Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker build updates for Kali 2023.4 #945

Merged
merged 13 commits into from
Dec 7, 2023
Merged

Docker build updates for Kali 2023.4 #945

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
cece243
improve r2 installation
m-1-k-3 Dec 7, 2023
29259d0
Merge branch 'e-m-b-a:master' into master
m-1-k-3 Dec 7, 2023
eafe94d
docker build
m-1-k-3 Dec 7, 2023
ff468e4
trial
m-1-k-3 Dec 7, 2023
94de999
trial
m-1-k-3 Dec 7, 2023
6d1bad7
trial
m-1-k-3 Dec 7, 2023
ae9e07c
trial
m-1-k-3 Dec 7, 2023
67da419
r2 install
m-1-k-3 Dec 7, 2023
0a737a7
docker build fix
m-1-k-3 Dec 7, 2023
8e5f26a
check
m-1-k-3 Dec 7, 2023
2b4628c
workflow
m-1-k-3 Dec 7, 2023
f0082dd
workflow
m-1-k-3 Dec 7, 2023
c7d2d01
kali template
m-1-k-3 Dec 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
9 changes: 6 additions & 3 deletions .github/ISSUE_TEMPLATE/new_kali_release.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,19 +15,22 @@ We need to test EMBA on it

Testfirmware: [DLink DIR300](https://ftp.dlink.de/dir/dir-300/archive/driver_software/DIR-300_fw_revb_214b01_ALL_de_20130206.zip)

- [ ] Default/docker installation working with current docker image (`./installer.sh -d`)
- [ ] Default/docker installation working with current docker image
- [ ] `./installer.sh -d` finished without errors
- [ ] dependency check (`./emba -d 1`)
- [ ] EMBA run with profile default-scan
- [ ] EMBA run with profile default-scan in strict mode (-S)
- [ ] EMBA run with profile default-scan-emulation in strict mode (-S)
- [ ] EMBA run with profile full-scan in strict mode (-S)
- [ ] Docker build (`sudo docker-compose build --no-cache --pull`)
- [ ] Docker base image build
- [ ] `sudo docker-compose build --no-cache --pull` finished without errors
- [ ] dependency check (`./emba -d 2`)
- [ ] EMBA run with profile default-scan
- [ ] EMBA run with profile default-scan in strict mode (-S)
- [ ] EMBA run with profile default-scan-emulation in strict mode (-S)
- [ ] EMBA run with profile full-scan in strict mode (-S)
- [ ] Full installation working (`./installer.sh -F`)
- [ ] Full installation working on Kali Linux
- [ ] `./installer.sh -F` finished without errors
- [ ] dependency check (`./emba -d 1`)
- [ ] EMBA run in dev mode with options -s -z -S -D -E -t -W -Q
- [ ] EMBA run in dev mode with options -s -z -S -D, -c, -E, -t, -W -Q
Expand Down
28 changes: 11 additions & 17 deletions .github/workflows/docker-image.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,17 @@
name: EMBA Docker Image build

on:
# push:
# branches:
# - '**' # matches every branch
# pull_request:
# branches:
# - '**'
# Allows you to run this workflow manually from the Actions tab
# workflow_dispatch:
schedule:
- cron: '0 0 * * *' # do it every day

#on:
# push:
# branches:
# - '**' # matches every branch
# pull_request:
# branches:
# - '**'
# # Allows you to run this workflow manually from the Actions tab
# workflow_dispatch:

jobs:
docker-build:
Expand All @@ -32,18 +31,13 @@ jobs:
large-packages: false
swap-storage: true
- name: EMBA container build
uses: nick-fields/retry@v2
with:
timeout_minutes: 600
max_attempts: 3
command: |
run: |
sudo docker image prune -f
sudo docker container prune -f
sudo apt-get update -y
sudo apt-get install python3-venv -y
mkdir ./external
python3 -m venv "./external/emba_venv"
source "./external/emba_venv/bin/activate"
sudo docker-compose build --no-cache --pull
sudo ./emba -d 2 -y
deactivate
echo "GH_action:true" > ./config/gh_action
sudo docker-compose build --no-cache --pull && sudo ./emba -d 2 -y
18 changes: 14 additions & 4 deletions installer/I13_disasm.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ I13_disasm() {
print_file_info "${BINUTIL_VERSION_NAME}" "The GNU Binutils are a collection of binary tools." "https://ftp.gnu.org/gnu/binutils/${BINUTIL_VERSION_NAME}.tar.gz" "external/${BINUTIL_VERSION_NAME}.tar.gz" "external/objdump"
print_tool_info "texinfo" 1
print_tool_info "git" 1
print_tool_info "wget" 1
print_tool_info "gcc" 1
print_tool_info "make" 1
print_tool_info "build-essential" 1
Expand All @@ -38,6 +39,7 @@ I13_disasm() {
print_tool_info "python3" 1
print_tool_info "python-is-python3" 1
print_tool_info "libzip-dev" 1
print_tool_info "meson" 1
# if [[ "${OTHER_OS}" -eq 0 ]] && [[ "${UBUNTU_OS}" -eq 0 ]]; then
# print_tool_info "radare2" 1
# else
Expand Down Expand Up @@ -82,13 +84,21 @@ I13_disasm() {

# radare2
echo -e "${ORANGE}""${BOLD}""Install radare2""${NC}"
apt-get install radare2 libradare2-dev libradare2-common libradare2-5.0.0 -y
# apt-get install radare2 libradare2-dev libradare2-common libradare2-5.0.0 -y
git clone https://github.com/radareorg/radare2.git external/radare2
cd external/radare2 || ( echo "Could not install EMBA component radare2" && exit 1 )
# we remove the line to execute the script again as sudo user (non root)
# this mechanism is not working with our docker container and results in an endless loop
sed -i '/exec sudo -u.*install.sh \$\*/d' sys/install.sh
sys/install.sh
cd "${HOME_PATH}" || ( echo "Could not install EMBA component radare2" && exit 1 )

echo -e "${ORANGE}""${BOLD}""Install radare2 package r2dec""${NC}"
r2pm init
r2pm update
# r2pm init
# r2pm update
# r2pm install r2dec
r2pm -cgi r2dec
# r2pm -cgi r2dec
r2pm -Uci r2dec
echo -e "${ORANGE}""${BOLD}""Installed r2 plugins:""${NC}"
r2pm -l
# cp -pri /root/.local/share/radare2 external/radare_local_bak
Expand Down
31 changes: 17 additions & 14 deletions modules/S120_cwe_checker.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -159,21 +159,24 @@ final_cwe_log() {
local CWE_CNT=""

if [[ -d "${LOG_PATH_MODULE}" ]]; then
mapfile -t CWE_OUT < <( jq -r '.[] | "\(.name) \(.description)"' "${LOG_PATH_MODULE}"/cwe_*.log | cut -d\) -f1 | tr -d '(' | sort -u|| true)
print_ln
if [[ ${#CWE_OUT[@]} -gt 0 ]] ; then
print_bar
print_output "[+] cwe-checker found a total of ""${ORANGE}""${TOTAL_CWE_CNT}""${GREEN}"" of the following security issues:"
for CWE_LINE in "${CWE_OUT[@]}"; do
CWE="$(echo "${CWE_LINE}" | awk '{print $1}')"
CWE_DESC="$(echo "${CWE_LINE}" | cut -d\ -f2-)"
# do not change this to grep -c!
# shellcheck disable=SC2126
CWE_CNT="$(grep "${CWE}" "${LOG_PATH_MODULE}"/cwe_*.log 2>/dev/null | wc -l || true)"
print_output "$(indent "$(orange "${CWE}""${GREEN}"" - ""${CWE_DESC}"" - ""${ORANGE}""${CWE_CNT}"" times.")")"
done
print_bar
local CWE_LOGS=("${LOG_PATH_MODULE}"/cwe_*.log)
if [[ "${#CWE_LOGS[@]}" -gt 0 ]]; then
mapfile -t CWE_OUT < <( jq -r '.[] | "\(.name) \(.description)"' "${LOG_PATH_MODULE}"/cwe_*.log | cut -d\) -f1 | tr -d '(' | sort -u|| true)
print_ln
if [[ ${#CWE_OUT[@]} -gt 0 ]] ; then
print_bar
print_output "[+] cwe-checker found a total of ""${ORANGE}""${TOTAL_CWE_CNT}""${GREEN}"" of the following security issues:"
for CWE_LINE in "${CWE_OUT[@]}"; do
CWE="$(echo "${CWE_LINE}" | awk '{print $1}')"
CWE_DESC="$(echo "${CWE_LINE}" | cut -d\ -f2-)"
# do not change this to grep -c!
# shellcheck disable=SC2126
CWE_CNT="$(grep "${CWE}" "${LOG_PATH_MODULE}"/cwe_*.log 2>/dev/null | wc -l || true)"
print_output "$(indent "$(orange "${CWE}""${GREEN}"" - ""${CWE_DESC}"" - ""${ORANGE}""${CWE_CNT}"" times.")")"
done
print_bar
print_ln
fi
fi
fi
}
Expand Down