DVKunion
commented
3 months ago 看上去是 kcore.FileHandle 空了。panic之前是否还有什么其他报错呢?能看下主机的 os-release 信息么?
Open reloc2 opened 3 months ago
DVKunion
commented
3 months ago 看上去是 kcore.FileHandle 空了。panic之前是否还有什么其他报错呢?能看下主机的 os-release 信息么?
reloc2
commented
3 months ago Linux version 6.1.0-kali9-amd64 (devel@kali.org) (gcc-12 (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Debian 6.1.27-1kali1 (2023-05-12)
reloc2
commented
3 months ago 没有其他报错
Bug 具体描述
复现步骤 docker run --rm --mount 'type=bind,source=/,target=/host,readonly,bind-propagation=rslave' --privileged veinmind-backdoor scan container
相关截图 panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1e9a83f]
goroutine 1 [running]: github.com/chaitin/veinmind-tools/plugins/go/veinmind-backdoor/service.rootkitContainerCheck({0x7fab80517148, 0xc000442000}) github.com/chaitin/veinmind-tools/plugins/go/veinmind-backdoor/service/rootkit.go:217 +0x19f github.com/chaitin/veinmind-tools/plugins/go/veinmind-backdoor/utils.ContainersScanRun({0x25406d0?, 0xc000442000}) github.com/chaitin/veinmind-tools/plugins/go/veinmind-backdoor/utils/utils.go:26 +0x105 main.scanContainer(0xc00049a8e0?, {0x25406d0, 0xc000442000}) ./cli.go:82 +0x45 github.com/chaitin/libveinmind/go/cmd.(Index).MapContainerCommand.func1.1({0x253b240?, 0xc00049a8e0?}, 0xe18c01?, 0x23a9f60, 0xc53d46?) github.com/chaitin/libveinmind@v1.5.6/go/cmd/container.go:127 +0xc6 github.com/chaitin/libveinmind/go/cmd.(Index).MapContainerCommand.func1(0x1fa6980?, {0x253b240, 0xc00049a8e0}, {0xc0000b6200?, 0x1f, 0xc0000f9be0?}) github.com/chaitin/libveinmind@v1.5.6/go/cmd/container.go:128 +0xb3 github.com/chaitin/libveinmind/go/cmd.(Index).MapContainerIDsCommand.func1(0x0?, {0x324c6c0, 0x0, 0x3000000000000000?}, {0x21e7980?, 0xc00049a8e0?}) github.com/chaitin/libveinmind@v1.5.6/go/cmd/container.go:98 +0x22a github.com/chaitin/libveinmind/go/cmd.dockerMode.Invoke({}, 0xc0000f9c98?, {0x324c6c0, 0x0, 0x0}, 0xc0004321e0) github.com/chaitin/libveinmind@v1.5.6/go/cmd/docker.go:64 +0xfa github.com/chaitin/libveinmind/go/cmd.(Index).MapModeCommand.func1(0x0?, {0x324c6c0, 0x0, 0x0}) github.com/chaitin/libveinmind@v1.5.6/go/cmd/mode.go:75 +0xb6 github.com/chaitin/libveinmind/go/cmd.(Index).MapPluginCommand.func1(0x313b380?, {0x324c6c0?, 0x0?, 0x0?}) github.com/chaitin/libveinmind@v1.5.6/go/cmd/index.go:140 +0xa7 github.com/spf13/cobra.(Command).execute(0x313b380, {0x324c6c0, 0x0, 0x0}) github.com/spf13/cobra@v1.6.0/command.go:916 +0x862 github.com/spf13/cobra.(Command).ExecuteC(0x321c0a0) github.com/spf13/cobra@v1.6.0/command.go:1040 +0x3b4 github.com/spf13/cobra.(Command).Execute(...) github.com/spf13/cobra@v1.6.0/command.go:968 main.main() ./cli.go:132 +0x25
环境(空项可以不填)