Shortcut to abort the current module

Question

Shortcut to abort the current module

naranek opened this issue 4 months ago · comments

Is your feature request related to a problem? Please describe.
Sometimes a module gets stuck and the analysis won't finish. If you press Ctrl+C, it will detect an Interrupt and stop the whole analysis. As I understand it, modules that would be run after the stuck module won't be run - leaving the analysis incomplete.

Describe the solution you'd like
There should be some other shortcut or way to stop / abort just the current module and continue with the rest.

Describe alternatives you've considered
Maybe try killing the process and see if the analysis continues? Didn't try it though as it just came to mind writing this.

Priority issue
Are you already a Sponsor? - Nope

Additional context
It seems that different EMBA modules can get stuck depending on the firmware and options. For example I had a S26_kernel_vuln_verifier run overnight just now.

github-actions · Answer 1 · Tue Feb 06 2024 16:13:02 GMT+0800 (China Standard Time)

Thank you for contributing an issue!

Welcome to the EMBA firmware analysis community!

We are glad you are here and appreciate your contribution. Please keep in mind our contributing guidelines here and here.
Also, please check existing open issues and consider to open a discussion in the dedicated discussion area.
Additionally, we have collected a lot of details around EMBA, the installation and the usage of EMBA in our Wiki.

If you like EMBA you have the chance to support us by becoming a Sponsor or buying some beer here.

This is an automatic message. Allow for time for the EMBA community to be able to read the issue and comment on it.

Michael Messner · Answer 2 · Tue Feb 06 2024 16:25:02 GMT+0800 (China Standard Time)

@naranek thank you for your question.

Usually EMBA is running in threaded mode. This means that normally not only one module is running, there are running multiple modules in ||. The things you are seeing is the output of the modules. The modules are running detached and so you can't just stop one module.

The thing you can do is just run modules you are interested in. The s26 module is running for quite a while, but you get a much better overview of the interesting kernel vulnerabilities out of it. If you don't want to run it just add it to your scanning profile as shown here

Jarmo Lahtiranta · Answer 3 · Tue Feb 06 2024 16:30:55 GMT+0800 (China Standard Time)

Ah - got it... so if one module is stuck or is taking a long time, others have a chance to finish in parallel regardless of that. So Ctrl+C at this point actually does what I was hoping for. Awesome! Thanks a lot for help :)