IP Address Not Found Error

[pabz616]

Description At the step where I run the config option to whitelist my IP, the IP address is not getting found, whitelist.txt is not getting created

Commit e0338d9

System Mac M1, running Ventura 13.3

Steps

1. Completed initial steps of installing CloudGoat on my machine
2. Completed docker setup
3. Cloned the repo and completed all the steps up running $ ./cloudgoat.py config profile

Expected Result

• whitelist.txt is created with my IP address added

Actual Result

• I ran the following config step and got this error $ ./cloudgoat.py config whitelist --auto

Workaround

• I retried these steps in my Kali Linux and encountered the same steps

[DaveYesland]

Do you get an error if you just run: curl https://ifconfig.co/json

or

# python
>>import requests
>>requests.get("https://ifconfig.co/json")

Just wondering if there is not something else blocking the request to https://ifconfig.co/json

[pabz616]

@DaveYesland

1. When I curl ifconfig.co/json, I get an html response
2. With the python command in my terminal, I'm getting a 403

[DaveYesland]

Ok guessing there is something strange going on on your end with regards to that request. /json should return JSON formatted message, not HTML and it should be 200 not 403. Are you behind a reverse proxy or anything that might cause something like this?

Testing both requests on my end work as expected.

[pabz616]

No

On Tue, Apr 4, 2023 at 5:09 PM Dave Yesland @.***> wrote:

Ok guessing there is something strange going on on your end with regards to that request. /json should return JSON formatted message, not HTML and it should be 200 not 403. Are you behind a reverse proxy or anything that might cause something like this?

— Reply to this email directly, view it on GitHub https://github.com/RhinoSecurityLabs/cloudgoat/issues/181#issuecomment-1496609039, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFJ4Q3KQG5VVC4QVNT3G2YLW7SEZLANCNFSM6AAAAAAWTFOTNY . You are receiving this because you authored the thread.Message ID: @.***>

[pabz616]

@DaveYesland - Is there a boilerplate to whitelist.txt? I'm going to create my own and set my IP that way.

[DaveYesland]

You should be able to just create the whitelist.txt containing just the IP as a CIDR or you can use the config whitelist command and manually set it.

    config whitelist [--auto]
        CloudGoat needs to know what IP addresses should be
        whitelisted when potentially-vulnerable resources are
        deployed, and these IPs are tracked as CIDR ranges in a
        whitelist.txt file in CloudGoat's base directory. You may
        create and fill in this file manually, or this command may
        be used to walk through the creation process. If a whitelist
        file already exists and contains valid IP addresses, it will
        display them.

        Using the "--auto" flag will tell CloudGoat to curl ifconfig.co
        to find your IP address and create or overwrite the whitelist
        file with it.

[pabz616]

@DaveYesland I think I got some good news!

I managed to correct the IP issue in the following manner:

1. ifconfig was giving me IPV6 IP address which cloudgoat wasn't having, so I went to whatismyip.com to get the IP (IPV4)
2. Then I visited this site - https://www.meridianoutpost.com/resources/etools/network/convert-ip-to-CIDR.php? - to convert my IP to CIDR
3. I kicked off the docker instance to get to the directory usr/src/cloudgoat# and I created the whitelist.txt file there

Now I got an error with TerraForm, but this ticket can be closed