(Question) start_container funtions

What is the intent of that portion of the script? Does it need to be altering x11 settings?

@alphafox02 X11 server of the host is shared with the container so you can open the GUI or the customized Wireshark (bin/wireshark inside the container). The included Wireshark is so we can observe the live captures (saved to logs folder). This could, however, present some problem to VNC. Usually our team uses AnyDesk (using local network ip), which does not show any problem. Will try with VNC sometime to see check for a fix.

In the meantime, If you don't need any GUI/X11 functionality, I would recommend you to just comment the following lines to prevent X11 from the host to be used: https://github.com/asset-group/5ghoul-5g-nr-attacks/blob/master/container.sh#L97-L99

I should note that the command does spit out a failure to connect to the bus when ran through a vnc connection. If you mean that failed to connect to dbus, such is normal and common when re-entering to the container bash terminal.

What is the intent of that portion of the script? Does it need to be altering x11 settings?

In the meantime, I would recommend you to just comment the following lines to prevent X11 from the host to be used: https://github.com/asset-group/5ghoul-5g-nr-attacks/blob/master/container.sh#L97-L99

I should note that the command does spit out a failure to connect to the bus when ran through a vnc connection. If you mean that failed to connect to dbus, such is normal and common when re-entering to the container bash terminal.

Please find below the detailed documentation of the arguments of the container. Hopefully this helps:

copy_files_to_host $1 # copy initial folder modules, configs and udev scripts from the container to the host, this is done the first time you start the container onlt

    sudo docker rm ${CONTAINER_NAME}-$1 &> /dev/null # try to remove a stopped container
    touch /home/$USER/.Xauthority # ensure we have xauthority file  # make sure the user has a X config. file
    sudo xhost local:root &> /dev/null # allow xhost on host root # Allows container to use x server of the host
    mkdir -p $(pwd)/logs # Ensures logs folder exists in the host
    sudo docker run -ti -d --privileged --name ${CONTAINER_NAME}-$1 \
    -e DISPLAY=$DISPLAY \ # get display name of the host at the moment of container startup
    --network=host \ # container needs to use the same network as the host when using USB modems
    --user=root \
    --entrypoint="/sbin/init" \ # The container needs to initialize systemd in order to run modem manager or mongodb server correctly
    -v /tmp/.X11-unix:/tmp/.X11-unix \ # Mounts X11 socket of the host inside the container
    -v /home/$USER/.Xauthority:/home/user/.Xauthority # Mounts auth file of the host inside the container
    -v /home/$USER/.Xauthority:/root/.Xauthority # Mounts auth file of the host inside the container (when using root)
    -v /run/udev:/run/udev:ro # udev needs to be mounted for USB devices to be automatically recognized by udev
    -v /dev:/dev \ # Need access to hardware, this is redundant with --privileged flag
    -v $(pwd)/logs:/home/user/wdissector/logs \ # mount logs folder
    -v $(pwd)/configs:/home/user/wdissector/configs \ # mount configs folder so you can edit the config files on the host
    -v $(pwd)/modules/exploits:/home/user/wdissector/modules/exploits \  mount modules folder create or modify exploit files (*.cpp)
    -v $(pwd)/modules/reportsender:/home/user/wdissector/modules/reportsender \ # Mounts the reportsender module which sends emails to the user when a crash is detected (for use only when fuzzing, not documented yet)
    ${CONTAINER_REPO}:$1-$ARCH &> /dev/null

asset-group / 5ghoul-5g-nr-attacks

(Question) start_container funtions #2