It may be useful to add a binary packer/unpacker before extracting the binarys. While reviewing the results from a previously analyzed firmware. I realized emba was missing quite a bit. Ghidra was also struggling with decompiling. When I did the firmware manually I had to run the binaries through a program called UPX. Which I learned about by running strings on the binaries. After words, I was able to decompile perfectly with ghidra.

Not sure how common something like this is. But, in my case it was extremely useful.

https://github.com/upx/upx

Snippit from strings output.

$Info: This file is packed with the UPX executable packer http://upx.sf.net $ $Id: UPX 3.95 Copyright (C) 1996-2018 the UPX Team. All Rights Reserved. $ /proc/self/exe
Device was a Merkury branded ip camera

Thank you for contributing an issue!

Welcome to the EMBA firmware analysis community!

We are glad you are here and appreciate your contribution. Please keep in mind our contributing guidelines here and here.
Also, please check existing open issues and consider to open a discussion in the dedicated discussion area.
Additionally, we have collected a lot of details around EMBA, the installation and the usage of EMBA in our Wiki.

If you like EMBA you have the chance to support us by becoming a Sponsor or buying some beer here.

This is an automatic message. Allow for time for the EMBA community to be able to read the issue and comment on it.

Thank you for your suggestion. Could you provide the firmware for testing?

Sure thing!
cw051.zip

Hi @hmnityty ! This is something that could be handled by unblob. May I recommend you open a ticket about it with details about UPX ? The repo is at https://github.com/onekey-sec/unblob

This issue is stale because it has been open for 28 days with no activity.

problem solved? Anything else we can support you?