Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve post/linux/gather/checkcontainer #18191

Merged
merged 7 commits into from
Aug 8, 2023
Merged

Improve post/linux/gather/checkcontainer #18191

merged 7 commits into from
Aug 8, 2023

Conversation

jvoisin
Copy link
Contributor

@jvoisin jvoisin commented Jul 16, 2023
edited by jheysel-r7
Loading

Cousin on #18190 but for containers

Verification

List the steps needed to make sure this thing works

  • Test Podman detection
  • Test Docker detection
  • Test LXC detection
  • Test WSL detection

@jheysel-r7 jheysel-r7 self-assigned this Jul 18, 2023
jheysel-r7
jheysel-r7 reviewed Jul 18, 2023
View reviewed changes
Copy link
Contributor

@jheysel-r7 jheysel-r7 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the enhancements @jvoisin! I did some testing, everything worked great when testing in a Docker container:

msf6 post(linux/gather/checkcontainer) > set session -1
session => -1
msf6 post(linux/gather/checkcontainer) > run

[+] This appears to be a 'Docker' container
[*] Post module execution completed
msf6 post(linux/gather/checkcontainer) >

I ran into some issues testing some of the other contains and have left some suggestions.

I was wondering if you could please do me a favour and add the container setup instructions from my comments to a # Vulnerable Application section of the documentation file documentation/modules/post/linux/gather/checkcontainer.md?

The containers were created with SSH access enabled so that the auxiliary/scanner/ssh/ssh_login could be used to establish the initial session.

modules/post/linux/gather/checkcontainer.rb Outdated Show resolved Hide resolved
modules/post/linux/gather/checkcontainer.rb Outdated Show resolved Hide resolved
modules/post/linux/gather/checkcontainer.rb Outdated Show resolved Hide resolved
jheysel-r7

This comment was marked as duplicate.

Sign in to view

@jheysel-r7
Copy link
Contributor

Testing is as expected 🎉

Docker detection

msf6 post(linux/gather/checkcontainer) > set session -1
session => -1
msf6 post(linux/gather/checkcontainer) > run

[+] This appears to be a 'Docker' container
[*] Post module execution completed
msf6 post(linux/gather/checkcontainer) >

Podman detection

msf6 post(linux/gather/checkcontainer) > set session -1
session => -1
msf6 post(linux/gather/checkcontainer) > run

[+] This appears to be a 'Podman' container
[*] Post module execution completed
msf6 post(linux/gather/checkcontainer) >

LXC detection

msf6 post(linux/gather/checkcontainer) > set session -1
session => -1
msf6 post(linux/gather/checkcontainer) > run

[+] This appears to be a 'LXC' container
[*] Post module execution completed
msf6 post(linux/gather/checkcontainer)

WSL detection

msf6 post(linux/gather/checkcontainer) > set session -1
session => -1
msf6 post(linux/gather/checkcontainer) > run

[+] This appears to be a 'WSL' container
[*] Post module execution completed
msf6 post(linux/gather/checkcontainer)

@jheysel-r7 jheysel-r7 merged commit 6e8d0b3 into rapid7:master Aug 8, 2023
@jheysel-r7 jheysel-r7 added the rn-enhancement release notes enhancement label Aug 8, 2023
@jheysel-r7
Copy link
Contributor

Release Notes

This PR adds support for detecting whether a metasploit session is running in a Podman container and improves detection for sessions running in Docker, LXC and WLS containers.

@jvoisin jvoisin deleted the checkcontainer branch August 8, 2023 23:10
@FunnyWolf FunnyWolf mentioned this pull request Aug 9, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jheysel-r7 jheysel-r7 jheysel-r7 left review comments

Assignees

@jheysel-r7 jheysel-r7

Labels
enhancement rn-enhancement release notes enhancement
Projects
Metasploit Kanban
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jvoisin @jheysel-r7