diff --git a/config/distri_id.cfg b/config/distri_id.cfg index f8f025f4c..d7917883b 100644 --- a/config/distri_id.cfg +++ b/config/distri_id.cfg @@ -7,9 +7,9 @@ supermicrox11-bmc;/sbin/net-snmp-config; grep -E "x11.*AST2400.*arm-linux.*PLATF OpenWRT;/etc/openwrt_release;grep -a -o -E -e "^DISTRIB_ID=.*" -a -o -E -e "^DISTRIB_RELEASE=.*[0-9].*" -a -o -E -e "^DISTRIB_REVISION=.*";sed 's/DISTRIB_ID=//g' | sed 's/DISTRIB_RELEASE=//g' | sed 's/DISTRIB_REVISION=//g' OpenWRT;/etc/openwrt_version;grep -E -e "[0-9]+\.[0-9]+";sed -e 's/^/OpenWrt\ /g' buildroot;/etc/os-release;grep -a -o -E -e "^NAME=.*" -a -o -E -e "^VERSION_ID=[0-9].*";sed 's/NAME=//g' | sed 's/VERSION_ID=//g' +debian-Linux;/etc/debian_version;grep -a -o -E -e "[0-9]+(\.[0-9]+)+?";sed 's/^/debian\ /' os-release-Linux;/etc/os-release;grep -a -o -E -e "^ID=.*" -a -o -E -e "^VERSION_ID=.*";sed 's/VERSION_ID=//g' | sed 's/ID=//g' lsb-release-Linux;/etc/lsb-release;grep -a -o -E -e "^DISTRIB_ID=.*" -a -o -E -e "^DISTRIB_RELEASE=.*";sed 's/DISTRIB_ID=//g' | sed 's/DISTRIB_RELEASE=//g' -debian-Linux;/etc/debian_version;grep -a -o -E -e "[0-9]+(\.[0-9]+)+?";sed 's/^/debian\ /' DD-WRT;/etc/motd;grep -a -o -E "DD-WRT v[0-9]+(-sp[0-9])?";sort -u # DD-WRT build #23 DD-WRT;/etc/motd;grep -a -o -E "DD-WRT build.\#[0-9][0-9]";sort -u diff --git a/helpers/helpers_emba_dependency_check.sh b/helpers/helpers_emba_dependency_check.sh index 50d2619f3..21644687e 100755 --- a/helpers/helpers_emba_dependency_check.sh +++ b/helpers/helpers_emba_dependency_check.sh @@ -133,7 +133,7 @@ check_nvd_db() { local REMOTE_HASH="${1:-}" local LOCAL_HASH="" if [[ -d "${EXT_DIR}"/nvd-json-data-feeds ]] ; then - LOCAL_HASH="$(head -c 8 "${EXT_DIR}"/nvd-json-data-feeds/.git/refs/heads/main)" + LOCAL_HASH="$(head "${EXT_DIR}"/nvd-json-data-feeds/.git/refs/heads/main)" if [[ "${REMOTE_HASH}" == "${LOCAL_HASH}" ]]; then echo -e " CVE database version - ${GREEN}ok${NC}" @@ -147,7 +147,7 @@ check_epss_db() { local REMOTE_HASH="${1:-}" local LOCAL_HASH="" if [[ -d "${EXT_DIR}"/EPSS-data ]] ; then - LOCAL_HASH="$(head -c 8 "${EXT_DIR}"/EPSS-data/.git/refs/heads/main)" + LOCAL_HASH="$(head "${EXT_DIR}"/EPSS-data/.git/refs/heads/main)" if [[ "${REMOTE_HASH}" == "${LOCAL_HASH}" ]]; then echo -e " EPSS database version - ${GREEN}ok${NC}" @@ -161,7 +161,8 @@ check_git_hash() { local REMOTE_HASH="${1:-}" local LOCAL_HASH="" if git rev-parse --is-inside-work-tree >/dev/null 2>&1 ; then - LOCAL_HASH="$(git describe --always)" + LOCAL_HASH="$(head .git/refs/heads/master)" + # LOCAL_HASH="$(git describe --always)" if [[ "${REMOTE_HASH}" == "${LOCAL_HASH}" ]]; then echo -e " EMBA github version - ${GREEN}ok${NC}" diff --git a/modules/S06_distribution_identification.sh b/modules/S06_distribution_identification.sh index a037164e7..ef6bd80e9 100755 --- a/modules/S06_distribution_identification.sh +++ b/modules/S06_distribution_identification.sh @@ -48,6 +48,15 @@ S06_distribution_identification() lSEARCH_FILE="$(safe_echo "${CONFIG}" | cut -d\; -f2)" # echo "lSEARCH_FILE: $lSEARCH_FILE" # echo "FIRMWARE_PATH: $FIRMWARE_PATH" + if [[ "${lSEARCH_FILE}" == *"os-release"* ]] || [[ "${lSEARCH_FILE}" == *"lsb-release"* ]]; then + # lets check if we have already a valid debian entry -> if so, we can skip this test + # this usually happens if we have already found an os_release or lsb-release file + # echo "Check for debian - os_release / lsb-release" + if grep -qE "debian_linux:[0-9]+" "${S06_CSV_LOG}"; then + print_output "[*] Already identified Debian Linux version -> skipping further tests now" "no_log" + continue + fi + fi mapfile -t lFOUND_FILES_ARR < <(find "${FIRMWARE_PATH}" -xdev -iwholename "*${lSEARCH_FILE}" || true) for lFILE in "${lFOUND_FILES_ARR[@]}"; do # print_output "lFILE: ${lFILE}"