brainstorm
commented
10 months ago What about VxWorks on SuperH4? How much does EMBA unfold vs manual analysis?:
https://blogs.nopcode.org/brainstorm/anritsu-ms2721b-spectrum-analyzer/
;)
Open m-1-k-3 opened 10 months ago
brainstorm
commented
10 months ago What about VxWorks on SuperH4? How much does EMBA unfold vs manual analysis?:
https://blogs.nopcode.org/brainstorm/anritsu-ms2721b-spectrum-analyzer/
;)
m-1-k-3
commented
10 months ago @brainstorm do you have already some experience and results of binaryanalysis-ng
brainstorm
commented
10 months ago @m-1-k-3 Back then BANG did not find much, so I resorted to manual analysis in the second part of that article:
https://blogs.nopcode.org/brainstorm/anritsu-ms2721b-spectrum-analyzer-repair-part-2/
I doubt binaryanalysis-ng would find much nowadays either... VxHunter on the other hand found a boatload of very useful stuff (resolving functions and offsets) and nowadays it is integrated in Ghidra as "VxWorks" plugin, which I assume is based on VxHunter.
github-actions[bot]
commented
9 months ago This issue is stale because it has been open for 28 days with no activity.
floyd-fuh
commented
7 months ago It would be very nice if EMBA would support so-called bare-metal firmware, see https://www.youtube.com/watch?v=q4CxE5P6RUE for an explanation. At least in a first iteration it would be nice if the code detects bare-metal firmware and then activates/deactivates certain modules, informs the user, etc.
E.g. hardware running https://www.zephyrproject.org/
m-1-k-3
commented
7 months ago Could you give me some more details on what you would expect from this identfication. Probably S03 is already doing parts of your needs.
Is this already the identification you are expecting. Additionally, EMBA tries to identify UEFI firmware in module P35 which gets further analysed in module s02
Further details are also available in the wiki https://github.com/e-m-b-a/emba/wiki/OS-support#vxworks-based-firmware / https://github.com/e-m-b-a/emba/wiki/OS-support#uefi-firmware
floyd-fuh
commented
7 months ago Maybe it's just that Zephyr (strings like "Booting Zephyr OS build v3.2.99") is not in that list?
I just think that it very much depends on the chip on those systems on how the firmware would need to be analysed but I also understand that emulating and supporting all the chips out here is a hard task (but maybe worth a try)
m-1-k-3
commented
7 months ago If you have already automated some tasks that we can start including into EMBA it would be great.
The Zephyr strings can be introduced into the S03 module and in the version detection configuration file here. Could you provided a testing firmware and a PR with the updates on the basic Zephyr integration?
floyd-fuh
commented
7 months ago While EMBA detects that a large VMDK file is scanned, it would be nice if it could also do some optimisations to make the scan end. At least for my configuration the scan of the following VMDK image lead to 2 OOM-kill (killing the entire Kali VM) after ~ 10 hours each when it had only 8GB of RAM, and a complete Kali VM freeze when it had 16GB memory (and more CPU) after ~15 hours:
https://www.infoblox.com/product-evaluation-portal-ddi/
Maybe something to add to your list of interesting firmwares, would be interesting to know if you were able to scan it successfully with a more powerful machine.
m-1-k-3
commented
7 months ago Big images could cause issues if your host does not have enough power. What you could do is
m-1-k-3
commented
7 months ago @floyd-fuh 16cores and 32gig of RAM finished the infoblox in 5h 35mins with the default profile.
github-actions[bot]
commented
6 months ago This issue is stale because it has been open for 28 days with no activity.
lalit97-98
commented
4 months ago Hi Team, I've been using EMBA for couple of days it's been good experience till. Just a request can you add something where I can continue scanning from failed firmware test. the issue is sometimes it takes lot of time to complete the test and if it fails to complete then i have to restart the same process again...
m-1-k-3
commented
4 months ago Hi @lalit97-98,
good to have you here. Could you please check this discussion. I think we fixed the main restart issues a while ago. Nevertheless, please keep in mind that this feature is in a very early state and not tested in detail. Feedback is always welcome.
lalit97-98
commented
4 months ago Hi michael , my question is yesterday I started firmware Analysis using emba , and due to an issue it failed to complete after 6 hours. So can i continue from where it failed ?
On Fri, 31 May, 2024, 7:30 pm Michael Messner, @.***> wrote:
Hi @lalit97-98 https://github.com/lalit97-98,
good to have you here. Could you please check this discussion https://github.com/e-m-b-a/emba/discussions/1073#discussioncomment-8676998. I think we fixed the main restart issues a while ago. Nevertheless, please keep in mind that this feature is in a very early state and not tested in detail. Feedback is always welcome.
— Reply to this email directly, view it on GitHub https://github.com/e-m-b-a/emba/issues/897#issuecomment-2142250980, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARQH2QRKW3MIM3KPO4FAPBLZFB7BLAVCNFSM6AAAAAA7SVO4MKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBSGI2TAOJYGA . You are receiving this because you were mentioned.Message ID: @.***>
m-1-k-3
commented
4 months ago sure ... it should be possible to restart a scan and only execute the modules that were not already finished
lalit97-98
commented
3 months ago Ok, thanks.
On Fri, 31 May, 2024, 11:52 pm Michael Messner, @.***> wrote:
sure ... it should be possible to restart a scan and only execute the modules that were not already finished
— Reply to this email directly, view it on GitHub https://github.com/e-m-b-a/emba/issues/897#issuecomment-2142771752, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARQH2QUBLV4W5TWMLKAJXADZFC5WBAVCNFSM6AAAAAA7SVO4MKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBSG43TCNZVGI . You are receiving this because you were mentioned.Message ID: @.***>
github-actions[bot]
commented
2 months ago This issue is stale because it has been open for 28 days with no activity.
Is your feature request related to a problem? Please describe.
We are always looking for interesting firmware for testing and improving EMBA. This could be: