search

eclipse / jbom

Apache License 2.0
111 stars 5 forks source link

Remote Scanning on Ubuntu 22.04 Server Not Finding Active Processes #13

Closed dlg1206 closed 4 months ago

dlg1206 commented 1 year ago

I reviewed JBOM a few months ago and it truly stands out from the crowd with the ability to scan active processes. I was able to scan active processes when the client / server were the same machine ( Ubuntu 22.04 Server ), but attempting to scan from another machine didn't work unfortunately.

Environment

Client: Windows 10 PC via PowerShell Host: Ubuntu 22.04 LTS Server

To Replicate

Host

This is the example project I used. When testing locally I was able to generate an SBOM while this was running. I used mvn clean install to compile the .jar file, which I ran on the host machine

Client

I had the current latest jbom release (1.2.1) jar downloaded

  1. Ran java -jar jbom-1.2.1.jar -h HOST_ADDRESS -U MY_USERNAME -P "PASSWORD" in PowerShell Arguments spoofed for obvious reasons, but these were the correct login credentials to SSH into the host

Output

2023-02-08 17:03:22:832 TRACE --- [jbom] 2023-02-08 17:03:22:832 TRACE --- [jbom] _ 2023-02-08 17:03:22:834 TRACE --- [jbom] () / __ _ 2023-02-08 17:03:22:836 TRACE --- [jbom] / / \/ \/ ` \ 2023-02-08 17:03:22:837 TRACE --- [jbom] / / // / // / / / / / / 2023-02-08 17:03:22:838 TRACE --- [jbom] / /./__// // // 2023-02-08 17:03:22:839 TRACE --- [jbom] // 2023-02-08 17:03:22:840 TRACE --- [jbom] 2023-02-08 17:03:22:840 TRACE --- [jbom] by Contrast Security - https://contrastsecurity.com 2023-02-08 17:03:22:841 TRACE --- [jbom] 2023-02-08 17:03:22:842 TRACE --- [jbom] jbom generates SBOMs for all JVMs running on a host 2023-02-08 17:03:22:843 TRACE --- [jbom] https://github.com/Contrast-Security-OSS/jbom 2023-02-08 17:03:22:843 TRACE --- [jbom] 2023-02-08 17:03:22:844 TRACE --- [jbom] Analyzing remote JVMs on spudnik1.ddns.net 2023-02-08 17:05:11:762 TRACE --- [jbom] Connecting to HOST_ADDRESS 2023-02-08 17:05:14:700 TRACE --- [jbom] Generating 0 remote SBOMs 2023-02-08 17:05:14:701 TRACE --- [jbom] Remote Java process analysis complete 2023-02-08 17:05:14:701 TRACE --- [jbom] Saving SBOMs for HOST_ADDRESS to directory: PWD/jbom 2023-02-08 17:05:14:702 TRACE --- [jbom] 2023-02-08 17:05:14:702 TRACE --- [jbom] jbom complete

Running the commands the exact same on the host machine would result in the following:

2023-02-08 17:15:14:941 TRACE --- [jbom] 2023-02-08 17:15:14:944 TRACE --- [jbom] _ 2023-02-08 17:15:14:944 TRACE --- [jbom] () / __ _ 2023-02-08 17:15:14:945 TRACE --- [jbom] / / \/ \/ ` \ 2023-02-08 17:15:14:945 TRACE --- [jbom] / / // / // / / / / / / 2023-02-08 17:15:14:945 TRACE --- [jbom] / /./__// // // 2023-02-08 17:15:14:946 TRACE --- [jbom] // 2023-02-08 17:15:14:946 TRACE --- [jbom] 2023-02-08 17:15:14:946 TRACE --- [jbom] by Contrast Security - https://contrastsecurity.com 2023-02-08 17:15:14:947 TRACE --- [jbom] 2023-02-08 17:15:14:947 TRACE --- [jbom] jbom generates SBOMs for all JVMs running on a host 2023-02-08 17:15:14:947 TRACE --- [jbom] https://github.com/Contrast-Security-OSS/jbom 2023-02-08 17:15:14:948 TRACE --- [jbom] 2023-02-08 17:15:14:948 TRACE --- [jbom] Analyzing remote JVMs on spudnik1.ddns.net 2023-02-08 17:15:21:428 TRACE --- [jbom] Connecting to HOST_ADDRESS 2023-02-08 17:15:36:266 TRACE --- [jbom] Generating 1 remote SBOM 2023-02-08 17:15:36:278 TRACE --- [jbom] - PWD/jbom-HOST_ADDRESS-PID.json 2023-02-08 17:15:36:279 TRACE --- [jbom] Remote Java process analysis complete 2023-02-08 17:15:36:279 TRACE --- [jbom] Saving SBOMs for HOST_ADDRESS to directory: PWD/jbom 2023-02-08 17:15:36:279 TRACE --- [jbom] 2023-02-08 17:15:36:280 TRACE --- [jbom] jbom complete

planetlevel commented 1 year ago

Hmm... so if you run it across the network it fails, but if you run it locally (but still use -H) it works. A network connection failure would explain the issue. Could you: