[+] Final aggregator
[+] Tested firmware: /home/genesis/firmwaretest/WCO_CAMERA_V2_4.48.4.418.bin
[+] EMBA start command: ./emba -l ../WCO_CAMERA_V2_4.48 -f ../WCO_CAMERA_V2_4.48.4.418.bin -p ./scan-profiles/default-scan.emba -y
[+] Detected architecture and endianness (verified): MIPS / EL
[+] Operating system detected (verified): Linux / v3.10.14
[+] 104 files and 43 directories detected.
[+] Entropy analysis of binary firmware is: 7.230792 bits per byte.
[+] Entropy analysis of binary firmware is available: /logs/firmware_entropy.png
[+] Found 15 issues in 14 shell scripts.
[+] Found 1 successful emulated processes (user mode emulation).
[+] Found the following configuration issues:
Found 1 areas with weak permissions.
Found 2 authentication issues.
Found 2 password related details via STACS.
Found 0 outdated certificates in 2 certificates.
Found 9 kernel modules with 0 licensing issues.
[+] Found 39 (100%) binaries without enabled RELRO in 39 binaries.
[+] Found 39 (100%) binaries without enabled NX in 39 binaries.
[+] Found 14 (36%) binaries without enabled PIE in 39 binaries.
[+] Found 25 (64%) stripped binaries without symbols in 39 binaries.
[+] Found 31 usages of strcpy in 39 binaries.
[+] STRCPY - top 10 results:
14 : libcproducer.so : common linux file: no | No RELRO | Canary | NX disabled | Symbols | No Networking |
10 : libcurl.so : common linux file: no | No RELRO | Canary | NX disabled | No Symbols | Networking |
6 : libcrypto.so.1. : common linux file: yes | No RELRO | Canary | NX disabled | No Symbols | Networking |
1 : libutil-0.9.33. : common linux file: no | No RELRO | Canary | NX disabled | No Symbols | No Networking |
0 : zrt_cam_daemon : common linux file: no | No RELRO | Canary | NX disabled | No Symbols | Networking un |
0 : wl : common linux file: no | No RELRO | Canary | NX disabled | No Symbols | Networking un |
0 : tag_generator : common linux file: no | No RELRO | Canary | NX disabled | No Symbols | Networking un |
0 : sunrpc.ko : common linux file: yes | No RELRO | Canary | NX disabled | Symbols | Networking un |
0 : sfc_ioctl_test : common linux file: no | No RELRO | Canary | NX disabled | Symbols | Networking un |
0 : recovery : common linux file: no | No RELRO | Canary | NX disabled | No Symbols | Networking un |
[*] Identified the following software inventory, vulnerabilities and exploits:
[+] Found version details: udhcp : 1.22.1 : CVEs: 0 : Exploits: 0 : Source: STAT
[+] Found version details: libcurl : 7.75.0 : CVEs: 7 : Exploits: 6 : Source: STAT
[+] Found version details: busybox : 1.22.1 : CVEs: 18 : Exploits: 15 : Source: STAT/UEMU
[+] Found version details: openssl : 1.0.2f : CVEs: 57 : Exploits: 47 : Source: STAT
[+] Found version details: kernel : 3.10.14 : CVEs: 1394 : Exploits: 278 : Source: STAT
[+] Identified 5 software components with version details.
[+] Identified 1476 CVE entries.
Identified 504 High rated CVE entries / Exploits: 181
Identified 897 Medium rated CVE entries / Exploits: 140
Identified 75 Low rated CVE entries /Exploits: 12
333 possible exploits available (12 Metasploit modules).
Remote exploits: 0 / Local exploits: 24 / DoS exploits: 9 / Github PoCs: 284 / Known exploited vulnerabilities: 4 / Verified Exploits: 0