FAQ

Q: Is EMBA in a productive state?

EMBA is a platform for optimizing our research and testing tasks in the field of IoT, OT and general embedded analysis. Because of this, we include code quite early and sometimes in a very raw state. We do not recommend setting up EMBA as a productive environment or in an unprotected environment! If you are using EMBA you should know what you are doing.

Q: After downloading EMBA nothing works if I try to start it.

A: First, run the installer (sudo ./installer.sh). Usually you are going to start with a default installation: sudo ./installer.sh -d

Q: Do I need administrative privileges to run EMBA?

A: Currently Yes. In theory is should be fine if you have the privileges to start a docker container. So, it should be mostly fine to add your user in the docker group. As this is not fully tested and implemented we currently check for admin privileges. In the future we will change this.

Q: Should I really use the emulation mode of EMBA?

A: As it gives awesome results you should give it a try. But keep in mind you are executing code on your machine and your complete environment could get compromised quite easy with it. So, just use it in default mode with the protection of the docker container. Additionally you should only use it in a secured environment without network access to the world.

Q: I have Ubuntu Linux. Can I install EMBA on it?

A: We only test EMBA on Kali Linux. However, we have heard rumors that EMBA runs quite good on a plain Ubuntu. So, give it a try. Update: EMBA supports Ubuntu in default mode! As this is currenlty not our main platform there could be Ubuntu related issues. Feel free to report it.

Q: There are so many options I can use with emba. What are your typical options running EMBA?

A: sudo ./emba.sh -z -s -l ../emba_logs/logs_FIRMWARE_FILE -f ../testimages/FIRMWARE_FILE.bin -t -E -W -D
or to keep it simple we can use the following profile:
A: sudo ./emba.sh -l ../emba_logs/logs_FIRMWARE_FILE -f ../testimages/FIRMWARE_FILE.bin -p ./scan-profiles/default-scan.emba

Q: Can I use EMBA to test IoT devices like my D'link router?

A: For sure. Give it a try.

Q: Can I use EMBA to test OT devices?

A: For sure. Give it a try.

Q: Is there a timeline for the first stable release?

A: We have no timeline but you should check the current EMBA master branch or the current version here We see EMBA as a platform for optimizing our research and testing tasks in the field of IoT, OT, embedded analysis. As a stable or productive state is not our goal, EMBA will probably never reach it.

Q: Oh my god, you are using bash. What the hell have you done!

A: Yes.

Q: EMBA does not detect a lot of versions, CVEs or exploits. What can I do?

A: You can include missing version identifiers in the config (config/bin_version_strings.cfg).

Q: Can I install EMBA behind a proxy?

A: See this issue: https://github.com/e-m-b-a/emba/issues/217

Q: Your system requirements are quite high. Can I install EMBA with lower CPU and RAM?

A: You can give it a try. But be warned, EMBA will take a long time for testing firmware. See here: https://github.com/e-m-b-a/emba/issues/118#issuecomment-876202630

Q: Your code is ugly!

A: It works on my machine!

Q: I found a bug in EMBA. How can I report it?

A: Great. Fix it and open a pull request or open an issue here.

Q: I have further questions, where can I ask them?

A: Open an issue and add the label question to it. When we have time, we will answer.

EMBA - firmware security scanning at its best

Sponsor EMBA and EMBArk:

The EMBA environment is free and open source!

We put a lot of time and energy into these tools and related research to make this happen. It's now possible for you to contribute as a sponsor!

If you like EMBA you have the chance to support future development by becoming a Sponsor

Thank You ❤️ Get a Sponsor
You can also buy us some beer here ❤️ Buy me a coffee

To show your love for EMBA with nice shirts or other merch you can check our Spreadshop