search

sensepost / gowitness

🔍 gowitness - a golang, web screenshot utility using Chrome Headless
GNU General Public License v3.0
2.82k stars 324 forks source link

mips_24kc Architecture #184

Closed vincentcox closed 1 year ago

vincentcox commented 1 year ago

Is your feature request related to a problem? Please describe. As you might or might not know, phantap is a great tool to bypass NAC on the network. Unfortunately, the devices for these projects run the MIPS architecture (more specifically mips_24kc). Therefore gowitness will not be able to run on this device. Because of the small storage on the device, building/compiling it on the device itself is not possible.

Describe the solution you'd like It would be awesome if this can be added to future releases.

Describe alternatives you've considered Steps and pointers on how to compile it ourself

Additional context Atheros AR9331 - Package architecture: mips_24kc

leonjza commented 1 year ago

Not sure if I am missing something here, but this does not seem related to gowitness?

vincentcox commented 1 year ago

Hi Leon!

In the gowitness release section, there are multiple architectures/versions (ARM, Windows,...) available. This feature request is asking if a mips_24kc binary could become an addition to them. I would understand if it's not worth the hassle (compile pain), but for red teaming exercises the phantap device is used quite a lot during red teaming assignments. A device for bypassing NAC (phantap) and gathering screenshots as evidence (with gowitness for example) during red teaming is always great to show in reports and convince management because screenshots are visual. The problem is that the phantap device is mips_24kc architecture and there is no binary available of gowitness for mips_24kc.

I know that Orange made something similar to phantap: https://github.com/Orange-Cyberdefense/fenrir-ocd, it might work on ARM architecture and then we could use the arm binary of gowitness. Unfortunately, it doesn't look maintained anymore (most code is 6+ years old) and it was a work in progress that was never finished.

leonjza commented 1 year ago

Ah that makes more sense! I'd need to check which GOARCH configuration would be the correct one here, but it shouldn't be a problem.

vincentcox commented 1 year ago

Hi Leon, I cannot find a proper chromium/chrome binary for the MIPS architecture. So even if GoWitness would have a MIPS binary, it would not work. Closing this one!