EMBA firmware report

{"version": "2.1.0", "$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "STACS", "rules": [{"id": "CredentialPKIPEMRSA", "shortDescription": {"text": "Potential PEM format RSA private key found."}}, {"id": "CredentialNixShadowStatic", "shortDescription": {"text": "User in /etc/shadow has been configured with a static password."}}, {"id": "CredentialHashMD5", "shortDescription": {"text": "File contains an MD5 crypt hash which may be a credential."}}], "version": "0.5.1", "downloadUri": "https://www.github.com/stacscan/stacs/", "informationUri": "https://www.github.com/stacscan/stacs/"}}, "results": [{"message": {"text": "Potential PEM format RSA private key found."}, "level": "error", "ruleId": "CredentialPKIPEMRSA", "locations": [{"physicalLocation": {"region": {"byteOffset": 0, "snippet": {"text": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEA7UIEN7b"}, "startLine": 1}, "contextRegion": {"snippet": {"text": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEA7UIEN7bdGxuVsCf8ws78yhSJIkK"}}, "artifactLocation": {"uri": "unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/etc/nginx/certs/default/key", "index": 0, "uriBaseId": "STACSROOT"}}}], "suppressions": []}, {"message": {"text": "User in /etc/shadow has been configured with a static password."}, "level": "error", "ruleId": "CredentialNixShadowStatic", "locations": [{"physicalLocation": {"region": {"byteOffset": 0, "snippet": {"text": "root:$1$ZMDCdK26$t9H/47MjUhJU5xYl46PVM.:17366:0:99999:7:::\n"}, "startLine": 1}, "contextRegion": {"snippet": {"text": "root:$1$ZMDCdK26$t9H/47MjUhJU5xYl46PVM.:17366:0:99999:7:::\nsdcard:$1$JbElAA7t$J"}}, "artifactLocation": {"uri": "unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/etc/shadow", "index": 1, "uriBaseId": "STACSROOT"}}}], "suppressions": []}, {"message": {"text": "User in /etc/shadow has been configured with a static password."}, "level": "error", "ruleId": "CredentialNixShadowStatic", "locations": [{"physicalLocation": {"region": {"byteOffset": 58, "snippet": {"text": "\nsdcard:$1$JbElAA7t$JzppsspcGk.BRuKFyFj2A0:17360:0:99999:7:::\n"}, "startLine": 1}, "contextRegion": {"snippet": {"text": ".:17366:0:99999:7:::\nsdcard:$1$JbElAA7t$JzppsspcGk.BRuKFyFj2A0:17360:0:99999:7:::\ndaemon:*:0:0:99999:7"}}, "artifactLocation": {"uri": "unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/etc/shadow", "index": 1, "uriBaseId": "STACSROOT"}}}], "suppressions": []}, {"message": {"text": "File contains an MD5 crypt hash which may be a credential."}, "level": "error", "ruleId": "CredentialHashMD5", "locations": [{"physicalLocation": {"region": {"byteOffset": 5, "snippet": {"text": "$1$ZMDCdK26$t9H/47MjUhJU5xYl46PVM."}, "startLine": 1}, "contextRegion": {"snippet": {"text": "root:$1$ZMDCdK26$t9H/47MjUhJU5xYl46PVM.:17366:0:99999:7:::\n"}}, "artifactLocation": {"uri": "unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/etc/shadow", "index": 1, "uriBaseId": "STACSROOT"}}}], "suppressions": []}, {"message": {"text": "File contains an MD5 crypt hash which may be a credential."}, "level": "error", "ruleId": "CredentialHashMD5", "locations": [{"physicalLocation": {"region": {"byteOffset": 66, "snippet": {"text": "$1$JbElAA7t$JzppsspcGk.BRuKFyFj2A0"}, "startLine": 2}, "contextRegion": {"snippet": {"text": "0:99999:7:::\nsdcard:$1$JbElAA7t$JzppsspcGk.BRuKFyFj2A0:17360:0:99999:7:::\n"}}, "artifactLocation": {"uri": "unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/etc/shadow", "index": 1, "uriBaseId": "STACSROOT"}}}], "suppressions": []}], "artifacts": [{"location": {"uri": "unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/etc/nginx/certs/default/key", "uriBaseId": "STACSROOT"}, "hashes": {"md5": "a5d87347fcfd48d7fded87990e3a2710"}}, {"location": {"uri": "unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/etc/shadow", "uriBaseId": "STACSROOT"}, "hashes": {"md5": "904c1b24ca0c9e529a49592352b7eb9a"}}], "originalUriBaseIds": {"STACSROOT": {"uri": "file:///logs/firmware/"}}}]}