GithubHelp home page GithubHelp logo

Comments (3)

Dexus avatar Dexus commented on July 1, 2024

you need to allow the docker run on host network.

As of /2021/apache/gb_log4j_CVE-2021-44228_udp_active.nasl feed file shows:

# Copyright (C) 2021 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
...
ownip = this_host();
targetip = get_host_ip();
rnd_port = rand() % 65535;
payload = "${jndi:ldap://" + ownip + ":" + rnd_port + "/a}";

filter = string( "tcp and dst port ", rnd_port, " and src host ", targetip, " and dst host ", ownip );
res = send_capture( socket:soc, data:payload + '\r\n', timeout:5, pcap_filter:filter );

we are not able to limit the ports here, the only possible option is to run on a own IP with all open ports or you have to run with host network.

from gvm-docker.

Dexus avatar Dexus commented on July 1, 2024

macvlan would also do help here.

from gvm-docker.

Dexus avatar Dexus commented on July 1, 2024
  1. your container need a fqdn (hostname and domainname)
  2. you need to use network mode of host, ipvlan or macvlan
  3. if you don't run the 2 point before your openvas creates some errors like cloud not get bpf and will not scan correctly. also you will never receive any incoming tcp/udp dumps, which will the log4j scanner create to match the vulnerability of the network service.

If you need future support check out the up2date https://github.com/DeineAgenturUG/greenbone-gvm-openvas-for-docker
Best regards, Josef

from gvm-docker.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.