Forensic
jeudi 16 mars 2023, 21:47 #1
Forensic - Supply Chain Attack - Docker
Bonjour à tous,
Sur le challenge dénommé "Supply chain attack - Docker", je rencontre un problème lors de l’exécution de mon docker compose. En effet, quand je lance ma commande « sudo docker compose build », j’obtiens une erreur étrange :
monuser@monhost awesome_webserver-2 % sudo docker compose create
Password:
[+] Running 44/44
⠿ phpmyadmin Pulled 16.8s
⠿ 447ca6591341 Pull complete 15.1s
⠿ jolokia Pulled 4.6s
⠿ df20fa9351a1 Pull complete 0.5s
⠿ 8f4bdab751fb Pull complete 3.2s
⠿ 657aa2dc8527 Pull complete 3.3s
⠿ nginx Pulled 14.5s
⠿ 66dbba0fb1b5 Pull complete 12.2s
⠿ 6a4b1f0b5a90 Pull complete 12.6s
⠿ 16ea4daad357 Pull complete 12.7s
⠿ 646b2422838c Pull complete 12.7s
⠿ c6036fb71e57 Pull complete 12.8s
⠿ dc0e78f15ad0 Pull complete 12.8s
⠿ apache-php Pulled 15.1s
⠿ 675920708c8b Pull complete 8.1s
⠿ 0ab46d4916dc Pull complete 8.6s
⠿ daa78e654686 Pull complete 8.8s
⠿ e3019d1ad1e3 Pull complete 10.9s
⠿ 8376a539f794 Pull complete 12.5s
⠿ cf38c2d4135a Pull complete 13.3s
⠿ 1d90a9d283a4 Pull complete 13.4s
⠿ 30b654e7608b Pull complete 13.4s
⠿ 63722a9a346f Pull complete 13.5s
⠿ 81eb03dc9807 Pull complete 13.5s
⠿ 6e89793cb138 Pull complete 13.5s
⠿ 457853dce201 Pull complete 13.6s
⠿ c69ccf66ae42 Pull complete 13.6s
⠿ 698edbc78fa3 Pull complete 13.7s
⠿ 5d2ad2ade881 Pull complete 13.7s
⠿ autoheal Pulled 12.9s
⠿ 595b0fe564bb Pull complete 11.0s
⠿ e3cd32b2542b Pull complete 11.1s
⠿ 1820a15dac07 Pull complete 11.2s
⠿ hello-world Pulled 12.9s
⠿ 7050e35b49f5 Pull complete 11.3s
⠿ tomcat Pulled 9.0s
⠿ 75a822cd7888 Pull complete 2.1s
⠿ 924bee5e776f Pull complete 2.2s
⠿ d41c1c405c35 Pull complete 2.9s
⠿ f8b2f8b66e6a Pull complete 3.1s
⠿ a0269ee79429 Pull complete 3.2s
⠿ 63820e4daac5 Pull complete 3.3s
⠿ 1f7a1f618c6a Pull complete 3.3s
⠿ c0ef85a0402d Pull complete 7.6s
[+] Building 1.0s (7/7) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 1.05kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/debian:latest 0.7s
=> [1/4] FROM docker.io/library/debian:latest@sha256:f81bf5a8b57d6aa1824e4edb9aea6bd5ef6240bcc7d86f303f197a2eb77c430f 0.0s
=> CACHED [2/4] RUN apt -y update && apt -y install default-mysql-server default-mysql-client 0.0s
=> CACHED [3/4] RUN sed -i 's/^.*bind-address.*=.*$/bind-address = 0.0.0.0/g' /etc/mysql/mariadb.conf.d/50-server.cnf 0.0s
{{ => ERROR [4/4] RUN service mysql start; mysql -u root -e "CREATE USER 'myuser'@'%' IDENTIFIED BY 'G00d_P4ssw0rd_sH54Xe7Mz47jMjj'; UPDATE mysql.user set plugin = 'mysql_native_password' WHERE User = 'myuser'; GRANT ALL PRIVILEGES ON *. 0.3s}}
------
> [4/4] RUN service mysql start; mysql -u root -e "CREATE USER 'myuser'@'%' IDENTIFIED BY 'G00d_P4ssw0rd_sH54Xe7Mz47jMjj'; UPDATE mysql.user set plugin = 'mysql_native_password' WHERE User = 'myuser'; GRANT ALL PRIVILEGES ON *.* TO 'myuser'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES;" ; mysql -u root -e "CREATE DATABASE IF NOT EXISTS 'myD4t4b4s3'; SET GLOBAL local_infile = true;" ; mysql -u root -e "USE 'myD4t4b4s3'; CREATE TABLE IF NOT EXISTS 'awesome_table' (a varchar(255));":
#0 0.142 mysql: unrecognized service
#0 0.146 ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/run/mysqld/mysqld.sock' (2)
#0 0.150 ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/run/mysqld/mysqld.sock' (2)
#0 0.153 ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/run/mysqld/mysqld.sock' (2)
------
failed to solve: executor failed running [/bin/sh -c service mysql start; mysql -u root -e "CREATE USER '${SQL_USER}'@'%' IDENTIFIED BY '${SQL_PASS}'; UPDATE mysql.user set plugin = 'mysql_native_password' WHERE User = '${SQL_USER}'; GRANT ALL PRIVILEGES ON *.* TO '${SQL_USER}'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES;" ; mysql -u root -e "CREATE DATABASE IF NOT EXISTS '${SQL_DATABASE}'; SET GLOBAL local_infile = true;" ; mysql -u root -e "USE '${SQL_DATABASE}'; CREATE TABLE IF NOT EXISTS '${SQL_TABLE}' (a varchar(255));"]: exit code: 1
Serait-il possible que vous m’assistiez sur cette erreur ?
En vous remerciant par avance,
Volgac
mercredi 5 avril 2023, 15:15 #2
Forensic - Supply Chain Attack - Docker
Bonjour,
Il est inutile de lancer le conteneur, voir son contenu et le type d’attaque attendue permet de savoir rapidement comment orienter les recherches. Perso j’ai bcp aimé ce challenge :)