Since CVE-2021 is the news item of the week, I decided that I should scan our infrastructure using byt3bl33d3r’s CVE-2021-34527 Python Scanner. I learned Docker basics on the fly with this.
-
Download Docker Desktop for Windows. Reboot if necessary.
-
Install WSL2, as prompted. Reboot if necessary.
-
Create a new directory from the CLI and clone the repo:
git clone https://github.com/byt3bl33d3r/ItWasAllADreamThis gave me a small problem:
D:\Docker>git clone https://github.com/byt3bl33d3r/ItWasAllADream Cloning into 'ItWasAllADream'... fatal: unable to access 'https://github.com/byt3bl33d3r/ItWasAllADream/': SSL certificate problem: unable to get local issuer certificateSince I’m pulling from github.com, which has a valid certificate, and not some private repo with a self-signed certificate, I realised pretty quickly that this was likely due to our corporate web-filtering software. I told git to bypass certificate checking, and everything processed properly:
D:\Docker>git config --global http.sslVerify false D:\docker>git clone https://github.com/byt3bl33d3r/ItWasAllADream Cloning into 'ItWasAllADream'... remote: Enumerating objects: 57, done. remote: Counting objects: 100% (57/57), done. remote: Compressing objects: 100% (38/38), done. remote: Total 57 (delta 29), reused 45 (delta 17), pack-reused 0 eceiving objects: 56% (32/57) Receiving objects: 100% (57/57), 51.22 KiB | 8.54 MiB/s, done. Resolving deltas: 100% (29/29), done. D:\docker>git config --global http.sslVerify true -
Build the docker container:
cd ItWasAllADream && docker build -t itwasalladream .This gave me bigger problems:
D:\docker>cd ItWasAllADream && docker build -t itwasalladream . [+] Building 117.3s (8/8) FINISHED => [internal] load build definition from Dockerfile 0.1s => => transferring dockerfile: 329B 0.0s => [internal] load .dockerignore 0.0s => => transferring context: 53B 0.0s => [internal] load metadata for docker.io/library/python:3.8-slim 28.8s => [1/4] FROM docker.io/library/python:3.8-slim@sha256:9b0d7419e2811710aacee87c40a2c94693e2b6810c3e7e466b8c7fc5bde4cd66 30.5s => => resolve docker.io/library/python:3.8-slim@sha256:9b0d7419e2811710aacee87c40a2c94693e2b6810c3e7e466b8c7fc5bde4cd66 0.0s => => sha256:3bc519ca3214d463ac521f838275e1070ab4b8dbb12e568b4739794db837dadb 1.37kB / 1.37kB 0.0s => => sha256:0e0d73ddd34d599cf70c5855f18135e51a9cba957b4cd41a7c677d0d3cb4edc2 7.67kB / 7.67kB 0.0s => => sha256:b4d181a07f8025e00e0cb28f1cc14613da2ce26450b80c54aea537fa93cf3bda 27.15MB / 27.15MB 26.0s => => sha256:de8ecf497b753094723ccf9cea8a46076e7cb845f333df99a6f4f397c93c6ea9 2.77MB / 2.77MB 4.9s => => sha256:6ea9cb12457214a5eda82bc4aad8fc1b20c0cee03042d4b6b6da946a94af3274 10.73MB / 10.73MB 29.1s => => sha256:9b0d7419e2811710aacee87c40a2c94693e2b6810c3e7e466b8c7fc5bde4cd66 1.86kB / 1.86kB 0.0s => => sha256:9a8aa9d08ec5d2bb15de97e33b599bb4472ccd7d58fe4f15f0dfd7d4fd08fa6d 234B / 234B 6.2s => => sha256:360b2e4ced966675f720b48dee317e200ed394abc8b95609a31bfb5225b4f746 2.64MB / 2.64MB 12.9s => => extracting sha256:b4d181a07f8025e00e0cb28f1cc14613da2ce26450b80c54aea537fa93cf3bda 1.9s => => extracting sha256:de8ecf497b753094723ccf9cea8a46076e7cb845f333df99a6f4f397c93c6ea9 0.2s => => extracting sha256:6ea9cb12457214a5eda82bc4aad8fc1b20c0cee03042d4b6b6da946a94af3274 0.6s => => extracting sha256:9a8aa9d08ec5d2bb15de97e33b599bb4472ccd7d58fe4f15f0dfd7d4fd08fa6d 0.0s => => extracting sha256:360b2e4ced966675f720b48dee317e200ed394abc8b95609a31bfb5225b4f746 0.3s => [internal] load build context 1.1s => => transferring context: 194.50kB 1.0s => [2/4] RUN apt-get update && apt-get install --no-install-recommends -y git curl && rm -rf /var/lib/apt/lists/* 47.0s => [3/4] COPY . . 0.0s => ERROR [4/4] RUN pip3 install poetry && poetry config virtualenvs.create false && poetry install 10.9s ------ > [4/4] RUN pip3 install poetry && poetry config virtualenvs.create false && poetry install: #8 2.071 WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)'))': /simple/poetry/ #8 2.648 WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)'))': /simple/poetry/ #8 3.725 WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)'))': /simple/poetry/ #8 5.796 WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)'))': /simple/poetry/ #8 10.30 WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)'))': /simple/poetry/ #8 10.63 Could not fetch URL https://pypi.org/simple/poetry/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/poetry/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)'))) - skipping #8 10.64 ERROR: Could not find a version that satisfies the requirement poetry (from versions: none) #8 10.64 ERROR: No matching distribution found for poetry #8 10.79 Could not fetch URL https://pypi.org/simple/pip/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pip/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)'))) - skipping ------ executor failed running [/bin/sh -c pip3 install poetry && poetry config virtualenvs.create false && poetry install]: exit code: 1I realised that since this was being done outside of git, my earlier config changes would have no effect. I bypassed the web filtering software entirely (a benefit of being a sysadmin), and Docker went on its merry way:
D:\docker>cd ItWasAllADream && docker build -t itwasalladream . [+] Building 42.3s (9/9) FINISHED => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 329B 0.0s => [internal] load .dockerignore 0.0s => => transferring context: 53B 0.0s => [internal] load metadata for docker.io/library/python:3.8-slim 9.4s => [1/4] FROM docker.io/library/python:3.8-slim@sha256:9b0d7419e2811710aacee87c40a2c94693e2b6810c3e7e466b8c7fc5bde4cd66 0.0s => [internal] load build context 0.1s => => transferring context: 194.50kB 0.1s => CACHED [2/4] RUN apt-get update && apt-get install --no-install-recommends -y git curl && rm -rf /var/lib/apt/l 0.0s => [3/4] COPY . . 0.0s => [4/4] RUN pip3 install poetry && poetry config virtualenvs.create false && poetry install 31.5s => exporting to image 1.2s => => exporting layers 1.1s => => writing image sha256:717ceee523a84d3c659caecce847883ca2bf123b1e3af428388c7047fee712a8 0.0s => => naming to docker.io/library/itwasalladream 0.0s Use 'docker scan' to run Snyk tests against images to find vulnerabilities and learn how to fix them -
Run a scan and wait for it to finish:
docker run -it itwasalladream -u user -p password -d domain 192.168.1.0/24[itwasalladream] INFO - report_2021_07_08_155428.csv generated successfully -
List the containers so that we can get the container name.
docker ps -aD:\docker\ItWasAllADream>docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4793adbf54d7 itwasalladream "itwasalladream -u g…" 25 minutes ago Exited (0) 18 minutes ago sad_taussig f36834af30d0 itwasalladream "itwasalladream -u g…" 36 minutes ago Exited (0) 33 minutes ago stupefied_banach 7fbeb77ce498 itwasalladream "itwasalladream -u g…" 59 minutes ago Exited (0) 58 minutes ago intelligent_allen -
Copy the resulting CSV out of the container and to the current local directory
D:\docker\ItWasAllADream>docker cp sad_taussig:report_2021_07_08_155428.csv . -
Review the CSV:
notepad report_2021_07_08_155428.csv
Greg