Dashboard
In this section are described the basic steps to carry on in order to let Cosmo analyze your firmware and generate a report.
Let's start!
Sign-up
Cosmo is an online platform available at the web address cosmo.exein.io. The first step is to browse to the sign-up page, fill in the form with the requested fields and click the REGISTER
button.
A confirmation email will be sent to your email address: follow the instructions e go to the next step.
Login
Once you are sign-up to the platform you have to perform the login with your credential.
The login form is shown in the next figure: just fill in your email address and password, then click the SIGN IN
button.
Firmware image upload
Congratulations, you are in!
Now you can start uploading the firmware image you want to be scanned. You can drag'n'drop the choosen file or click the SELECT FILE
button, then browse to the file path.
Cosmo will ask you to choose the firmware type and a report title.
The firmware type can be choosen among the following:
Linux - Generic
Linux - Buildroot
Linux - OpenWrt
Linux - Yocto
Container - Docker
Container - LXC
VxWorks - Generic
UEFI - Generic
Linux
For all the Linux-based firmware types, simply load the firmware image and select the build tool used to build the image or select the firmware type "Linux - generic" if you are unsure about it.
Docker
For Docker containers, run:
docker save $CONTAINER_NAME | gzip > $NAME.tar.gz
and then submit $NAME.tar.gz to Cosmo.
(eg, docker save ubuntu:groovy | gzip > ubuntu.tar.gz
).
LXC
For LXC containers, run:
cd /var/lib/lxc/$CONTAINER_NAME/; tar --numeric-owner -czvf $NAME.tar.gz *
and then submit $NAME.tar.gz to Cosmo.
VxWorks
For VxWorks firmware, load a VxWorks-based image (version: 5 or 6, arch: ARM or PPC) and select "VxWorks/Generic" as firmware type.
UEFI
For UEFI, run:
chipsec_util.py spi dump $NAME.bin
and then submit NAME.bin to Cosmo.
info
The report title is just a mnemonic string used to identify one report among the others.
Once you have done you can click the SCAN FIRMWARE
button: the image file will be uploaded and the scan will start automatically.
A progress bar will indicate the upload process progress.
After the firmware image file is correctly uploaded and the scan started, a new entry will be shown in the report table.
The great wait
Cosmo will send you an email as soon as the scan has ended and the report is ready: it's time for a cup of coffee.
Alternatively you can upload other firmware images to Cosmo, in order to queue your scans: click the NEW REPORT
button and repeat the upload procedure with your new firmware image file.
Enjoy your report!
Once the scan are complete you will be notified by email: come back to the reports page and click the report name you want to check in details.
info
On the reports page you can find the summary of all the reports, with general indications of the uploaded firmware security.