Unable to connect to exposed Ports

[nheinbaugh]

When I spin up the docker container (using the appropriate command and switches) I am presented with the following:

` ____ | | | | | | | | | | | | | | | | | |___|___| |_| |__| @owtfp http://owtf.org

[] OWTF Version: 2.0a, Release: Tikka Masala (Alpha) [-] Loading framework please wait.. [-] Loading Resources from: /owtf/profiles/resources/default.cfg.. [-] Loading Mapping from: /owtf/profiles/mappings/default.cfg.. [] 0.0.0.0:8008 <-- HTTP(S) Proxy to which requests can be directed [*] http://0.0.0.0:8009 <-- Web UI URL [-] Press Ctrl+C when you spawned a shell ;)`

I would expect the UI to be displayed on either 10.0.01:8009 or localhost:8009, but It is not there. I am unable to ping it and netstat -na does show that 0.0.0.0:8009 is listening, but it is not accessible. Looking back over the readme you have I don't see what I could be missing.

Thoughts? Nick Heinbaugh

[viyatb]

@nheinbaugh can you provide what switches you ran with docker run?

[nheinbaugh]

I'm not sure. In order to idiot check myself I removed the image that I had downloaded from Docker Hub and git cloned the repo (as suggested), but it exited with code 127 after spitting this out:

E: Unable to locate package packages.sh: 2: packages.sh: git: not found packages.sh: 3: packages.sh: python-setuptools: not found packages.sh: 4: packages.sh: python-pip: not found packages.sh: 5: packages.sh: xvfb: not found packages.sh: 6: packages.sh: xserver-xephyr: not found packages.sh: 7: packages.sh: libxml2-dev: not found packages.sh: 8: packages.sh: libxslt-dev: not found packages.sh: 9: packages.sh: postgresql-server-dev-all: not found packages.sh: 10: packages.sh: libcurl4-openssl-dev: not found packages.sh: 11: packages.sh: proxychains: not found packages.sh: 12: packages.sh: unzip: not found packages.sh: 13: packages.sh: build-essential: not found packages.sh: 14: packages.sh: libssl-dev: not found packages.sh: 15: packages.sh: libffi-dev: not found packages.sh: 16: packages.sh: python-dev: not found packages.sh: 17: packages.sh: postgresql: not found packages.sh: 18: packages.sh: postgresql-client: not found packages.sh: 19: packages.sh: postgresql-client-common: not found

After that when I tried to build it (even though I assume it will fail it gives me the following: Error response from daemon: oci runtime error: exec: "-e": executable file not found in $PATH.

Here are the commands I used (in the same folder as the dockerfile): docker build -t nickh/owtf . docker run -itd --privileged -p 8008:8008 -p 8009:8009 -p 8010:8010 nickh/owtf -e -u

[viyatb]

I do not understand - when did this <it exited with code 127> happen? git clone ? Because from the Dockerfile, it first updates the package lists and then installs packages from packages.sh file. IMO maybe your internet connection went down while updating the lists? Also -u switch will install optional tools and it will probably take more time to install and download all of them.

• Can you removing all OWTF related images from Docker docker ps -a | awk '{ print $1,$2 }' | grep 'owtf' | awk '{print $1 }' | xargs -I {} docker rm {} and try rebuilding it?
• Then run the built image with docker run -it --privileged -p 8008:8008 -p 8009:8009 -p 8010:8010 <image> -e (without -u and -d so you can see the output).

[nheinbaugh]

Okay, I think I understand what is happening. The packages.sh file assumes that I have apt-get on my machine, but I don't because it is a windows machine. If I wanted to run this would I need to have it be in a VM? The reason why I got further the first time is just because I took the image from Docker Hub (I'm guessing that they run it in their Docker container when they pull from Hub).

Does my first assumption make sense?

[viyatb]

@nheinbaugh The commands from the Dockerfile run inside the Kali linux Docker image so I don't think Windows has anything to do with it. Maybe the ports could not be exposed due to some Windows permissions issue?

[nheinbaugh]

Okay, Docker is able to get through the first apt-get update that is in the script, but when it tries to run packages.sh it fails. I verified that the contents of my packages.sh matches up with what is on git, but there are no differences.

Since it isn't a port issue with the image being able to talk to apt-get I'm not sure where to go with this.

PS I really appreciate your prompt and helpful responses :+1:

[nheinbaugh]

I don't know what is causing it, but for some reason it does not want to work with the external .sh scripts. When I pull them into the main Dockerfile those pieces pass. Right now I am working on getting the machine to a good working state then I'm going to mess around and see if this is a Windows specific problem. If it is then I will see if I can fix it :)

I already checked and it is not a folder permission error (running as admin with full permissions on the folder).

[viyatb]

@nheinbaugh Can you try again with a fresh pull from the Docker hub? or maybe build the image on a *nix box and then push it on an account on Docker hub and pull your image.

In anycase, I will try to replicate if I find a Windows machine ;)

[nheinbaugh]

I'm working through it, I got it to build correctly, but when I run

docker run -itd --privileged -p 8008:8008 -p 8009:8009 -p 8010:8010 test -e

It fails giving me a standard_init_linux.go:175: exec user process caused "no such file or directory" message.

:P

[nheinbaugh]

Windows appears to be the culprit after all. The line endings were all CLRF and that was causing bash to hate itself. I just reset all my line endings to LF (thank you Atom) and am doing a fresh rebuild and run to see if that fixes it.

If that does fix it I am going to pull down the files fresh and see if windows automatically made them CLRF even before I changed them. If it did then that would be the root of the issues, and it would explain why cloning from github is different than pulling down the hub image (because the sh scripts never make it onto the windows machine to get messed with)

MSFT--

[nheinbaugh]

That was the problem. I feel that we can close this out unless you want to actively work on getting it to work out of the box with windows machines. Or you can just link this in the Readme. Since I have a windows machine I volunteer to guinea pig this a bit over the weekend if you'd like.

[viyatb]

Sure, please do. I think making OWTF work in Windows (via Docker) will be a huge step, and there have been many requests for this. :)

[nheinbaugh]

I have a very simple fix for preventing windows from updating the line endings. If we create a .gitattributes file and add this line:

*.sh eol=crlf

Then windows will not try any funny business. Would you be willing to create a branch etc? I don't have permissions to create branches.

Thanks, Nick