Comments (6)
It is also possible this could be happening on other OSes, but I don't have the ability to test those right now so would need someone else to confirm if the installer sets up the quest container properly.
from emba.
We improved the online check since the last release. Could you please test the latest master?
from emba.
The Quest container is a separate container for the Q-modules, which require internet connection.
Currently, @m-1-k-3 is working on a fix where the container doesn't work correctly behind a proxy.
Might this also be the case here?
from emba.
We improved the online check since the last release. Could you please test the latest master?
This was it, I figured that the tagged versions were what should be used like "stable" releases, but didn't realize that since there is just the one tag of the docker image that the master
branch should probably always be used, and that the master branch is always supposed to be stable.
Would either of you be opposed if I opened up an MR for updating some of the documentation from what I have learned?
This is a separate question for clarification that I couldn't really understand from the docs, specifically about dangers of running full emulation:
If I am running EMBA with full emulation, which components of my setup have potential to be harmed?
Example setup:
- A server where
sudo ./installer.sh -d
has been ran inside an up to date EMBA repo on master branch.
User calls EMBA with:
sudo ./emba -l ./logs -f ./firmware -p ./scan-profiles/default-scan-emulation.emba
Which would be in danger of being harmed, the server (host?), the network the server is hosted on, and/or the docker image that EMBA is running inside of?
From the docs it seems like the server (host?) is in danger of being harmed, but I am not sure why that is the case if the docker image is the one executing EMBA and doing the pentesting. If anyone is able to explain, I would like to add a version of that explanation into the docs.
from emba.
This was it, I figured that the tagged versions were what should be used like "stable" releases, but didn't realize that since there is just the one tag of the docker image that the
master
branch should probably always be used, and that the master branch is always supposed to be stable.Would either of you be opposed if I opened up an MR for updating some of the documentation from what I have learned?
Does it work to open a PR for the Wiki? If so, please do it.
This is a separate question for clarification that I couldn't really understand from the docs, specifically about dangers of running full emulation:
If I am running EMBA with full emulation, which components of my setup have potential to be harmed?
Which would be in danger of being harmed, the server (host?), the network the server is hosted on, and/or the docker image that EMBA is running inside of?
From the docs it seems like the server (host?) is in danger of being harmed, but I am not sure why that is the case if the docker image is the one executing EMBA and doing the pentesting. If anyone is able to explain, I would like to add a version of that explanation into the docs.
The EMBA docker container is mostly read-only, the network (which is currently used for CVE-search) is isolated and the container is destroyed after execution. Nevertheless, the container is running in privileged mode and ...
... we have two emulation environments available in EMBA:
- 1st: User-mode emulation is primarly used for improving the SBOM, vulnerability and exploit detection. In this mode you are directly running untrusted code from the firmware in the docker container (within a chroot user-mode qemu). This could result in a breakout of the chroot, compromise of the container, escape from the container or attack your report and finally as a worst case szenario your host.
- 2nd: System-mode emulation is used to boot the complete firmware in qemu. which is also untrusted and can be used to perform further attacks in the qemu environment. Again, as worst case szenario an attacker could use a manipulated firmware to perform further attacks.
from emba.
Closing now - open it again if needed
from emba.
Related Issues (20)
- p55_unblob_extractor error messages HOT 7
- Scan restart not working as expected
- -b displays only the latest txt HOT 2
- Spurious linux_kernel CVEs, cpe string handling. HOT 1
- Status bar without day count HOT 2
- NVD CVE database - not ok HOT 3
- qemu emulation commands HOT 3
- emulation profile location HOT 3
- Installation failure due to missing public key HOT 3
- NVD CVE database missing HOT 3
- f10 + p99 csv files question HOT 3
- Specify file system instead of firmware HOT 4
- Internet connection - not OK HOT 6
- Improve "ISC DHCP" detection and CVE search HOT 13
- installer.sh failing with non-english locale HOT 10
- module_blacklist.txt gets ignored with default-scan.emba profile HOT 2
- Are we able to get the file system in the firmware? HOT 7
- The s110 module cannot be executed normally HOT 4
- New Kali Linux 2024-2 available HOT 8
- docker image question HOT 9
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from emba.