Merge pull request #589 from m-1-k-3/sbom_components

SBOM generation fix for non vuln components

helpers/helpers_emba_system_emulation.sh

@@ -21,7 +21,7 @@ restart_emulation() {
   local RESTART_SCAN="${3:-0}"
 
   if ping -c 1 "$IP_ADDRESS_" &> /dev/null; then
-    print_output "[+] System with $ORANGE$IP_ADDRESS_$NC responding again - probably it recovered automatically."
+    print_output "[+] System with $ORANGE$IP_ADDRESS_$GREEN responding again - probably it recovered automatically.$NC"
     return
   fi
 

installer/I199_default_tools_github.sh

@@ -26,7 +26,7 @@ I199_default_tools_github() {
     print_file_info "sshdcc" "Check SSHd configuration files" "https://raw.githubusercontent.com/sektioneins/sshdcc/master/sshdcc" "external/sshdcc"
     print_file_info "sudo-parser.pl" "Parses and tests sudoers configuration files" "https://raw.githubusercontent.com/CiscoCXSecurity/sudo-parser/master/sudo-parser.pl" "external/sudo-parser.pl"
     print_file_info "pixd" "pixd is a tool for visualizing binary data using a colour palette." "https://raw.githubusercontent.com/p4cx/pixd_image/master/pixd.c" "external/pixd"
-    print_file_info "progpilot" "progpilot is a tool for static security tests on php files." "https://github.com/designsecurity/progpilot/releases/download/v0.8.0/progpilot_v0.8.0.phar" "external/progpilot"
+    print_file_info "progpilot" "progpilot is a tool for static security tests on php files." "https://github.com/designsecurity/progpilot/releases/download/v1.0.2/progpilot_v1.0.2.phar" "external/progpilot"
     print_file_info "EnGenius decryptor" "Decrypts EnGenius firmware files." "https://raw.githubusercontent.com/EMBA-support-repos/enfringement/main/decrypt.py" "external/engenius-decrypt.py"
 
     print_pip_info "pillow"
@@ -45,7 +45,7 @@ I199_default_tools_github() {
         download_file "checksec" "https://raw.githubusercontent.com/slimm609/checksec.sh/master/checksec" "external/checksec"
         download_file "sshdcc" "https://raw.githubusercontent.com/sektioneins/sshdcc/master/sshdcc" "external/sshdcc"
         download_file "sudo-parser.pl" "https://raw.githubusercontent.com/CiscoCXSecurity/sudo-parser/master/sudo-parser.pl" "external/sudo-parser.pl"
-        download_file "progpilot" "https://github.com/designsecurity/progpilot/releases/download/v0.8.0/progpilot_v0.8.0.phar" "external/progpilot"
+        download_file "progpilot" "https://github.com/designsecurity/progpilot/releases/download/v1.0.2/progpilot_v1.0.2.phar" "external/progpilot"
         download_file "EnGenius decryptor" "https://raw.githubusercontent.com/EMBA-support-repos/enfringement/main/decrypt.py" "external/engenius-decrypt.py"
 
         # pixd installation

modules/F20_vul_aggregator.sh

@@ -688,6 +688,9 @@ cve_extractor() {
   # fi
 
   if [[ -f "$LOG_PATH_MODULE"/"$AGG_LOG_FILE" ]]; then
+    if [[ "${#CVEs_OUTPUT[@]}" == 0 ]]; then
+      write_csv_log "$BINARY" "$VERSION" "${CVE_VALUE:-NA}" "${CVSS_VALUE:-NA}" "${#EXPLOIT_AVAIL[@]}" "${#EXPLOIT_AVAIL_MSF[@]}" "${#EXPLOIT_AVAIL_TRICKEST[@]}" "${#EXPLOIT_AVAIL_ROUTERSPLOIT[@]}/${#EXPLOIT_AVAIL_ROUTERSPLOIT1[@]}" "${EXPLOIT_AVAIL_SNYK[@]}" "${EXPLOIT_AVAIL_PACKETSTORM[@]}" "${LOCAL:-NA}" "${REMOTE:-NA}" "${DOS:-NA}" "${#KNOWN_EXPLOITED_VULNS[@]}" "${KERNEL_VERIFIED:-NA}"
+    fi
     for CVE_OUTPUT in "${CVEs_OUTPUT[@]}"; do
       local CVEv2_TMP=0
       local KERNEL_VERIFIED="no"

modules/F50_base_aggregator.sh

@@ -191,11 +191,18 @@ output_details() {
     DATA=1
   fi
   if [[ "${S22_PHP_VULNS:-0}" -gt 0 ]]; then
-    print_output "[+] Found ""$ORANGE""$S22_PHP_VULNS"" vulnerabilities""$GREEN"" in ""$ORANGE""$S22_PHP_SCRIPTS""$GREEN"" php files.""$NC"
+    print_output "[+] Found ""$ORANGE""$S22_PHP_VULNS"" vulnerabilities""$GREEN"" via progpilot in ""$ORANGE""$S22_PHP_SCRIPTS""$GREEN"" php files.""$NC"
     write_link "s22"
     write_csv_log "php_scripts" "$S22_PHP_SCRIPTS" "NA" "NA" "NA" "NA" "NA" "NA" "NA"
-    write_csv_log "php_vulns" "$S22_PHP_VULNS" "NA" "NA" "NA" "NA" "NA" "NA" "NA"
+    write_csv_log "php_vulns_progpilot" "$S22_PHP_VULNS" "NA" "NA" "NA" "NA" "NA" "NA" "NA"
   fi
+  if [[ "${S22_PHP_VULNS_SEMGREP:-0}" -gt 0 ]]; then
+    print_output "[+] Found ""$ORANGE""$S22_PHP_VULNS_SEMGREP"" vulnerabilities""$GREEN"" via semgrep in ""$ORANGE""$S22_PHP_SCRIPTS""$GREEN"" php files.""$NC"
+    write_link "s22"
+    write_csv_log "php_scripts" "$S22_PHP_SCRIPTS" "NA" "NA" "NA" "NA" "NA" "NA" "NA"
+    write_csv_log "php_vulns_semgrep" "$S22_PHP_VULNS_SEMGREP" "NA" "NA" "NA" "NA" "NA" "NA" "NA"
+  fi
+
   if [[ "${S22_PHP_INI_ISSUES:-0}" -gt 0 ]]; then
     print_output "[+] Found ""$ORANGE""$S22_PHP_INI_ISSUES"" issues""$GREEN"" in ""$ORANGE""$S22_PHP_INI_CONFIGS""$GREEN"" php configuration file.""$NC"
     write_link "s22"
@@ -736,6 +743,7 @@ get_data() {
   export S21_PY_VULNS=0
   export S21_PY_SCRIPTS=0
   export S22_PHP_VULNS=0
+  export S22_PHP_VULNS_SEMGREP=0
   export S22_PHP_SCRIPTS=0
   export S22_PHP_INI_ISSUES=0
   export S22_PHP_INI_CONFIGS=0
@@ -780,8 +788,8 @@ get_data() {
     EFI_ARCH=$(strip_color_codes "$EFI_ARCH")
   fi
   if [[ -f "$P99_CSV_LOG" ]]; then
-    P99_ARCH="$(tail -n +2 "$P99_CSV_LOG" | cut -d\; -f 7)"
-    P99_ARCH_END="$(tail -n +2 "$P99_CSV_LOG" | cut -d\; -f 8)"
+    P99_ARCH="$(tail -n +2 "$P99_CSV_LOG" | cut -d\; -f 7 | sort -u | head -1)"
+    P99_ARCH_END="$(tail -n +2 "$P99_CSV_LOG" | cut -d\; -f 8 | sort -u | head -1)"
   fi
   if [[ -f "$LOG_DIR"/"$S02_LOG" ]]; then
     FWHUNTER_CNT=$(grep -a "\[\*\]\ Statistics:" "$LOG_DIR"/"$S02_LOG" | cut -d: -f2 || true)
@@ -827,6 +835,7 @@ get_data() {
     S22_PHP_SCRIPTS=$(grep -a "\[\*\]\ Statistics:" "$LOG_DIR"/"$S22_LOG" | cut -d: -f3 || true)
     S22_PHP_INI_ISSUES=$(grep -a "\[\*\]\ Statistics:" "$LOG_DIR"/"$S22_LOG" | cut -d: -f4 || true)
     S22_PHP_INI_CONFIGS=$(grep -a "\[\*\]\ Statistics:" "$LOG_DIR"/"$S22_LOG" | cut -d: -f5 || true)
+    S22_PHP_VULNS_SEMGREP=$(grep -a "\[\*\]\ Statistics1:" "$LOG_DIR"/"$S22_LOG" | cut -d: -f2 || true)
   fi
   if [[ -f "$LOG_DIR"/"$S24_LOG" ]]; then
     S24_FAILED_KSETTINGS=$(grep -a "\[\*\]\ Statistics:" "$LOG_DIR"/"$S24_LOG" | cut -d: -f2 || true)

modules/L10_system_emulation/inferService.sh

@@ -30,6 +30,14 @@ if [ -e /etc/init.d/lighttpd ]; then
   fi
 fi
 
+if [ -e /etc/init.d/ftpd ]; then
+  if ! "${BUSYBOX}" grep -q ftpd /firmadyne/service 2>/dev/null; then
+    "${BUSYBOX}" echo -e "[*] Writing EMBA service for ${ORANGE}ftpd service${NC}"
+    "${BUSYBOX}" echo -e -n "/etc/init.d/ftpd start\n" >> /firmadyne/service
+  fi
+fi
+
+
 # tplink_latest/Archer_C59_US__V2_161206.zip?
 if [ -e /etc/init.d/uhttpd ]; then
   if ! "${BUSYBOX}" grep -q uhttpd /firmadyne/service 2>/dev/null; then

modules/S100_command_inj_check.sh

@@ -39,7 +39,7 @@ S100_command_inj_check()
 
         for FILE_S in "${FILE_ARRX[@]}" ; do
           if file "$FILE_S" | grep -q -E "script.*executable" ; then
-            print_output "$( indent "$(orange "$(print_path "$FILE_S")"" -> Executable")")"
+            print_output "$( indent "$(orange "$(print_path "$FILE_S")"" -> Executable script")")"
 
             local QUERY_L
             mapfile -t QUERY_L < <(config_list "$CONFIG_DIR""/check_command_injections.cfg" "")