search

GoSecure / pyrdp

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
https://www.gosecure.net/blog/2020/10/20/announcing-pyrdp-1/
GNU General Public License v3.0
1.47k stars 244 forks source link

docker: executable not found #474

Closed Yashil06 closed 4 months ago

Yashil06 commented 4 months ago

As i was using the "docker option" to install the "pyrdp" :

  1. Building the docker Image (this went well) :

$ docker build -t pyrdp .

........

  1. Using the below command to run docker on the "port 3389:3389" , and i ran this from my "Kali machine" using "two different IP address( Kali Linux machine- 192.168.239.193 , Server 2019 - 192.168.239.153") :

┌──(root㉿kali)-[/opt/pyrdp]

└─# docker run -p 3389:3389 gosecure/pyrdp pyrdp-mitm.py 192.168.239.153

Below is the error message i have been encountering despite "changing the IP address" :

docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "pyrdp-mitm.py": executable file not found in $PATH: unknown.

┌──(root㉿kali)-[/opt/pyrdp]

└─# docker run -p 3389:3389 gosecure/pyrdp pyrdp.mitm.py 192.168.239.193

docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "pyrdp.mitm.py": executable file not found in $PATH: unknown. ERRO[0009] error waiting for container: context canceled

----> Unfortunately, i have tried everything and could not get pass this "error message and start the container running port 3389", this is when i tried modifying the "docker-compose.yml file" as follows to make this work :

docker-compose.yml :

This is an example of how you could use pyRDP with docker-compose.

version: "3" services: pyrdp: image: gosecure/pyrdp:latest ports:

Map container port 3389 to host port 3389

# Slim image (no GUI pyrdp-player, no pyrdp-convert)
#image: gosecure/pyrdp:latest-slim
# Uncomment a build section if you want to build your own image
# Full image
#build: .
# Slim image (no pyrdp-player without --headless and no pyrdp-convert)
#build:
#  context: .
#  dockerfile: Dockerfile.slim

# Uncomment this section only if you want to run the player.
# This allows the GUI of the player to be displayed on the host screen and
# stops Qt from using the MITM-SHM X11 Shared Memory Extension.
#environment: 
#  - DISPLAY
#  - QT_X11_NO_MITSHM=1
# This exposes the host's network to the docker. Keep in mind this could be dangerous if you deploy
# the tool for a honeypot on the internet.
#network_mode: "host"

 # Place the command you want to execute here:
 # ex: pyrdp-player
 # ex: pyrdp-mitm

After modifying the docker-compose.yml , then i tried to start it, and this worked great, however, i wonder how there was no support on the "main github pyrdp repository" :

┌──(root㉿kali)-[/opt/pyrdp]

└─# docker-compose up -d

Creating network "pyrdp_default" with the default driver

Creating pyrdp_pyrdp_1 ... done

┌──(root㉿kali)-[/opt/pyrdp]

└─# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

8bfcb83531d2 gosecure/pyrdp:latest "pyrdp-mitm 192.168.…" 2 minutes ago Up 2 minutes 0.0.0.0:3389->3389/tcp, :::3389->3389/tcp pyrdp_pyrdp_1

┌──(root㉿kali)-[/opt/pyrdp]

└─# docker-compose logs -f pyrdp

Attaching to pyrdp_pyrdp_1 pyrdp_1 | [2024-02-25 04:44:46,190] - INFO - GLOBAL - pyrdp.mitm - Target: 192.168.239.193:3389 pyrdp_1 | [2024-02-25 04:44:46,197] - INFO - GLOBAL - pyrdp.mitm - Output directory: /home/pyrdp/pyrdp_output pyrdp_1 | [2024-02-25 04:44:46,218] - INFO - GLOBAL - pyrdp.mitm.connections - MITM Server listening on 0.0.0.0:3389

This works, but i literally need to modify the "docker-compose.yml script", each and everytime i require to change the mitm-server.

Question :

  1. Can you please help me to resolve the issue above, or would you suggest otherwise, any help will be very much appreciated.

At the same time, can you also include this methodology(modifying the docker-compose.yml), as there was no mention of this on the main repo.

obilodeau commented 4 months ago

Focusing just on Docker first. Docker-compose is a fancy docker launcher so its not needed to focus on your initial problem.

Narrowing your error output to just the essential:

docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "pyrdp-mitm.py": executable file not found in $PATH: unknown.

Executable not found.

That is because we changed from pyrdp-mitm.py to pyrdp-mitm with the 2.0 release last December.

I'm not sure what documentation you follow but our documentation no longer specifies .py at the end of the executable.

obilodeau commented 4 months ago

Sorry, I forgot to highlight what you need to change. Run this instead of your previous command:

docker run -p 3389:3389 gosecure/pyrdp pyrdp-mitm 192.168.239.153

and you should be good.

Also note that you use the gosecure/pyrdp image (from dockerhub) and not the pyrdp image you just built with docker build -t pyrdp .. If you made changes to the code they will not be in the gosecure/pyrdp image.

As for docker-compose, don't use it if you don't need to.

Yashil06 commented 4 months ago

Thanks a lot, it works great