liamg/traitor

Exploit failed: stat /bin/phNS9hpK_xJfOc: no such file or directory

brandonros opened this issue · 2 comments

brandonros commented 
Brandon-Ross-MacBook-Pro:Desktop bros$ CGO_ENABLED=0 go get -u github.com/liamg/traitor/cmd/traitor
Brandon-Ross-MacBook-Pro:Desktop bros$ traitor


 888                    d8b 888                    
 888                    Y8P 888                    
 888                        888                    
 888888 888d888 8888b.  888 888888 .d88b.  888d888 
 888    888P"      "88b 888 888   d88""88b 888P"   
 888    888    .d888888 888 888   888  888 888     
 Y88b.  888    888  888 888 Y88b. Y88..88P 888     
  "Y888 888    "Y888888 888  "Y888 "Y88P"  888     
    v0.0.0 | https://github.com/liamg/traitor 
 
[+] Assessing machine state...
[+] Checking for opportunities...
[+][docker:writable-socket] Docker socket at /var/run/docker.sock is writable!
[+][docker:writable-socket] System is vulnerable! Run again with '--exploit docker:writable-socket' to exploit it.
Brandon-Ross-MacBook-Pro:Desktop bros$ traitor --exploit docker:writable-socket


 888                    d8b 888                    
 888                    Y8P 888                    
 888                        888                    
 888888 888d888 8888b.  888 888888 .d88b.  888d888 
 888    888P"      "88b 888 888   d88""88b 888P"   
 888    888    .d888888 888 888   888  888 888     
 Y88b.  888    888  888 888 Y88b. Y88..88P 888     
  "Y888 888    "Y888888 888  "Y888 "Y88P"  888     
    v0.0.0 | https://github.com/liamg/traitor 
 
[+] Assessing machine state...
[+] Checking for opportunities...
[+][docker:writable-socket] Docker socket at /var/run/docker.sock is writable!
[+][docker:writable-socket] Opportunity found, trying to exploit it...
[+][docker:writable-socket] Building malicious docker image...
[+][docker:writable-socket] Creating evil container...
[+][docker:writable-socket] Starting evil container...
[+][docker:writable-socket] Backdooring host at /bin/phNS9hpK_xJfOc from guest...
[+][docker:writable-socket] Checking permissions...
[+][error] Exploit failed: stat /bin/phNS9hpK_xJfOc: no such file or directory
[+] Continuing to look for opportunities
[+] Nothing found to exploit.
pierrre commented

Are you sure you installed it with CGO_ENABLED=0 ?
I had the same error, and using it fixed my problem.

  • 👍1
liamg commented

Yep, what @pierrre said seems most likely, the container failed to run traitor internally, probably because it relied on a C lib that wasn't available inside. Building statically should resolve 🤞