search

maliceio / malice

VirusTotal Wanna Be - Now with 100% more Hipster
Apache License 2.0
1.63k stars 266 forks source link

ERRO[0049] "Error: No such container: #69

Closed DarkJester closed 5 years ago

DarkJester commented 5 years ago

Output of go version:

go version go1.10.3 linux/amd64

Output of docker version:

Client:
 Version:           18.06.0-ce
 API version:       1.38
 Go version:        go1.10.3
 Git commit:        0ffa825
 Built:             Wed Jul 18 19:09:12 2018
 OS/Arch:           linux/amd64
 Experimental:      false

Server:
 Engine:
  Version:          18.06.0-ce
  API version:      1.38 (minimum version 1.12)
  Go version:       go1.10.3
  Git commit:       0ffa825
  Built:            Wed Jul 18 19:07:13 2018
  OS/Arch:          linux/amd64
  Experimental:     false

Output of docker info:

Containers: 12
 Running: 1
 Paused: 0
 Stopped: 11
Images: 20
Server Version: 18.06.0-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: d64c661f1d51c48782c9cec8fda7604785f93587
runc version: 69663f0bd4b60df09991c08812a60108003fa340
init version: fec3683
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.17.0-1-amd64
Operating System: Debian GNU/Linux buster/sid
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 7.771GiB
Name: malice
ID: 6V7T:BLEI:PJDS:65MA:DSPT:OPIJ:ABXQ:SSV2:4IHX:2BUV:CGXX:CW65
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: No swap limit support

Additional environment details (AWS, VirtualBox, physical, Docker For Mac, Docker Toolbox, docker-machine, etc.): 8 core host, 24gb ram, win10, vmware workstation 12, 2 vcpu, 8gb ram, guest os debian testing

Steps to reproduce the issue: 1.install latest deb file 2.scan a file

Describe the results you received:

jester@malice:~/Desktop$ docker container prune
WARNING! This will remove all stopped containers.
Are you sure you want to continue? [y/N] y
Deleted Containers:
a371d81e59c538a79ad83d3fa924c940ca7d8fc0c1a959cd25cfe25ce7cb3035
2ece117bfded68f20c4ae9ccb6a6cdc37f3f1f84544d38388d91076bdadc8e19
142db7ceca3df4c6fa535d5bc35ace7d8f0b16475ff10fb6c597234b9b74a086
b68374de6a2b40e6ae493647629105d8b46814ba8ff7d8cd3d5810a6fd187171

Total reclaimed space: 283.5MB
jester@malice:~/Desktop$ malice scan Documents/test.com
FATA[0000] Documents/test.com: no such file or directory 
jester@malice:~/Desktop$ malice scan ../Documents/test.com
ERRO[0000] database is NOT running, starting now...     
INFO[0004] elasticsearch container started               assigned_ip=172.17.0.2 docker_ip=localhost name=/malice-elastic port="[9200]" runtime_env=development
FATA[0024] failed to start to database: connecting to elasticsearch timed out after 20 seconds: failed to ping elasticsearch: Get http://localhost:9200/: read tcp [::1]:47254->[::1]:9200: read: connection reset by peer 
jester@malice:~/Desktop$ malice scan ../Documents/test.com
#### File
| Field  | Value                                                            |
| ------ | ---------------------------------------------------------------- |
| Name   | test.com                                                         |
| Path   | ../Documents/test.com                                            |
| Size   | 68B                                                              |
| MD5    | 44d88612fea8a8f36de82e1278abb02f                                 |
| SHA1   | 3395856ce81f2b7382dee72602f798b642f14140                         |
| SHA256 | 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f |
FATA[0015] scan cmd failed to store file info: failed to connect to database: failed to ping elasticsearch: Get http://localhost:9200/: read tcp [::1]:47258->[::1]:9200: read: connection reset by peer 
jester@malice:~/Desktop$ sudo malice scan ../Documents/test.com
[sudo] password for jester: 
#### File
| Field  | Value                                                            |
| ------ | ---------------------------------------------------------------- |
| Name   | test.com                                                         |
| Path   | ../Documents/test.com                                            |
| Size   | 68B                                                              |
| MD5    | 44d88612fea8a8f36de82e1278abb02f                                 |
| SHA1   | 3395856ce81f2b7382dee72602f798b642f14140                         |
| SHA256 | 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f |
FATA[0013] scan cmd failed to store file info: failed to connect to database: failed to ping elasticsearch: Get http://localhost:9200/: read tcp [::1]:47262->[::1]:9200: read: connection reset by peer 
jester@malice:~/Desktop$ docker run -d \ -p 9200:9200 \ -name malice-elastic \ -e ES_JAVA_OPTS="-Xms2g -Xmx2g" \ malice/elasticsearch
docker: invalid reference format.
See 'docker run --help'.
jester@malice:~/Desktop$ docker run -d \ -p 9200:9200 \ -name malice-elastic \ -e ES_JAVA_OPTS="-Xms2g -Xmx2g" \ malice/elasticsearch
docker: invalid reference format.
See 'docker run --help'.
jester@malice:~/Desktop$ malice scan ../Documents/test.com
#### File
| Field  | Value                                                            |
| ------ | ---------------------------------------------------------------- |
| Name   | test.com                                                         |
| Path   | ../Documents/test.com                                            |
| Size   | 68B                                                              |
| MD5    | 44d88612fea8a8f36de82e1278abb02f                                 |
| SHA1   | 3395856ce81f2b7382dee72602f798b642f14140                         |
| SHA256 | 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f |
#### ShadowServer

##### WhiteList
| Filename      | Description      | ProductName      |
|:-------------:|:----------------:|:----------------:|
| eicar.com.txt |  | Linux Format |

#### VirusTotal
| Ratio      | Link         | API         | Scanned     |
|------------|--------------|-------------|-------------|
| 93% | [link](https://www.virustotal.com/file/275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f/analysis/1533693783/) | Public | 2018-08-08 02:03:03 |

#### NSRL Database
 - Found :white_check_mark:

ERRO[0049] "Error: No such container: 996da4d1acf82487689396f9c46dc106620402c33415c1312a20a973b6ec8286"
goroutine 14 [running]:
github.com/maliceio/malice/malice/errors.CheckErrorWithMessage(0xb4d0c0, 0xc4203937d0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/errors/errors.go:24 +0x7d
github.com/maliceio/malice/malice/errors.CheckError(0xb4d0c0, 0xc4203937d0, 0x40)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/errors/errors.go:12 +0x4b
github.com/maliceio/malice/malice/docker/client/container.parseContainers(0xc42001c750, 0xc420361830, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/docker/client/container/list.go:61 +0x373
github.com/maliceio/malice/malice/docker/client/container.Exists(0xc42001c750, 0xc420361830, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/docker/client/container/list.go:40 +0xd3
github.com/maliceio/malice/malice/docker/client/container.checkContainerRequirements(0xc42001c750, 0xc420361830, 0x3, 0xc4203618b0, 0xa, 0x442bff)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/docker/client/container/utils.go:171 +0x148
github.com/maliceio/malice/malice/docker/client/container.Start(0xc42001c750, 0xc42024fec0, 0x2, 0x2, 0xc420361830, 0x3, 0xc4203618b0, 0xa, 0x12e97a3201, 0xc420393da0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/docker/client/container/start.go:36 +0xf8
github.com/maliceio/malice/plugins.Plugin.StartPlugin(0xc420361830, 0x3, 0x1, 0xc420361878, 0x2, 0xc420361860, 0xd, 0xc4203618b0, 0xa, 0xc42033a990, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/plugins/plugins.go:45 +0x6af
created by github.com/maliceio/malice/commands.cmdScan
    /Users/blacktop/go/src/github.com/maliceio/malice/commands/scan.go:108 +0x823

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0xa8 pc=0x92c65b]

goroutine 14 [running]:
github.com/maliceio/malice/malice/docker/client/container.parseContainers(0xc42001c750, 0xc420361830, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/docker/client/container/list.go:63 +0x39b
github.com/maliceio/malice/malice/docker/client/container.Exists(0xc42001c750, 0xc420361830, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/docker/client/container/list.go:40 +0xd3
github.com/maliceio/malice/malice/docker/client/container.checkContainerRequirements(0xc42001c750, 0xc420361830, 0x3, 0xc4203618b0, 0xa, 0x442bff)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/docker/client/container/utils.go:171 +0x148
github.com/maliceio/malice/malice/docker/client/container.Start(0xc42001c750, 0xc42024fec0, 0x2, 0x2, 0xc420361830, 0x3, 0xc4203618b0, 0xa, 0x12e97a3201, 0xc420393da0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/docker/client/container/start.go:36 +0xf8
github.com/maliceio/malice/plugins.Plugin.StartPlugin(0xc420361830, 0x3, 0x1, 0xc420361878, 0x2, 0xc420361860, 0xd, 0xc4203618b0, 0xa, 0xc42033a990, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/plugins/plugins.go:45 +0x6af
created by github.com/maliceio/malice/commands.cmdScan
    /Users/blacktop/go/src/github.com/maliceio/malice/commands/scan.go:108 +0x823
jester@malice:~/Desktop$

Describe the results you expected:

Additional information you deem important (e.g. issue happens only occasionally):

blacktop commented 5 years ago

Can you output this please: docker logs malice/elasticsearch

blacktop commented 5 years ago

Also did you run this cmd? https://github.com/maliceio/malice#known-issues-warning

sudo sysctl -w vm.max_map_count=262144
DarkJester commented 5 years ago

Error: No such container: malice/elasticsearch

yes i ran that command

blacktop commented 5 years ago

can you do a docker ps -a

DarkJester commented 5 years ago 
jester@malice:~/Desktop$ docker ps -a
CONTAINER ID        IMAGE                      COMMAND                  CREATED             STATUS                            PORTS                              NAMES
bb72a4168c41        malice/fsecure             "/bin/avscan -t 275a…"   2 days ago          Created                                                              fsecure
989bebbd36e6        malice/sophos              "/bin/avscan -t 275a…"   2 days ago          Created                                                              sophos
195c5ea44efa        malice/fileinfo            "gosu malice info -t…"   2 days ago          Created                                                              fileinfo
5df4d3c19853        malice/avast               "/bin/avscan -t 275a…"   2 days ago          Created                                                              avast
d2c8f34771f7        malice/comodo              "/bin/avscan -t 275a…"   2 days ago          Created                                                              comodo
5a3b96fb8981        malice/fprot               "/bin/avscan -t 275a…"   2 days ago          Created                                                              fprot
ab5851761ec2        malice/clamav              "avscan -t 275a021bb…"   2 days ago          Created                                                              clamav
978cafb2ab0b        malice/escan               "/bin/avscan -t 275a…"   2 days ago          Created                                                              escan
0356f2198fbc        malice/bitdefender         "/bin/avscan -t 275a…"   2 days ago          Created                                                              bitdefender
bc2b7904f2b9        malice/yara                "su-exec malice scan…"   2 days ago          Created                                                              yara
996da4d1acf8        malice/windows-defender    "/bin/avscan -t 275a…"   2 days ago          Created                                                              windows-defender
538345deb1b1        malice/elasticsearch:6.3   "/elastic-entrypoint…"   2 days ago          Exited (255) About a minute ago   0.0.0.0:9200->9200/tcp, 9300/tcp   malice-elastic
jester@malice:~/Desktop$ docker logs malice/elasticsearch
Error: No such container: malice/elasticsearch
jester@malice:~/Desktop$ sudo sysctl vm.max_map_count
[sudo] password for jester: 
vm.max_map_count = 262144
jester@malice:~/Desktop$
DarkJester commented 5 years ago 
jester@malice:~/Desktop$ malice plugin update elasticsearch
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x926b25]

goroutine 1 [running]:
github.com/maliceio/malice/malice/docker/client/image.Pull(0xc420396720, 0xc42034d210, 0xd, 0xad6ddf, 0x6)
    /Users/blacktop/go/src/github.com/maliceio/malice/malice/docker/client/image/image.go:40 +0x95
github.com/maliceio/malice/plugins.Plugin.UpdatePlugin(0xc42034d160, 0xd, 0x1, 0xc42034d1b8, 0x4, 0xc420339f80, 0x15, 0xc42034d210, 0xd, 0x0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/plugins/plugins.go:207 +0x57
github.com/maliceio/malice/commands.cmdUpdatePlugin(0x7ffe16458584, 0xd, 0x0, 0x0, 0xc420215560)
    /Users/blacktop/go/src/github.com/maliceio/malice/commands/plugin.go:170 +0x197
github.com/maliceio/malice/commands.glob..func8(0xc42008af20, 0x0, 0xc42008af20)
    /Users/blacktop/go/src/github.com/maliceio/malice/commands/commands.go:138 +0xc3
github.com/maliceio/malice/vendor/github.com/urfave/cli.HandleAction(0x9d3f00, 0xaff3e8, 0xc42008af20, 0xc420215500, 0x0)
    /Users/blacktop/go/src/github.com/maliceio/malice/vendor/github.com/urfave/cli/app.go:490 +0xc8
github.com/maliceio/malice/vendor/github.com/urfave/cli.Command.Run(0xad6f95, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xadadfd, 0xd, 0x0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/vendor/github.com/urfave/cli/command.go:210 +0xa36
github.com/maliceio/malice/vendor/github.com/urfave/cli.(*App).RunAsSubcommand(0xc420085520, 0xc42008ac60, 0x0, 0x0)
    /Users/blacktop/go/src/github.com/maliceio/malice/vendor/github.com/urfave/cli/app.go:379 +0xa10
github.com/maliceio/malice/vendor/github.com/urfave/cli.Command.startApp(0xad6e57, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xae686b, 0x1f, 0x0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/vendor/github.com/urfave/cli/command.go:298 +0x8d9
github.com/maliceio/malice/vendor/github.com/urfave/cli.Command.Run(0xad6e57, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xae686b, 0x1f, 0x0, ...)
    /Users/blacktop/go/src/github.com/maliceio/malice/vendor/github.com/urfave/cli/command.go:98 +0x1246
github.com/maliceio/malice/vendor/github.com/urfave/cli.(*App).Run(0xc420085380, 0xc42001c080, 0x4, 0x4, 0x0, 0x0)
    /Users/blacktop/go/src/github.com/maliceio/malice/vendor/github.com/urfave/cli/app.go:255 +0x6a0
main.main()
    /Users/blacktop/go/src/github.com/maliceio/malice/main.go:88 +0x4ff
jester@malice:~/Desktop$ malice plugin update pdf
latest: Pulling from malice/pdf
Digest: sha256:2cd0edb1e07268c63d0e9caf2049dac418f696d1e4591824d29100403dd319bf
Status: Image is up to date for malice/pdf:latest
jester@malice:~/Desktop$
blacktop commented 5 years ago

Can you retry with the newest version? Reopen if problem persists