-
-
Notifications
You must be signed in to change notification settings - Fork 234
FAQ
EMBA is a platform for optimizing our research and testing tasks in the field of IoT, OT and general embedded analysis. Because of this, we include code quite early and sometimes in a very raw state. We do not recommend setting up EMBA as a productive environment or in an unprotected environment! If you are using EMBA you should know what you are doing.
A: First, run the installer (sudo ./installer.sh). Usually you are going to start with a default installation: sudo ./installer.sh -d
A: Currently Yes. In theory is should be fine if you have the privileges to start a docker container. So, it should be mostly fine to add your user in the docker group. As this is not fully tested and implemented we currently check for admin privileges. In the future we will change this (see https://github.com/e-m-b-a/emba/pull/324).
A: As it gives awesome results you should give it a try. But keep in mind you are executing code on your machine and your complete environment could get compromised quite easy with it. So, just use it in default mode with the protection of the docker container. Additionally you should only use it in a secured environment without network access to the world.
A: We only test EMBA on Kali Linux. However, we have heard rumors that EMBA runs quite good on a plain Ubuntu. So, give it a try. Update: EMBA supports Ubuntu in default mode! As this is currenlty not our main platform there could be Ubuntu related issues. Feel free to report it.
A: sudo ./emba.sh -z -s -l ../emba_logs/logs_FIRMWARE_FILE -f ../testimages/FIRMWARE_FILE.bin -t -E -W -Q
or to keep it simple we can use the following profile:
A: sudo ./emba.sh -l ../emba_logs/logs_FIRMWARE_FILE -f ../testimages/FIRMWARE_FILE.bin -p ./scan-profiles/default-scan-emulation.emba
A: For sure. Give it a try.
A: For sure. Give it a try.
A: We have no timeline but you should check the current EMBA master branch or the current version here We see EMBA as a platform for optimizing our research and testing tasks in the field of IoT, OT, embedded analysis. As a stable or productive state is not our goal, EMBA will probably never reach it.
A: Yes.
A: You can include missing version identifiers in the config (config/bin_version_strings.cfg).
A: See this issue: https://github.com/e-m-b-a/emba/issues/217
A: You can give it a try. But be warned, EMBA will take a long time for testing firmware. See here: https://github.com/e-m-b-a/emba/issues/118#issuecomment-876202630
A: It works on my machine!
A: Great. Fix it and open a pull request or open an issue here.
A: Open an issue and add the label question to it. We will try to answer ASAP.
A: Thank you for your interest in supporting EMBA. There are so many possibilities. Some examples:
- You can test EMBA with different firmware files and report problems with dedicated issues (For such tests we recommend enabling the strict mode with the -S option)
- If you are a web guy you can check the web reporter for possibilities to make EMBA look more beautiful.
- If you are a python guy you could also check EMBArk
- If you are a pentester and want to show us the insecurity of EMBA, you are welcome to find bugs, fix it and open an issue or a PR
- If you are no coder at all you could check the documentation. There is always room for improvement.
- Additionally, we have an issue regarding the textblocks used in the reporter (see here)
- Finally, you can support EMBA as Sponsor here or you can buy us some beer here
EMBA - firmware security scanning at its best
Sponsor EMBA and EMBArk:
The EMBA environment is free and open source!
We put a lot of time and energy into these tools and related research to make this happen. It's now possible for you to contribute as a sponsor!
If you like EMBA you have the chance to support future development by becoming a Sponsor
Thank You ❤️ Get a Sponsor
You can also buy us some beer here ❤️ Buy me a coffee
To show your love for EMBA with nice shirts or other merch you can check our Spreadshop
EMBA - firmware security scanning at its best