-margaritashotgun - DEBUG - lime failed to load on --Errror when trying to obtain Red Hat image-

[Kwise99]

I have no issues when trying to obtain ubuntu and Amazon AMI images using margarita shotgun. When attempting to obtain a Red Hat image it will fail and I will receive the error pasted below . I did confirm my KO file is correct by obtaining an image on same instance locally using LIME. I also tried this on all Amazon Free Tier Red Hat 7 versions with same result, Would there be something I am doing wrong or will margarita shotgun not work on Redhat? I also tried pulling image from a Redhat linux instance and an Ubuntu instance COMMAND BEING RUN: /margaritashotgun# ./bin/margaritashotgun --server 192.168.100.158 --username ec2-user --key /home/ubuntu/key.pem --module /home/ubuntu/lime-3.10.0-693.17.1.el7.x86_64.ko --verbose

OUTPUT: 000013 00000000 0 0 20023 4 ffff88007a7e9740 20 4 5 10 -1 " with encoding utf-8 2018-02-11T17:10:51 - margaritashotgun.remote_shell - DEBUG - 192.168.100.158: executing "cat /proc/net/tcp" 2018-02-11T17:10:51 - margaritashotgun.remote_shell - DEBUG - 192.168.100.158: decoded " sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 17575 1 ffff88007a7e87c0 100 0 0 10 0 1: 0100007F:0019 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 16964 1 ffff88007a7e8000 100 0 0 10 0 2: 9E64A8C0:0016 AFE10264:08C8 01 00000000:00000000 02:0009C6E7 00000000 0 0 18706 2 ffff88007a7e8f80 41 4 23 10 -1 3: 9E64A8C0:0016 2B64A8C0:AE18 01 00000070:00000000 01:00000013 00000000 0 0 20023 4 ffff88007a7e9740 20 4 5 10 -1 " with encoding utf-8 2018-02-11T17:10:52 - margaritashotgun.remote_shell - DEBUG - 192.168.100.158: executing "cat /proc/net/tcp" 2018-02-11T17:10:52 - margaritashotgun.remote_shell - DEBUG - 192.168.100.158: decoded " sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 17575 1 ffff88007a7e87c0 100 0 0 10 0 1: 0100007F:0019 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 16964 1 ffff88007a7e8000 100 0 0 10 0 2: 9E64A8C0:0016 AFE10264:08C8 01 00000000:00000000 02:0009C681 00000000 0 0 18706 2 ffff88007a7e8f80 41 4 23 10 -1 3: 9E64A8C0:0016 2B64A8C0:AE18 01 00000070:00000000 01:00000013 00000000 0 0 20023 4 ffff88007a7e9740 20 4 5 10 -1 " with encoding utf-8 2018-02-11T17:10:53 - margaritashotgun.remote_shell - DEBUG - 192.168.100.158: executing "cat /proc/net/tcp" 2018-02-11T17:10:53 - margaritashotgun.remote_shell - DEBUG - 192.168.100.158: decoded " sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 17575 1 ffff88007a7e87c0 100 0 0 10 0 1: 0100007F:0019 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 16964 1 ffff88007a7e8000 100 0 0 10 0 2: 9E64A8C0:0016 AFE10264:08C8 01 00000000:00000000 02:0009C61C 00000000 0 0 18706 2 ffff88007a7e8f80 41 4 23 10 -1 3: 9E64A8C0:0016 2B64A8C0:AE18 01 00000070:00000000 01:00000013 00000000 0 0 20023 4 ffff88007a7e9740 20 4 5 10 -1 " with encoding utf-8 2018-02-11T17:10:54 - margaritashotgun - DEBUG - lime failed to load on 192.168.100.158 2018-02-11T17:10:54 - margaritashotgun.remote_shell - DEBUG - 192.168.100.158: executing "sudo pkill insmod; sudo rmmod lime" 2018-02-11T17:10:54 - margaritashotgun.ssh_tunnel - DEBUG - Stopping ssh tunnel 19762:127.0.0.1:19762 for ec2-user@192.168.100.158 2018-02-11T17:10:55 - margaritashotgun.client - INFO - 1 hosts processed. completed: 0 failed 1 2018-02-11T17:10:55 - margaritashotgun.client - INFO - completed_hosts: [] 2018-02-11T17:10:55 - margaritashotgun.client - INFO - failed_hosts: ['192.168.100.158']

[jparr]

We don't precompile LiME modules for Redhat. You can run a local lime compiler and compile them yourself though. https://github.com/ThreatResponse/lime-compiler

[Kwise99]

Hello, I have the kernel. I compiled it myself. However margarita shotgun does not seem to work with it. I am able to use the kernel with Lime locally on the Redhat instance.

I