[+] Final aggregator
[+] Tested firmware: /home/genesis/firmwaretest/K5DE301P.kce
[+] EMBA start command: ./emba -l ../KT-400-v3.01.16KCE/ -f ../K5DE301P.kce -p ./scan-profiles/default-scan.emba
[+] Detected architecture and endianness (verified): ARM / EL
[+] Operating system detected (verified): Linux / v4.19.56
[+] 456 files and 89 directories detected.
[+] Entropy analysis of binary firmware is: 7.992847 bits per byte.
[+] Entropy analysis of binary firmware is available: /logs/firmware_entropy.png
[+] Found 20 issues in 23 shell scripts.
[+] Found 38 successful emulated processes (user mode emulation).
[+] Verified 35 kernel vulnerabilities (kernel symbols).
[+] Found the following configuration issues:
Found 1 areas with weak permissions.
Found 1 authentication issues.
Found 15 password related details via STACS (1 passwords cracked.)
Found 6 kernel modules with 0 licensing issues.
[+] Found 6 (2%) binaries without enabled RELRO in 269 binaries.
[+] Found 268 (100%) binaries without enabled NX in 269 binaries.
[+] Found 68 (25%) binaries without enabled PIE in 269 binaries.
[+] Found 250 (93%) stripped binaries without symbols in 269 binaries.
[+] Found 413 usages of strcpy in 269 binaries.
[+] STRCPY - top 10 results:
93 : busybox : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
27 : libcurl.so : common linux file: no | RELRO | Canary | NX disabled | Symbols | No Networking |
25 : libuClibc-1.0.3 : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
18 : libpaho-mqtt3as : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
18 : libpaho-mqtt3a. : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
17 : libglib-2.0.so. : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
17 : KT-1 : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
13 : libpaho-mqtt3cs : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
13 : libpaho-mqtt3c. : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
13 : libgio-2.0.so.0 : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
[+] SYSTEM - top 10 results:
10 : KT-1 : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
7 : libpaho-mqttpp3 : common linux file: no | RELRO | Canary | NX disabled | No Symbols | No Networking |
4 : busybox : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
3 : libtyco_service : common linux file: no | RELRO | Canary | NX disabled | Symbols | No Networking |
1 : ntpq : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
1 : ntpd : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
1 : gio : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | No Networking |
0 : mod_wstunnel.so : common linux file: no | RELRO | Canary | NX disabled | No Symbols | Networking un |
0 : mod_vhostdb.so : common linux file: no | RELRO | Canary | NX disabled | No Symbols | Networking un |
0 : mod_usertrack.s : common linux file: yes | RELRO | Canary | NX disabled | No Symbols | Networking un |
[*] Identified the following software inventory, vulnerabilities and exploits:
[+] Found version details: dbus : 1.12.10 : CVEs: 2 : Exploits: 2 : Source: UEMU
[+] Found version details: sed : 4.0 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: avahi : 0.7 : CVEs: 4 : Exploits: 0 : Source: UEMU
[+] Found version details: busybox : 1.30.1 : CVEs: 12 : Exploits: 11 : Source: STAT/UEMU
[+] Found version details: expat : 2.2.6 : CVEs: 20 : Exploits: 16 : Source: STAT/UEMU
[+] Found version details: mtd-utils : 2.1.0 : CVEs: 0 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: lighttpd : 1.4.53 : CVEs: 2 : Exploits: 2 : Source: STAT/UEMU
[+] Found version details: ntp : 4.2.8:p13 : CVEs: 5 : Exploits: 0 : Source: STAT/UEMU
[+] Found version details: libcurl : 7.61.0 : CVEs: 13 : Exploits: 9 : Source: STAT
[+] Found version details: pcre : 1.2.10 : CVEs: 0 : Exploits: 0 : Source: UEMU
[+] Found version details: pcre : 8.42 : CVEs: 2 : Exploits: 2 : Source: UEMU
[+] Found version details: openssl : 1.1.1c : CVEs: 24 : Exploits: 23 : Source: STAT/UEMU
[+] Found version details: udhcp : 1.30.1 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: zlib : 1.2.11 : CVEs: 2 : Exploits: 2 : Source: STAT
[+] Found version details: kernel : 4.19.56 : CVEs: 744 (35) : Exploits: 131 : Source: STAT
[+] Identified 15 software components with version details.
[+] Identified 832 CVE entries.
Identified 328 High rated CVE entries / Exploits: 119
Identified 471 Medium rated CVE entries / Exploits: 70
Identified 33 Low rated CVE entries /Exploits: 7
196 possible exploits available (3 Metasploit modules).
Remote exploits: 0 / Local exploits: 5 / DoS exploits: 2 / Github PoCs: 189 / Known exploited vulnerabilities: 2 / Verified Exploits: 0