf strcat strcpy system
[+] /lib/ld-uClibc-0.9.33.so (-rw-r--r-- 117 125) - common linux file: no - Vulnerable function: printf / Function count: 20 / networking: no
[+] /sbin/pullEngine (-rw-r--r-- 117 125) - common linux file: no - Vulnerable function: printf / Function count: 5 / networking: no
[+] /sbin/save_wireless_info (-rw-r--r-- 117 125) - common linux file: no - Vulnerable function: printf / Function count: 1 / networking: no
[+] /sbin/notifyEngine (-rw-r--r-- 117 125) - common linux file: no - Vulnerable function: printf / Function count: 5 / networking: no
==> Top 10 legacy C functions - Radare2 disasm mode
[+] fprintf - top 10 results:
[+] mmap - top 10 results:
[+] popen - top 10 results:
[+] printf - top 10 results:
20 : ld-uClibc-0.9.3 : common linux file: no
5 : pullEngine : common linux file: no
5 : notifyEngine : common linux file: no
1 : save_wireless_i : common linux file: no
[+] sprintf - top 10 results:
[+] strcat - top 10 results:
[+] strcpy - top 10 results:
[+] system - top 10 results:
