Aggregator
The aggregator is part of the finishing modules within emba. After the firmware testing process is finished, the aggregator collects all the relevant data, extracts version details, collects vulnerability data (CVE) and possible exploits. Additionally, it tries to show the relevant stuff in a nice and shiny report.
Some impressions of the aggregator:
To get all of this up and running some requirements are needed. First, run the installer. It will setup the basic environment:
sudo apt-get install bc
sudo pip3 install cve-searchsploit
copy repository of https://github.com/cve-search/cve-search into external directory.
If everything works fine, you should be able to use cve_searchsploit as root:
sudo cve_searchsploit CVE-2014-1912
The next step is cve-search: To get cve-search up and running you have to fulfill some dependencies:
The installation is quite straight:
cd external/cve-search
sudo pip3 install -r requirements.txt - you have to use sudo here, otherwise cve-search won't find the modules if emba is executed with root privileges.
xargs sudo apt-get install -y < requirements.system
wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list
sudo apt-get update
sudo apt-get install -y mongodb-org
sudo systemctl daemon-reload
sudo systemctl start mongod
# Verify status of mongodb
sudo systemctl status mongod
# if all is ok, enable mongodb to start on system startup
sudo systemctl enable mongod
And finally, you need to populate the CVE database:
./sbin/db_mgmt_cpe_dictionary.py -p
./sbin/db_mgmt_json.py -p
./sbin/db_updater.py -c # This will take >45minutes on a decent machine, please be patient
Now it should be possible to use cve-search:
cd emba-directory
./external/cve-search/bin/search.py -p busybox