Firmware¶
Firmware is the core of any device. It brings the equipment to life and powers all its operations. Unfortunately, vulnerabilities in the firmware can compromise the complete system and may also cause physical damage in and around the device.
firmware.linux.gencdxbom¶
This plugin generates an SBOM (Software Bill Of Material) from the firmware file system that conforms to the CycloneDX SBOM Specification. CycloneDX is an open specification for generating SBOMs. More details can be found here - CycloneDX.
Usage details:
ef> run firmware.linux.gencdxbom -h
Examples¶
Generate CycloneDX SBOM from an extracted firmware filesystem and write
(-f
) the SBOM JSON to a file.
ef> run firmware.linux.gencdxbom -r /tmp/firmware/rootfs -f /tmp/foo.json
[...]
[*] Generating CycloneDX bom of directory (/tmp/firmware/rootfs)
[+] Total count:
[+] files: 5
[+] dirs: 4
[+] hiddenfiles: 1
[+] hiddentdirs: 1
[+] symlinks: 0
[+]
[+]
[+] Test firmware.linux.gencdxbom passed
You can also use the verbose (-v
) option to see the SBOM details. Please
note that this output is only for viewing and does not conform to CycloneDX Spec.
ef> run firmware.linux.gencdxbom -r /tmp/firmware/rootfs -v
[...]
[*] Generating CycloneDX bom of directory (tmp/firmware/rootfs)
[+] Total count:
[+] files: 5
[+] dirs: 4
[+] hiddenfiles: 1
[+] hiddentdirs: 1
[+] symlinks: 0
[+]
[+] bomFormat: CycloneDX
[+] specVersion: 1.4
[+] serialNumber: urn:uuid:c9461f43-1b29-40e3-c29e-79ba93ac7874
[+] version: 1
[+] metadata:
[+] timestamp: 1258406532.832527
[+] tools:
[+] vendor: EXPLIoT
[+] name: EXPLIoT Framework
[+] components:
[+] type: file
[+] name: pass
[+] mime-type: text/plain
[+] description: ASCII text
[+] hashes:
[+] alg: SHA-1
[+] content: a1a9de5dc7f97ccd8c4de52d04e30b3dd52ac4f0
[+] alg: SHA-256
[+] content: e08abd37723c0a3ea3724a4d1bc8b2ce192751de961160140e5c5a66e2d7afb8
[+] properties:
[+] name: expliot:file:path
[+] value: /.protected/pass
[+] name: expliot:file:mode
[+] value: -rw-rw-r--
[+] name: expliot:file:size
[+] value: 7
[...]
[+] type: file
[+] name: ls
[+] mime-type: application/x-sharedlib
[+] description: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, missing section headers
[+] hashes:
[+] alg: SHA-1
[+] content: 3760d26e2e361384598b1e01d65dec56547ea1af
[+] alg: SHA-256
[+] content: 10d54b2b1dbf8f73fc152ba0430e59bdc0c4c2ac5c40d990ea4e36de1407f022
[+] properties:
[+] name: expliot:file:path
[+] value: /usr/bin/ls
[+] name: expliot:file:mode
[+] value: -rwxr-xr-x
[+] name: expliot:file:size
[+] value: 116696
[+]
[+] Test firmware.linux.gencdxbom passed