Need to scan a local image.

[nehaj27]

Short description

I was trying to scan a local image by the name nmap-dist:latest on my machine.

Reproduction steps

1. Start Dagda server with the parameters '...'
2. I downloaded the vulnerabilities by 'python3 dagda.py vuln --init' and it showed the status updated after a while.
3. 'python3 dagda.py check --docker_image nmap-dist:latest'
4. 'python3 dagda.py history nmap-dist:latest --id 5ce791385ea27b39940ecfeb'

Expected results

I expected that by analyzing the docker image 'nmap-dist' and showing the report by using the command 'python3 dagda.py history nmap-dist:latest --id 5ce791385ea27b39940ecfeb' it would give a detailed analysis.

Actual results

Instead of 'detailed ananlysis', what I saw was that

{
    "err": 404,
    "msg": "History not found"
}

happened instead.

On which platforms did you notice this:

Please complete the following information:

• ubuntu:18.04
• OS Version: Linux esypc5 4.15.0-50-generic #54-Ubuntu SMP Mon May 6 18:46:08 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
• Python version: [Python 3.6.7]
• Docker version 18.09.6, build 481bc77
• MongoDB version db version v3.6.3 git version: 9586e557d54ef70f9ca4b43c26892cd55257e1a5 OpenSSL version: OpenSSL 1.1.0g 2 Nov 2017 allocator: tcmalloc modules: none build environment: distarch: x86_64 target_arch: x86_64

Backtrace

Solution

[eliasgranderubio]

Hi @nehaj27 ,

If you make a request to the GET /history API as the REST API describes, do you get any info about your analysis or neither?

Regards.

[nehaj27]

Hi,

Thanks for your reply. No I did not get an response. Also I am unable to find the analysis for any image other than the example already given.

For example:

nehajain@esypc5:~/dagda/dagda$ python3 dagda.py check --docker_image docker.io/library/ubuntu:latest
{
    "id": "5ce794145ea27b39940ecfe8",
    "msg": "Accepted the analysis of <docker.io/library/ubuntu:latest>"
}

nehajain@esypc5:~/dagda/dagda$ python3 dagda.py history docker.io/library/ubuntu:latest --id 5ce791385ea27b39940ecfe8
{
    "err": 404,
    "msg": "History not found"
}

[eliasgranderubio]

Hi again @nehaj27,

I've just review your comments with the same platform you describe and I note that the image nmap-dist:latest doesn't exist in the docker hub.

On the other hand, about the ubuntu:latest image anlaysis, I show you the "how-to" run it:

1. Run the analysis:

   ~$ python3 dagda.py check --docker_image ubuntu:latest
   {
   "id": "5ceae68aa4eab50dc0c369aa",
   "msg": "Accepted the analysis of <ubuntu:latest>"
   }

2. Review the history:

   ~$ python3 dagda.py history ubuntu:latest --id 5ceae68aa4eab50dc0c369aa
   [
   {
       "id": "5ceae68aa4eab50dc0c369aa",
       "image_name": "ubuntu:latest",
       "status": "Analyzing",
       "timestamp": "2019-05-26 19:18:34.957292"
   }
   ]

Please, review the Dagda documentation included in the Wiki because this doesn't look like an issue.

I hope your comments about ;-)

Regards.

[nehaj27]

I tried the command for ubuntu:latest and it gave these results. However even after a loong time it doesn't shows the list of CVE's.

The nmap-dist image is a local image and not on the docker hub.

Is there any way we can run a local image?

[eliasgranderubio]

First, Docker checks if the image is a local one. Else, docker tries a pull to docker hub.

In your case, if Dagda doesn't find your image because it is a local one, please, review the next function for finding the error:

• https://github.com/eliasgranderubio/dagda/blob/master/dagda/analysis/static/os/os_info_extractor.py#L27

[eliasgranderubio]

Closed due to inactivity.