shellcheck braces check in check_project and in workflow

.github/workflows/shellcheck.yml

@@ -27,5 +27,5 @@ jobs:
       - name: ShellCheck EMBA
         uses: ludeeus/action-shellcheck@master
         env:
-          SHELLCHECK_OPTS: -x
+          SHELLCHECK_OPTS: -x -o require-variable-braces
 

check_project.sh

@@ -185,7 +185,7 @@ check() {
   echo -e "\\n""${GREEN}""Run shellcheck and semgrep:""${NC}""\\n"
   for SOURCE in "${SOURCES[@]}"; do
     echo -e "\\n""${GREEN}""Run ${ORANGE}shellcheck${GREEN} on ${ORANGE}${SOURCE}""${NC}""\\n"
-    if shellcheck -x -P "${INSTALLER_DIR}":"${HELP_DIR}":"${MOD_DIR}":"${MOD_DIR_LOCAL}" "${SOURCE}" || [[ $? -ne 1 && $? -ne 2 ]]; then
+    if shellcheck -x -o require-variable-braces -P "${INSTALLER_DIR}":"${HELP_DIR}":"${MOD_DIR}":"${MOD_DIR_LOCAL}" "${SOURCE}" || [[ $? -ne 1 && $? -ne 2 ]]; then
       echo -e "${GREEN}""${BOLD}""==> SUCCESS""${NC}""\\n"
     else
       echo -e "\\n""${ORANGE}""${BOLD}""==> FIX ERRORS""${NC}""\\n"

config/report_templates/F20_vul_aggregator-post.sh

@@ -1,25 +1,25 @@
 #!/bin/bash
 
 print_output "[*] Exploitability notes:"
-print_output "$(indent "${ORANGE}R$NC - remote exploits")"
-print_output "$(indent "${ORANGE}L$NC - local exploits")"
-print_output "$(indent "${ORANGE}D$NC - DoS exploits")"
-# print_output "$(indent "${ORANGE}G$NC - PoC code found on Github (unknown exploit vector)")"
+print_output "$(indent "${ORANGE}R${NC} - remote exploits")"
+print_output "$(indent "${ORANGE}L${NC} - local exploits")"
+print_output "$(indent "${ORANGE}D${NC} - DoS exploits")"
+# print_output "$(indent "${ORANGE}G${NC} - PoC code found on Github (unknown exploit vector)")"
 # write_link "https://github.com/trickest/cve"
-print_output "$(indent "${ORANGE}P$NC - PoC code found on Packetstormsecurity (unknown exploit vector)")"
+print_output "$(indent "${ORANGE}P${NC} - PoC code found on Packetstormsecurity (unknown exploit vector)")"
 write_link "https://packetstormsecurity.com/files/tags/exploit/"
-print_output "$(indent "${ORANGE}S$NC - PoC code found on Snyk vulnerability database (unknown exploit vector)")"
+print_output "$(indent "${ORANGE}S${NC} - PoC code found on Snyk vulnerability database (unknown exploit vector)")"
 write_link "https://security.snyk.io/vuln"
-print_output "$(indent "${ORANGE}X$NC - Vulnerability is known as exploited")"
+print_output "$(indent "${ORANGE}X${NC} - Vulnerability is known as exploited")"
 write_link "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
-if [[ -f "$LOG_DIR"/s26_kernel_vuln_verifier.txt ]]; then
-  print_output "$(indent "${ORANGE}V$NC - Kernel vulnerability was verified from module s26")"
+if [[ -f "${LOG_DIR}"/s26_kernel_vuln_verifier.txt ]]; then
+  print_output "$(indent "${ORANGE}V${NC} - Kernel vulnerability was verified from module s26")"
   write_link "s26"
 fi
 print_ln
 print_ln
 print_output "[*] Source notes:"
-print_output "$(indent "${ORANGE}STAT$NC - Details found by static modules (S06, S09, S24, S25)")"
-print_output "$(indent "${ORANGE}PACK$NC - Details found by package management environment (S08)")"
-print_output "$(indent "${ORANGE}UEMU$NC - Details found by dynamic user-mode emulation modules (S115, S116)")"
-print_output "$(indent "${ORANGE}SEMU$NC - Details found by dynamic system emulation modules (L*)")"
+print_output "$(indent "${ORANGE}STAT${NC} - Details found by static modules (S06, S09, S24, S25)")"
+print_output "$(indent "${ORANGE}PACK${NC} - Details found by package management environment (S08)")"
+print_output "$(indent "${ORANGE}UEMU${NC} - Details found by dynamic user-mode emulation modules (S115, S116)")"
+print_output "$(indent "${ORANGE}SEMU${NC} - Details found by dynamic system emulation modules (L*)")"

config/report_templates/P11_dlink_SHRS_enc_extract-post.sh

@@ -3,10 +3,10 @@
 print_output "EMBA was able to identify an encrypted ${ORANGE}D'Link${NC} firmware image. This firmware image was protected with leaked key material and it is possible to decrypt the firmware for further analysis."
 print_ln
 print_output "While EMBA is currently able to decrypt firmware with the different header details, like ${ORANGE}SHRS${NC} and ${ORANGE}encrpted_img${NC}, others can't be decrypted by EMBA."
-if [[ "$DLINK_ENC_DETECTED" -eq 1 ]]; then
+if [[ "${DLINK_ENC_DETECTED}" -eq 1 ]]; then
   print_ln
-  print_output "In the current case the original firmware was encrypted with the ${ORANGE}SHRS${NC} mechanism and was decrypted to ${ORANGE}$EXTRACTION_FILE${NC}"
-elif [[ "$DLINK_ENC_DETECTED" -eq 2 ]]; then
+  print_output "In the current case the original firmware was encrypted with the ${ORANGE}SHRS${NC} mechanism and was decrypted to ${ORANGE}${EXTRACTION_FILE}${NC}"
+elif [[ "${DLINK_ENC_DETECTED}" -eq 2 ]]; then
   print_ln
-  print_output "In the current case the original firmware was encrypted with the ${ORANGE}encrpted_img${NC} mechanism and was decrypted to ${ORANGE}$EXTRACTION_FILE${NC}"
+  print_output "In the current case the original firmware was encrypted with the ${ORANGE}encrpted_img${NC} mechanism and was decrypted to ${ORANGE}${EXTRACTION_FILE}${NC}"
 fi

config/report_templates/P16_EnGenius_decryptor-post.sh

@@ -2,4 +2,4 @@
 
 print_output "EMBA was able to identify an encrypted ${ORANGE}EnGenius${NC} firmware image. This firmware image was protected with leaked key material and it is possible to decrypt the firmware for further analysis."
 print_ln
-print_output "The original firmware was decrypted to ${ORANGE}$EXTRACTION_FILE${NC}"
+print_output "The original firmware was decrypted to ${ORANGE}${EXTRACTION_FILE}${NC}"

config/report_templates/P18_qnap_decryptor-post.sh

@@ -2,4 +2,4 @@
 
 print_output "EMBA was able to identify an encrypted ${ORANGE}QNAP${NC} firmware image. This firmware image was protected with leaked key material and it is possible to decrypt the firmware for further analysis."
 print_ln
-print_output "The original firmware was decrypted to ${ORANGE}$EXTRACTION_FILE${NC}"
+print_output "The original firmware was decrypted to ${ORANGE}${EXTRACTION_FILE}${NC}"

config/report_templates/S10_binaries_basic_check-pre.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
 
-print_output "This module identifies the usage of critical binary functions in firmware via ${ORANGE}readelf$NC."
+print_output "This module identifies the usage of critical binary functions in firmware via ${ORANGE}readelf${NC}."
 print_output "Examples of binary functions are system, strcpy, printf and strcat. These functions are listed in the configuration"
 print_output "file config/functions.cfg."

config/report_templates/S13_weak_func_check-pre.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-print_output "This module identifies the usage of critical binary functions in firmware via ${ORANGE}objdump$NC."
+print_output "This module identifies the usage of critical binary functions in firmware via ${ORANGE}objdump${NC}."
 print_output "Examples of binary functions are system, strcpy, printf and strcat. These functions are configured in the configuration"
 print_output "file config/functions.cfg. The module counts the usages per binary. For strcpy functions it also counts strlen functions"
 print_output "right before the strcpy function. Additionally it checks if the binary is a known Linux binary or unknown and probably"

config/report_templates/S14_weak_func_radare_check-pre.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-print_output "This module identifies the usage of critical binary functions in firmware via ${ORANGE}radare2$NC."
+print_output "This module identifies the usage of critical binary functions in firmware via ${ORANGE}radare2${NC}."
 print_output "Examples of binary functions are system, strcpy, printf and strcat. These functions are configured in the configuration"
 print_output "file config/functions.cfg. The module counts the usages per binary. For strcpy functions it also counts strlen functions"
 print_output "right before the strcpy function. Additionally it checks if the binary is a known Linux binary or unknown and probably"

config/report_templates/S26_kernel_vuln_verifier-post.sh

@@ -1,15 +1,15 @@
 #!/bin/bash
 
 print_output "[*] Exploitability notes:"
-print_output "$(indent "${ORANGE}EDB$NC - Exploit code found in the Exploit database")"
+print_output "$(indent "${ORANGE}EDB${NC} - Exploit code found in the Exploit database")"
 write_link "https://exploit-db.com"
-print_output "$(indent "${ORANGE}MSF$NC - Exploit code found in the Metasploit framework")"
+print_output "$(indent "${ORANGE}MSF${NC} - Exploit code found in the Metasploit framework")"
 write_link "https://github.com/rapid7/metasploit-framework"
-# print_output "$(indent "${ORANGE}GH$NC - PoC code found on Github (via trickest)")"
+# print_output "$(indent "${ORANGE}GH${NC} - PoC code found on Github (via trickest)")"
 # write_link "https://github.com/trickest/cve"
-print_output "$(indent "${ORANGE}PS$NC - PoC code found on Packetstormsecurity")"
+print_output "$(indent "${ORANGE}PS${NC} - PoC code found on Packetstormsecurity")"
 write_link "https://packetstormsecurity.com/files/tags/exploit/"
-print_output "$(indent "${ORANGE}SNYK$NC - PoC code found on Snyk vulnerability database")"
+print_output "$(indent "${ORANGE}SNYK${NC} - PoC code found on Snyk vulnerability database")"
 write_link "https://security.snyk.io/vuln"
-print_output "$(indent "${ORANGE}EXP$NC - Vulnerability is known as exploited")"
+print_output "$(indent "${ORANGE}EXP${NC} - Vulnerability is known as exploited")"
 write_link "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"

helpers/helpers_emba_helpers.sh

@@ -239,6 +239,7 @@ enable_strict_mode() {
     # http://redsymbol.net/articles/unofficial-bash-strict-mode/
     # https://github.com/tests-always-included/wick/blob/master/doc/bash-strict-mode.md
     # shellcheck source=./installer/wickStrictModeFail.sh
+    # shellcheck disable=SC1091
     source ./installer/wickStrictModeFail.sh
     load_strict_mode_settings
     trap 'wickStrictModeFail $? | tee -a "${LOG_DIR}"/emba_error.log' ERR  # The ERR trap is triggered when a script catches an error