Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Piping in alpine packages and getting debian results #39

Open
ButterB0wl opened this issue Sep 8, 2020 · 3 comments
Open

[BUG] Piping in alpine packages and getting debian results #39

ButterB0wl opened this issue Sep 8, 2020 · 3 comments
Labels
bug Something isn't working

Comments

@ButterB0wl
Copy link

Steps to reproduce

Pull latest alpine distribution of the ghost image:
docker pull ghost:alpine

Make sure that the image distro is alpine:

$ docker run -it ghost:alpine cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.11.6
PRETTY_NAME="Alpine Linux v3.11"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://bugs.alpinelinux.org/"

Run the alpine package list command from the help docs:

$ docker run -it ghost:alpine apk info -vv | sort
WARNING: Ignoring APKINDEX.70f61090.tar.gz: No such file or directory
WARNING: Ignoring APKINDEX.ca2fea5b.tar.gz: No such file or directory
alpine-baselayout-3.2.0-r3 - Alpine base dir structure and init scripts
alpine-keys-2.1-r2 - Public keys for Alpine Linux packages
apk-tools-2.10.5-r0 - Alpine Package Keeper - package manager for alpine
bash-5.0.11-r1 - The GNU Bourne Again shell
busybox-1.31.1-r9 - Size optimized toolbox of many common UNIX utilities
ca-certificates-cacert-20191127-r1 - Mozilla bundled certificates
libc-utils-0.7.2-r0 - Meta package to pull in correct libc
libcrypto1.1-1.1.1g-r0 - Crypto library from openssl
libgcc-9.2.0-r4 - GNU C compiler runtime libraries
libssl1.1-1.1.1g-r0 - SSL shared libraries
libstdc++-9.2.0-r4 - GNU C++ standard runtime library
libtls-standalone-2.9.1-r0 - libtls extricated from libressl sources
musl-1.1.24-r2 - the musl c library (libc) implementation
musl-utils-1.1.24-r2 - the musl c library (libc) implementation
ncurses-libs-6.1_p20200118-r4 - Ncurses libraries
ncurses-terminfo-base-6.1_p20200118-r4 - Descriptions of common terminals
readline-8.0.1-r0 - GNU readline library
scanelf-1.2.4-r0 - Scan ELF binaries for stuff
ssl_client-1.31.1-r9 - EXternal ssl_client for busybox wget
su-exec-0.2-r1 - switch user and group id, setgroups and exec
zlib-1.2.11-r3 - A compression/decompression Library

Piping the above output does not work because of those two warning lines but the error message isn't the most helpful here:

$ docker run -it ghost:alpine apk info -vv | sort | ./ahab chase
Uh oh, an error occurred, if this persists try rerunning with -v, -vv, or -vvv to get more information in the logs
Error: An error occurred: [400 Bad Request] error accessing OSS Index
Check log file at /home/artie/.ossindex/ahab.combined.log for more information
artie@ArtieSonaDell:~/git_repos/ahab$ cat /home/artie/.ossindex/ahab.combined.log
{"level":"error","msg":"Error: exit status 1\n","time":"2020-09-07T20:02:29-04:00"}
{"level":"error","msg":"Error: exit status 1\n","time":"2020-09-07T20:02:29-04:00"}
{"level":"error","msg":"Error: exit status 1\n","time":"2020-09-07T20:02:29-04:00"}
{"level":"error","msg":"Error accessing OSS Index","resp_status_code":"400 Bad Request","time":"2020-09-07T20:02:30-04:00"}
{"level":"error","msg":"An error occurred: [400 Bad Request] error accessing OSS Index","time":"2020-09-07T20:02:30-04:00"}

So I pipe it to a file and remove the two warnings at the top, then pipe that to ahab:

$ cat ghost.txt
alpine-baselayout-3.2.0-r3 - Alpine base dir structure and init scripts
alpine-keys-2.1-r2 - Public keys for Alpine Linux packages
apk-tools-2.10.5-r0 - Alpine Package Keeper - package manager for alpine
bash-5.0.11-r1 - The GNU Bourne Again shell
busybox-1.31.1-r9 - Size optimized toolbox of many common UNIX utilities
ca-certificates-cacert-20191127-r1 - Mozilla bundled certificates
libc-utils-0.7.2-r0 - Meta package to pull in correct libc
libcrypto1.1-1.1.1g-r0 - Crypto library from openssl
libgcc-9.2.0-r4 - GNU C compiler runtime libraries
libssl1.1-1.1.1g-r0 - SSL shared libraries
libstdc++-9.2.0-r4 - GNU C++ standard runtime library
libtls-standalone-2.9.1-r0 - libtls extricated from libressl sources
musl-1.1.24-r2 - the musl c library (libc) implementation
musl-utils-1.1.24-r2 - the musl c library (libc) implementation
ncurses-libs-6.1_p20200118-r4 - Ncurses libraries
ncurses-terminfo-base-6.1_p20200118-r4 - Descriptions of common terminals
readline-8.0.1-r0 - GNU readline library
scanelf-1.2.4-r0 - Scan ELF binaries for stuff
ssl_client-1.31.1-r9 - EXternal ssl_client for busybox wget
su-exec-0.2-r1 - switch user and group id, setgroups and exec
zlib-1.2.11-r3 - A compression/decompression Library

$ cat ghost.txt | ./ahab chase --loud
 ______      __                    __
/\  _  \    /\ \                  /\ \
\ \ \L\ \   \ \ \___       __     \ \ \____
 \ \  __ \   \ \  _ `\   /'__`\    \ \ '__`\
  \ \ \/\ \   \ \ \ \ \ /\ \L\.\_   \ \ \L\ \
   \ \_\ \_\   \ \_\ \_\\ \__/.\_\   \ \_,__/
    \/_/\/_/    \/_/\/_/ \/__/\/_/    \/___/
  _        _                           _    _
 /_)      /_` _  _  _ _/_     _  _    (/   /_` _ . _  _   _/  _
/_) /_/  ._/ /_// //_|/  /_/ /_//_'  (_X  /   / / /_'/ //_/ _\
    _/                   _/ /
Ahab version: development

Non Vulnerable Packages

[1/21]  pkg:deb/debian/alpine-baselayout-3.2.0-r3@-
[2/21]  pkg:deb/debian/alpine-keys-2.1-r2@-
[3/21]  pkg:deb/debian/apk-tools-2.10.5-r0@-
[4/21]  pkg:deb/debian/bash-5.0.11-r1@-
[5/21]  pkg:deb/debian/busybox-1.31.1-r9@-
[6/21]  pkg:deb/debian/ca-certificates-cacert-20191127-r1@-
[7/21]  pkg:deb/debian/libc-utils-0.7.2-r0@-
[8/21]  pkg:deb/debian/libcrypto1.1-1.1.1g-r0@-
[9/21]  pkg:deb/debian/libgcc-9.2.0-r4@-
[10/21] pkg:deb/debian/libssl1.1-1.1.1g-r0@-
[11/21] pkg:deb/debian/libtls-standalone-2.9.1-r0@-
[12/21] pkg:deb/debian/musl-1.1.24-r2@-
[13/21] pkg:deb/debian/musl-utils-1.1.24-r2@-
[14/21] pkg:deb/debian/ncurses-libs-6.1_p20200118-r4@-
[15/21] pkg:deb/debian/ncurses-terminfo-base-6.1_p20200118-r4@-
[16/21] pkg:deb/debian/readline-8.0.1-r0@-
[17/21] pkg:deb/debian/scanelf-1.2.4-r0@-
[18/21] pkg:deb/debian/ssl_client-1.31.1-r9@-
[19/21] pkg:deb/debian/su-exec-0.2-r1@-
[20/21] pkg:deb/debian/zlib-1.2.11-r3@-
[21/21] pkg:deb/debian/libstdc%20%20-9.2.0-r4@-
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Summary                      ┃
┣━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━┫
┃ Audited Dependencies    ┃ 21 ┃
┣━━━━━━━━━━━━━━━━━━━━━━━━━╋━━━━┫
┃ Vulnerable Dependencies ┃ 0  ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━┻━━━━┛

And the alpine packages are reported as debian packages, and formatted all funky.

Here's what the IQ report looks like for the same input:
image

cc @bhamail / @DarthHater / @ken-duck / @zendern
@ButterB0wl ButterB0wl added the bug Something isn't working label Sep 8, 2020
@DarthHater
Copy link
Member

For your last command, try cat ghost.txt | ./ahab chase --loud --os alpine, I think it is auto detecting dpkg and using that. I was able to run your commands with --os alpine specified (even with the WARNING lines).

@ButterB0wl
Copy link
Author

Yeah i got it working specifying the OS explicitly. Are all the package list outputs sufficiently similar that it would be a pain to resolve based on that payload?

@DarthHater
Copy link
Member

@ButterB0wl I noticed most of the outputs were wildly different, hence why I added this. Not common enough to figure it out on the fly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DarthHater @ButterB0wl