e-m-b-a · p4cx · Feb 15, 2021 · Jan 26, 2021 · Jan 26, 2021 · Jan 26, 2021
diff --git a/Dockerfile b/Dockerfile
@@ -2,12 +2,15 @@ FROM kalilinux/kali-rolling
 
 RUN apt-get update && \ 
     apt-get -y upgrade && \
-    apt-get -y install wget kmod procps
+    apt-get -y install wget kmod procps sudo build-essential liblzma-dev liblzo2-dev zlib1g-dev git
 
 WORKDIR /app
 ADD . /app
 
 RUN yes | ./installer.sh
 
-ENTRYPOINT [ "/bin/bash" ]
+RUN cd ./external/cve-search/ && \
+    pip3 install -r requirements.txt && \
+    xargs sudo apt-get install -y < requirements.system
 
+ENTRYPOINT [ "/bin/bash" ]
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -5,3 +5,6 @@ services:
     volumes:
         - ${FIRMWARE}:/firmware
         - ${LOG}:/log
+        - /var/run/docker.sock:/var/run/docker.sock
+    network_mode: "host"
+
diff --git a/emba.sh b/emba.sh
@@ -64,8 +64,8 @@ main()
   export YARA=1
   export SHORT_PATH=0           # short paths in cli output
   export ONLY_DEP=0             # test only dependency
-  export DOCKER=0
-  export IGNORE_LOG_DEL=0
+  export USE_DOCKER=0
+  export IN_DOCKER=0
   export FORCE=0
   export LOG_GREP=0
   export QEMULATION=0
@@ -113,7 +113,7 @@ main()
         export BAP=1
         ;;
       D)
-        export DOCKER=1
+        export USE_DOCKER=1
         ;;
       e)
         export EXCLUDE=("${EXCLUDE[@]}" "$OPTARG")
@@ -136,7 +136,7 @@ main()
         exit 0
         ;;
       i)
-        export IGNORE_LOG_DEL=1
+        export IN_DOCKER=1
         ;;
       k)
         export KERNEL=1
@@ -186,7 +186,7 @@ main()
   fi
 
   if [[ $ONLY_DEP -eq 0 ]] ; then
-    if [[ $IGNORE_LOG_DEL -eq 0 ]] ; then
+    if [[ $IN_DOCKER -eq 0 ]] ; then
       # check if LOG_DIR exists and prompt to terminal to delete its content (y/n)
       log_folder
     fi
@@ -199,7 +199,6 @@ main()
     set_exclude
   fi
 
-
   dependency_check
 
   if [[ $KERNEL -eq 1 ]] && [[ $FIRMWARE -eq 0 ]] ; then
@@ -215,15 +214,44 @@ main()
     fi
   fi
 
+  if [[ $USE_DOCKER -eq 1 ]] ; then
+    if ! command -v docker-compose > /dev/null ; then
+      print_output "[!] No docker-compose found" "no_log"
+      print_output "$(indent "Install docker-compose via apt-get install docker-compose to use emba with docker")" "no_log"
+      exit 1
+    fi
+
+    OPTIND=1
+    ARGS=""
+    while getopts a:A:cdDe:Ef:Fghik:l:m:sz OPT ; do
+      case $OPT in
+        D|f|i|l)
+          ;;
+        *)
+          export ARGS="$ARGS -$OPT"
+          ;;
+      esac
+    done
+
+    print_output "" "no_log"
+    print_output "[!] Emba initializes kali docker container.\\n" "no_log"
+
+    if FIRMWARE="$FIRMWARE_PATH" LOG="$LOG_DIR" docker-compose run emba -c "./emba.sh -l /log/ -f /firmware -i $ARGS" ; then
+      if [[ $ONLY_DEP -eq 0 ]] ; then
+        print_output "[*] Emba finished analysis in docker container.\\n" "no_log"
+        print_output "[*] Firmware tested: $FIRMWARE_PATH" "no_log"
+        print_output "[*] Log directory: $LOG_DIR" "no_log"
+        exit
+      fi
+    else
+      print_output "[-] Emba docker failed!" "no_log"
+      exit 1
+    fi
+  fi
+
   if [[ $PRE_CHECK -eq 1 ]] ; then
     if [[ -f "$FIRMWARE_PATH" ]]; then
-
-      # we have to fix this, so that also the pre-checker modules are running inside the docker
-      if [[ $DOCKER -eq 1 ]] ; then
-        print_output "" "no_log"
-        print_output "[!] Running pre checker modules outside of the docker environment for preparation" "no_log"
-      fi
-
+
       echo
       print_output "[!] Extraction started on ""$(date)""\\n""$(indent "$NC""Firmware binary path: ""$FIRMWARE_PATH")" "no_log"
 
@@ -258,36 +286,6 @@ main()
       fi
     fi
   fi
-
-  if [[ $DOCKER -eq 1 ]] ; then
-    if ! command -v docker-compose > /dev/null ; then
-      print_output "[!] No docker-compose found" "no_log"
-      print_output "$(indent "Install docker-compose via apt-get install docker-compose to use emba with docker")" "no_log"
-      exit 1
-    fi
-
-    OPTIND=1
-    ARGS=""
-    while getopts a:A:cdDe:Ef:Fghik:l:m:sz OPT ; do
-      case $OPT in
-        D|f|i|l)
-          ;;
-        *)
-          export ARGS="$ARGS -$OPT"
-          ;;
-      esac
-    done
-
-    print_output "" "no_log"
-    print_output "[!] Emba initializes kali docker container.\\n" "no_log"
-
-    FIRMWARE="$FIRMWARE_PATH" LOG="$LOG_DIR" docker-compose run emba -c "./emba.sh -l /log/ -f /firmware/ -i $ARGS"
-
-    print_output "[*] Emba finished analysis in docker container.\\n" "no_log"
-    print_output "[*] Firmware tested: $FIRMWARE_PATH" "no_log"
-    print_output "[*] Log directory: $LOG_DIR" "no_log"
-    exit
-  fi
 
   if [[ $FIRMWARE -eq 1 ]] ; then
     if [[ -d "$FIRMWARE_PATH" ]]; then