search

BishopFox / cloudfox

Automating situational awareness for cloud penetration tests.
https://bishopfox.com/blog/introducing-cloudfox
MIT License
1.9k stars 182 forks source link

Windows binary execution error #58

Closed exigopro closed 10 months ago

exigopro commented 11 months ago

Description of Bug

The windows binary has code that seems to be looking for a certificate in a hardcoded location. It then fails to execute:

PS C:\Users\XYZ\Downloads\cloudfox> .\cloudfox.exe aws --profile scanuser all-checks open C:\Users\UserX\Documents\RootCert.pem: The system cannot find the path specified. panic: runtime error: invalid memory address or nil pointer dereference [signal 0xc0000005 code=0x0 addr=0x18 pc=0x20bc0a3]

goroutine 1 [running]: github.com/BishopFox/cloudfox/internal.AWSConfigFileLoader({, }, {, }) /home/runner/work/cloudfox/cloudfox/internal/aws.go:41 +0x303 github.com/BishopFox/cloudfox/internal.AWSWhoami({0xc00000a118, 0x8}, {0x5e90f90, 0x6}) /home/runner/work/cloudfox/cloudfox/internal/aws.go:53 +0x45 github.com/BishopFox/cloudfox/cli.awsPreRun(0xc000496b00?, {0x5e8ea79?, 0x4?, 0x5e8ea7d?}) /home/runner/work/cloudfox/cloudfox/cli/aws.go:484 +0x188 github.com/spf13/cobra.(Command).execute(0x818b280, {0xc0000f2540, 0x2, 0x2}) /home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:929 +0x7d1 github.com/spf13/cobra.(Command).ExecuteC(0x8185680) /home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:1068 +0x3a5 github.com/spf13/cobra.(*Command).Execute(...) /home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:992 main.main() /home/runner/work/cloudfox/cloudfox/main.go:19 +0x51

The same goes when executing it with the Go version: PS C:\Windows\system32> cloudfox aws all-checks --profile scanuser open C:\Users\UserX\Documents\RootCert.pem: The system cannot find the path specified. panic: runtime error: invalid memory address or nil pointer dereference [signal 0xc0000005 code=0x0 addr=0x18 pc=0x1e6c1a3]

goroutine 1 [running]: github.com/BishopFox/cloudfox/internal.AWSConfigFileLoader({, }, {, }) C:/Users//go/pkg/mod/github.com/!bishop!fox/cloudfox@v1.12.2/internal/aws.go:41 +0x303 github.com/BishopFox/cloudfox/internal.AWSWhoami({0xc000184090, 0x8}, {0x5c412b2, 0x6}) C:/Users//go/pkg/mod/github.com/!bishop!fox/cloudfox@v1.12.2/internal/aws.go:53 +0x45 github.com/BishopFox/cloudfox/cli.awsPreRun(0xc00028cb00?, {0x5c3ed9b?, 0x4?, 0x5c3ed9f?}) C:/Users//go/pkg/mod/github.com/!bishop!fox/cloudfox@v1.12.2/cli/aws.go:484 +0x188 github.com/spf13/cobra.(Command).execute(0x7f3b1e0, {0xc000187640, 0x2, 0x2}) C:/Users//go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:929 +0x7d1 github.com/spf13/cobra.(Command).ExecuteC(0x7f355e0) C:/Users//go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:1068 +0x3a5 github.com/spf13/cobra.(*Command).Execute(...) C:/Users//go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:992 main.main() C:/Users//go/pkg/mod/github.com/!bishop!fox/cloudfox@v1.12.2/main.go:19 +0x51 PS C:\Windows\system32>

What should the expected behavior be

Platform Affected

[ ] Dev [ ] Preview [x ] Production

Steps to Reproduce

Steps to reproduce the behavior Use the Windows binary in latest version.

Additional context

Powershell window running the cloudfox.exe binary

sethsec-bf commented 11 months ago

Thanks for this @exigopro. I'll look into it!

sethsec-bf commented 10 months ago

Hey @exigopro - I can't seem to reproduce this. Are you by any chance behind a proxy? Does the AWS CLI work without issue?