Sasquatch split binwalk vs unblob

config/banner/London_Calling_Edt-v1.2.0.txt

@@ -0,0 +1,49 @@
+
+EMBA version 1.2.0 - London Calling Edt.
+
+
+MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWNKXMMWNWMMMMMMMMMMMWWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWMMMMMMMMMMMMMMMMMWWMMMMMMMMMMMM
+MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWMMWMWWWMMMMMMMMMWWMWWMMMWWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWMWWMMMMMMMMMMMWMMWWWMMMMMMMMMWWMWWWMMWWMMMMMMM
+MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWWMMMMMMMMMMMMMMMMMMMMMMMMXOXMMMMWNNMMMMMMMMMMMMWWMMMMMMMMMMMMMMMMXKWNNWWWMMMMMMMMMMMMMMMMMMMMMMMNOKWMMMMNNWMMMMMM
+MMMMMMMMNOddddxkXMMMMMMMMMMMMMMMMNOoloxk0NMMMMMNNW0xdddxKWMMMMNxldddONMMMMKkdooooooolldxxONWMMMMMMMMMWXkdolcclox0WMMMNNMWKxdddd0WMMMMNkldddkXMMMMMMMMM
+MMMMMMMMW0o:''':kNMMMMMMMMMMMMMNkc,''''',ckNMMMWMNl.....cKMMMMNl....;OMMMMk:,...''';c:,',cllok0KKNWMNx:'..'''...,l0WMWWMWd.....;0MMMMWd'...,kMMMMMMMMM
+MMMMMMMMXxdo:,,xNWMMMMMMMMMMMWk:'.',;,'.'''cKMMMMNl.'''.'dWMMMWd'.'.,OMMMMOc,.'''''cxo;',;,',;o0NWNx:'''.',;,'..'.,xNWMMNd''''''oNMMMMk'.'.'xWMMMMMMMM
+MMMMMMMMK:....,xNMMMMMMMMMMWXx;..,xKX0d,.''.oNMMMNl.,,'''cKMMMXl.''';OMMMMOc,.''.':dolo;,,.'',cOWMNo.'..'ckXXk:'.'.;OMMMWd'',''':0WMMNo'''',kMMMMMMMMM
+MMMMMMMM0;.''',lKMMMMMMMMMMNd,'.'dNMMMXl'''.:KMMMXl.''''.'oNMMNk;.'.'xWWWMOl;.'''.;kXWWx'..'.';okKNd'.'.:xXWMWk,''.'xWMMNo..''''.lXMMW0:.'''dNWWWNXNWM
+MMMMMMMM0:''.;kXWMMMMMMMMMMWkc,''oNMMMXl.''.cKMMMXc.'''''.,kWMMO;.'.,xWNNW0o;.''.,xNMMMO;.';clldkXNd''''c0WMWWO;''.'dWWWNo..''''.'xWMM0:.'.'dNNNWNXXNM
+MMMMMMMMX0l'':xNMMMMMMMMMMMKo:,.'c0WMMXl.''.:KMMMXl.'',''''lXMMx''..,xWMMMKkc.''.:KMMMMO,.';oolOXXXo''''lXX00XO;.'.'dWWWNo..''''''cKMMk,.'.'dNMMMMMMMM
+MMMMMMMMWNk,..:KMMMMMMMMMMMO;.'.'xWMMMNo.''.,xNMMXl..'';,.';xWMx'.'.;0MMMMX0l.''.cXMMMMKc.';,;xKNNNo.''.lNNXKXO,.'.'xWMMWo''.';;'',dNMO,.'.,kMMMMMMMMM
+MMMMMMMMXxkxlc:kWMMMMMMMMMMO;''.,kWMMMXl.''.'cOXWXl.'''ox;'':0Wx'...;0MMMMX0l.''.cXMMMMKl'':coXMMMNl.''.oXOx0XO;.'.'xMMMWo'''.lk:'';kWk,.'.,kMMMMMMMMM
+MMMMMMMMXoodc,'oNMMMMMMMMMMO;,'.,kMMMMNl.''.;kX0K0c.'..dNd','lXx'.'.;0MMMMN0l..'.:KMMMMXl''',dNMMMNl.''.cOkxXMO;.'.'dWMMWo.''.lXx,,'cKk'.'.,kMMMMMMMMM
+MMMMMMMM0:...,cOWMMMMMMMMMMO:;,',kMMMMNo.''.:0MMMNl.'.'dWKc'',kx'.'.;0MMMWKOl.''.;0MMWM0:.'..,kMMMNl.''.c0XWMMO;.'.'dWMMWd'.'.lNXl'''dx,.'.,kMMWWWMMMM
+MMMMMMMMO,.'.:dONMMMMMMMMMMO:,'''dWMMMNo.''.:0MMMNo..''oNMk,..cl,.'.;0MMMNOkc.''.:OWMMM0:.''.:0MMMNl..'.lXMMMMO;.'.'xWMMWd'.'.lXMO;..:l,.'.,kMMWXNMMMM
+MMMMMMMM0:.''':0MMMMMMMMMMMO:,'.,kWMMMNo'''.:0MMMNo..'.lNMXl'.,;'.'.;0MMMM0o;.''.,dXMMM0;.''.cXMMMNo.''.lNMMMM0;.'''xWMMWd'.'.cXMNd'.,;'.'.,kMMMMMMMMM
+MMMMMMMMKc'''':kWMMMMMMMMMMO:,'.,OMMMMWd'.'.cKMMMNo..'.oNMM0:.,,'''.,OMMMM0o;.''';OMMMMO;.'''dWMMMNo..'.lXMMMM0;.'''xWMMWx'.'.cXMMKc.','.'.'kMMMMMMMMM
+MMMMMMMMO;.'.';xNMMMMMMMMMM0:,'.,kWMMMNo..'.lXMMMWo'.'.oNMMWx,'''''.,OMMMMXkc..'':KMMMWx'.''.lXMMMNo'.'.cKMMMMO;.'.'xWMMWx'.'.cXMMWk,'''''.,kMMMMMMMMM
+MMMMMMMM0:.'.'':xOOOOOOOOXWXo,'.';x00Oo,.''.lXMMMNo.''.lNMMMXl'''''.;0MMMMNKo'.'.;x0Oko;..'';OWMMMWk,.'.,lOK0k:'''.;OMMMWx'.'.cKMMMNo'''.'.,kMMMMMMMMM
+MMMMMMMMK:...'...''''''''dWWKd;.''.','..''':0WMMMWo'''.lXMMMM0:''''.;0MMMMKd:.''.''''..''.'c0WMMMMMNx,....',,''''.,xNMMMWx'.'.:KMMMMKc''''.,kMMMMMMMMM
+MMMMMMMMKl,'............'dNMMWk:''...,:,':xXMMMMMWo....lNMMMMWk;....;0MMMMKxl;,........';oONMMMWMWWMNOl,......'',lOXWMMMWx'...cKMMMMW0:....,kMMMMMMMMM
+MMMMMMMMNKOxxddddddddddxk0NMMMMN0xdoodkOONMMMMMMMWOooookNMMMMMNkodddxXMMMMWNXXOddxxxdxk0XWMMMMMMMMMMWWWKkdoooodkOKNWMMMWNOdoookNMMMMMNOddddxKMMMMMMMMM
+MMMMMMMMMMMMMNXK0KNWWMMMMMMMMMMMMWNNNNNNWMMMMMMMMNXXXXNNNMMMMMMMMMMMNXXXKKKXNMMMMMMMMWWMMWNNWWWMMWWMWNNNNNWMMMMMKxOXXNWWWWMMMMMMMMWMWWMMMMMMMMMMMMMMMM
+MMMMMMMMMMNOo:,'';cdxx0NWMMMMMMMKo::::::oKMMMMMMMKl;,;::dXMMMMMMMMMMO:,;,';lOMMMMMMMMK0NNx:clcoXMNNNx;;;;:xWMMMMXl,;;;oXMMMMMW0dlolllclodO00KWMMMMMMMM
+MMMMMMMMWk:'...''..',.';l0WMMMMM0;.....':kWMMMMMWKkxl;.,oKWMMMMMMMMMO,...':d0MMMMMMMMXoOWo.',':KMMMXl.....;OMMMMXc....;0MMMWOc,....','...';clOWMMMMMMM
+MMMMMMMMXl....,ldo:,cc'':0WMMMMMXl.......cXMMMMMWx;::,'cKMWWWMMWWMMMk'...':d0MMMMMMMMWKXWo....;0MMMXl.''..'dNMMMXc....;0MMWk,......'ll...'o00KNWMMMMMM
+MMMMMMMMO,...,kWMMXookc:o0WMMMMXd,.......;0MMMMMNo.....,kWNXNMMNNMMM0;....;oOWMMNNMMMMMMNd::c,,OWMMXc.'....;OWMMKc....;0MMXl....,lod0k,...'cokNWMMMMMM
+MMMMMMMWx'.'.;0MMMMOccc,.cKMMMM0;........'xWMMMMWo....,lONKKWMMWNWMMKo:,',coONMMNXWMMMMMWXOk00ONMMMXc.......cXMMMO,...,OWNk;....;ONWMXc....'cKMMMMMMMM
+MMMMMMMNo....;0MMMM0:,,,'cOWMMMk,..'::....:KMMMMWOc,.'oXWMMMMMMMWMMMk:;'.':dOWMMWWWMMMMMM0:lKOlxWMMXc...'...'xWMWd....,kNNo...';l0WMMW0x:...:KMMMMMMMM
+MMMMMMMNo....;0MMMMNK000KXWMMMWx'.':kO;....dWMMMWNXo.;xKWMMMMMMMMMMMk,.':;:d0MWWWWMMMMMMMWXOoccoXMMXc...','.'c0MWd....;OWWd...'';lx0WMWKOkxxkXMMMMMMMM
+MMMMMMMNo..'.;0MMMMMMMMMMMMMMMWk;;;,kKc....lXMMMMX0OldkkNMMMMMMMMMMMO,.'c;:x0KO0NWWMMMMMMMWklldKWMMXc....cc..'oNWo....:KMWx.....:kK0kO0OOKX0KXNWMMMMMM
+MMMMMMMXc....,okOXMMMMMMMMMMMW0dx0o;OWd,,'.;OWMMWkoO0d;:0MMMMMMMMMMMx,,,,':x0NKKXNWMMMMMW0dxd;'xWMMXc....d0:..,kNo....:KMMx'....cXXl.'c:'::',:cxNMMMMM
+MMMMMMMNo....,lokNMMMMMMMMMMMWkddl;:KMO;''.'dWMMWx:;,.'cKMWNNNWMMMMMx''''.:dkdxKXXNMMMMMWx'';'.lXMMXc....dWx,'.c0o....:KMMk'....cKXc....'''.;dOXMMMMMM
+MMMMMMMNl....;kNWMMMMMMMMMMMMKc,'.'dNWNo'''.lXMMNl...'cdkKXKXXNMMMMMx'.,,,:okO0NMMMMMMMMMx'....;OMMNl....dWNo..'oo....:KMMk,...'kMWOoo;''...lXMMMMMMMM
+MMMMMMMXc....oNMMMMXOdlooxXWMk'...';coxl,''.;0MMNl...';o0NWMMMMMMMMMx'.,;,:d0WNWMMMMMMMMWx.....,OMMNl....oNMO;..;;....:KMMO,...,OMMMMNo'...,xWMMMMMMMM
+MMMMMMMKc....oNMMMMO::;..lXMWd'..''..,,'.''.,kMMWx,...,dNMMMMMMMMWMMk'....:xKMWWMMMMMMMMMk,''..lXMMNo....oNMWd'.''....:KMMO,...,OMMMMNl....'xWMMMMMMMM
+MMMMMMMNl....lNMMMMk;;:;,xWMXl....':cclc,';;'lNMNd'...,oXMMMMMMMMMMWx'....:xKMMWWMMMMMMMMKl''..cONMNo....oWMMXc.''....;0MMKc...,kMMMMNl....,kWMMMMMMMM
+MMMMMMMNo....:ONWWKo,...'oNWx'''.'xNWWWNo.',':KMWo....'c0XXNNNNNNWMMx'....,cxXXKKXKXXNWMMk,....,xKNNo....oNMMMO,.'....:KMMN0c..'oKWMW0:....,kMMMMMMMMM
+MMMMMMMM0:....,:ll;',,.'c0WXc.,'.:KMMMMMO;.'.'kMWd......,;;::::::oXMk'.....'',,,;,,;;lKMWx'''.;kWMMNo....lNMMMWd'.....:KMMW0l'.',;lol,...,;:kWMMMMMMMM
+MMMMMMMMW0o;'...'''',,,dXMMO,.'''dWMMMMM0;....oWWd,'.............:KWk,.''............:0NNd....;0MMMNo....lNMMMMXo'....:KMMMN0d;.........,lOKNMMMMMMMMM
+MMMMMMMMMMWXxl:;,,,;cdKWMMWx;,;;:OMMMMMMXo;;;;dNW0do::::::::;;;:cdKW0:,;;;,,,,,,',,,,cOKKx;;;,:0WWMWx;;;,dNMMMMM0c;;;;oXMMMMMWKxc,'..',cxXMMMMMMMMMMMM
+MMMMMMMMMMMMMWNXKKXNWMMMMMMNXXXNNWMMMMMMMNXNNNWMMMWWWNNNNNNNNNNNWWWMWNXXXXXXXKKKKKXXXXWMMWXXXXXWMMMMNXXXXNMMMMMMWNXXXNNWMMMMMMMMNKOOO0XWMMMMMMMMMMMMMM
+MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
+MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
+

config/bin_version_strings.cfg

@@ -76,7 +76,7 @@ btrfs;;unknown;"^Btrfs\ Btrfs\ v[0-9](\.[0-9]+)+?$";"sed -r 's/Btrfs\ Btrfs\ v([
 buildroot;;unknown;"getconf\ \(Buildroot\)\ [0-9]\.[0-9]+$";"sed -r 's/\(Buildroot\)\ ([0-9](\.[0-9]+)+?)/buildroot:\1/'";
 busybox;;gplv2;"BusyBox\ v[0-9](\.[0-9]+)+?\ ";"sed -r 's/BusyBox\ v([0-9](\.[0-9]+)+?)\ .*/busybox:\1/'";
 busybox;;gplv2;"BusyBox\ v[0-9](\.[0-9]+)+?\ \([0-9]+-.*\)";"sed -r 's/BusyBox\ v([0-9](\.[0-9]+)+?)\ .*/busybox:\1/'";
-busybox;;gplv2;"BusyBox\ v[0-9](\.[0-9]+)+?.*\ multi-call\ binary";"sed -r 's/BusyBox\ v([0-9](\.[0-9]+)+?)\ .*/busybox:\1/'";
+busybox;;gplv2;"BusyBox\ v[0-9](\.[0-9]+)+?.*\ multi-call\ binary";"sed -r 's/BusyBox\ v([0-9](\.[0-9]+)+?).*/busybox:\1/'";
 busybox;;gplv2;"BusyBox\ v[0-9](\.[0-9]+)+?.*\ Built-in\ shell";"sed -r 's/BusyBox\ v([0-9](\.[0-9]+)+?)\ .*/busybox:\1/'";
 busybox;live;gplv2;"^BusyBox\ http\ [0-9](\.[0-9]+)+?$";"sed -r 's/BusyBox\ http\ ([0-9](\.[0-9]+)+?)$/busybox:\1/'";
 bzip2;;bsd;"^bzip2,\ a\ block-sorting\ file\ compressor\.\ \ Version\ [0-9](\.[0-9]+)+?,\ ";"sed -r 's/bzip2,\ a\ block-sorting\ file\ compressor\.\ \ Version\ ([0-9](\.[0-9]+)+?),\ .*/bzip2:\1/'";

config/emulation_blacklist.cfg

@@ -28,3 +28,4 @@ dman
 yes
 systemd
 env
+init

helpers/helpers_emba_dependency_check.sh

@@ -211,6 +211,17 @@ setup_unblob() {
   else
     echo -e "$RED""not ok""$NC"
   fi
+  print_output "    ""sasquatch"" - \\c" "no_log"
+  if [[ -f /usr/local/bin/sasquatch_binwalk ]]; then
+    ln -s /usr/local/bin/sasquatch_binwalk "$UNBLOB_PATH"/sasquatch
+    echo -e "$GREEN""ok""$NC"
+  elif [[ -f /usr/local/bin/sasquatch_unblob ]]; then
+    ln -s /usr/local/bin/sasquatch_unblob "$UNBLOB_PATH"/sasquatch
+    echo -e "$ORANGE""warning""$NC"
+  else
+    echo -e "$RED""not ok""$NC"
+  fi
+
 }
 
 dependency_check() 

helpers/l35_msf_check.rc

@@ -87,6 +87,7 @@ def exploit_checker(host,ports,architecture)
     next if (name =~ /cve_2020_13160_anydesk/ or
              name =~ /goahead_ldpreload/ or
              name =~ /phpmailer_arg_injection/ or
+             name =~ /trans2open/ or
              name =~ /atutor_filemanager_traversal/)
 
     ports.split(",").each { |serv|

installer/IP61_unblob.sh

@@ -110,6 +110,12 @@ IP61_unblob() {
           cp -pr "$HOME"/.cache external/unblob/root_cache
           rm -rf "$HOME"/.cache || true
         fi
+        # we have seen issues with the installed sasquatch version - lets move it to another name and link to it
+        # during the testing phase. With this we are also able to install the binwalk sasquatch version in ||
+        if [[ -e /usr/bin/sasquatch ]]; then
+          echo -e "${GREEN}Backup unblob sasquatch version to $ORANGE/usr/local/bin/sasquatch_unblob$NC"
+          mv /usr/bin/sasquatch /usr/local/bin/sasquatch_unblob
+        fi
       ;;
     esac
   fi

installer/IP99_binwalk_default.sh

@@ -134,17 +134,20 @@ IP99_binwalk_default() {
           echo -e "$GREEN""yaffshiv already installed""$NC"
         fi
 
-        if ! command -v sasquatch > /dev/null ; then
-          if ! [[ -d external/binwalk/sasquatch ]]; then
-            git clone https://github.com/EMBA-support-repos/sasquatch external/binwalk/sasquatch
-          fi
-          cd external/binwalk/sasquatch || ( echo "Could not install EMBA component sasquatch" && exit 1 )
-          wget https://github.com/devttys0/sasquatch/pull/47.patch
-          patch -p1 < 47.patch
-          CFLAGS="-fcommon -Wno-misleading-indentation" ./build.sh -y
-          cd "$HOME_PATH" || ( echo "Could not install EMBA component sasquatch" && exit 1 )
-        else
-          echo -e "$GREEN""sasquatch already installed""$NC"
+        if ! [[ -d external/binwalk/sasquatch ]]; then
+          git clone https://github.com/EMBA-support-repos/sasquatch external/binwalk/sasquatch
+        fi
+        cd external/binwalk/sasquatch || ( echo "Could not install EMBA component sasquatch" && exit 1 )
+        wget https://github.com/devttys0/sasquatch/pull/47.patch
+        patch -p1 < 47.patch
+        CFLAGS="-fcommon -Wno-misleading-indentation" ./build.sh -y
+        cd "$HOME_PATH" || ( echo "Could not install EMBA component sasquatch" && exit 1 )
+
+        # we have seen issues with the unblob sasquatch version - lets move the binwalk version to another name and link to it
+        # during the testing phase. With this in place we are able to install both versions in ||
+        if [[ -e /usr/local/bin/sasquatch ]]; then
+          echo -e "${GREEN}Backup binwalk sasquatch version to $ORANGE/usr/local/bin/sasquatch_binwalk$NC"
+          mv /usr/local/bin/sasquatch /usr/local/bin/sasquatch_binwalk
         fi
 
         if ! command -v jefferson > /dev/null ; then

modules/P59_binwalk_extractor.sh

@@ -25,6 +25,14 @@ P59_binwalk_extractor() {
 
   export LINUX_PATH_COUNTER=0
 
+  # we need to check if sasquatch is the correct one for binwalk:
+  if ! [[ "$(readlink -q -f "$UNBLOB_PATH"/sasquatch)" == "/usr/local/bin/sasquatch_binwalk" ]]; then
+    if [[ -L "$UNBLOB_PATH"/sasquatch ]]; then
+      rm "$UNBLOB_PATH"/sasquatch
+    fi
+    ln -s /usr/local/bin/sasquatch_binwalk "$UNBLOB_PATH"/sasquatch || true
+  fi
+
   # typically FIRMWARE_PATH is only a file if none of the EMBA extractors were able to extract something
   # This means we are using binwalk in Matryoshka mode here
   # if we have a directory with multiple files in it we automatically pass here and run into the deep extractor

modules/P60_firmware_bin_extractor.sh

@@ -31,6 +31,13 @@ P60_firmware_bin_extractor() {
     return
   fi
 
+  # we need to check if sasquatch is the correct one for binwalk:
+  if ! [[ "$(readlink -q -f "$UNBLOB_PATH"/sasquatch)" == "/usr/local/bin/sasquatch_binwalk" ]]; then
+    if [[ -L "$UNBLOB_PATH"/sasquatch ]]; then
+      rm "$UNBLOB_PATH"/sasquatch
+    fi
+    ln -s /usr/local/bin/sasquatch_binwalk "$UNBLOB_PATH"/sasquatch || true
+  fi
 
   check_disk_space
   if ! [[ "$DISK_SPACE" -gt "$MAX_EXT_SPACE" ]]; then

modules/P61_unblob_eval.sh

@@ -51,6 +51,14 @@ P61_unblob_eval() {
     return
   fi
 
+  # we need to check if sasquatch is the correct one for unblob:
+  if ! [[ "$(readlink -q -f "$UNBLOB_PATH"/sasquatch)" == "/usr/local/bin/sasquatch_unblob" ]]; then
+    if [[ -L "$UNBLOB_PATH"/sasquatch ]]; then
+      rm "$UNBLOB_PATH"/sasquatch
+    fi
+    ln -s /usr/local/bin/sasquatch_unblob "$UNBLOB_PATH"/sasquatch || true
+  fi
+
   local FILES_EXT_UB=0
   local UNIQUE_FILES_UB=0
   local DIRS_EXT_UB=0

modules/S115_usermode_emulator.sh

@@ -378,7 +378,7 @@ run_init_test() {
   fi
 
   # fallback solution - we use the most working configuration:
-  if ! grep -q "CPU_CONFIG_det" "$LOG_PATH_MODULE""/qemu_init_cpu.txt"; then
+  if [[ -f "$LOG_PATH_MODULE""/qemu_init_cpu.txt" ]] && ! grep -q "CPU_CONFIG_det" "$LOG_PATH_MODULE""/qemu_init_cpu.txt"; then
     CPU_CONFIG_=$(grep -a CPU_CONFIG "$LOG_PATH_MODULE""/qemu_init_cpu.txt" | cut -d\; -f2 | uniq -c | sort -nr | head -1 | awk '{print $2}' || true)
     write_log "[+] CPU configuration used for $ORANGE$BIN_EMU_NAME_$GREEN: $ORANGE$CPU_CONFIG_$GREEN" "$LOG_FILE_INIT"
     write_log "CPU_CONFIG_det\;$CPU_CONFIG_" "$LOG_PATH_MODULE""/qemu_init_cpu.txt"
@@ -596,10 +596,6 @@ emulate_binary() {
     EMULATION_PARAMS=("" "-v" "-V" "-h" "-help" "--help" "--version" "version")
   fi
 
-  if [[ "$CPU_CONFIG_" == "NONE" ]]; then
-    CPU_CONFIG_=""
-  fi
-
   for PARAM in "${EMULATION_PARAMS[@]}"; do
     if [[ -z "$PARAM" ]]; then
       PARAM="NONE"
@@ -608,7 +604,7 @@ emulate_binary() {
     if [[ "$STRICT_MODE" -eq 1 ]]; then
       set +e
     fi
-    if [[ -z "$CPU_CONFIG_" ]]; then
+    if [[ -z "$CPU_CONFIG_" ]] || [[ "$CPU_CONFIG_" == "NONE" ]]; then
       write_log "[*] Emulating binary $ORANGE$BIN_$NC with parameter $ORANGE$PARAM$NC" "$LOG_FILE_BIN"
       if [[ "$CHROOT" == "jchroot" ]]; then
         timeout --preserve-status --signal SIGINT "$QRUNTIME" "$CHROOT" "${OPTS[@]}" "$R_PATH" -- ./"$EMULATOR" "$BIN_" "$PARAM" &>> "$LOG_FILE_BIN" || true &

modules/S99_grepit.sh

@@ -129,7 +129,7 @@ grepit_search() {
   local EXAMPLE="${2:-NA}"
   local FALSE_POSITIVES_EXAMPLE="${3:-NA}"
   local SEARCH_REGEX="$4"
-  local OUTFILE="$5"
+  local OUTFILE="${5:-MISSING_LOG_DIR.txt}"
   if [[ -v 6 ]]; then
     local ARGS_FOR_GREP=("${6}") # usually just -i for case insensitive or empty, very rare we use -o for match-only part with no context info
   else
@@ -3836,13 +3836,6 @@ grepit_module_crypto_creds() {
 grepit_module_api_keys() {
   print_output "[*] Starting Grepit API keys module" "no_log"
 
-  grepit_search "Slack API keys" \
-  # nosemgrep
-  'xoxp-683201246722-694612795216-829330901254-7ec6cd4f9686bc6dce91f9d81f717dbf' \
-  'FALSE_POSITIVES_EXAMPLE_PLACEHOLDER' \
-  "xox[p|b|o|a]-[0-9]{12}" \
-  "3_apikeys_slack.txt"
-
   grepit_search "Generic access token search" \
   '?access_token=' \
   'FALSE_POSITIVES_EXAMPLE_PLACEHOLDER' \