Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hacker cannot modify iptables #8

Open
rkalyanapurdue opened this issue Oct 21, 2019 · 2 comments
Open

Hacker cannot modify iptables #8

rkalyanapurdue opened this issue Oct 21, 2019 · 2 comments
Assignees
@craig-willis

Comments

@rkalyanapurdue
Copy link
Contributor

The step for redirecting all traffic from 80 to 8080 fails:

sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

gives the error:

iptables v1.6.1: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.

I've tested SSLStrip in plain Docker on my desktop and it works fine. Could the "privileged" tag no longer be working for the catalog?
@rkalyanapurdue
Copy link
Contributor Author

rkalyanapurdue commented Oct 21, 2019
edited
Loading

Craig: assigning you for the moment just in case you can quickly verify re: privileged. User "sigite2" has an active "sslstrip" application demonstrating this issue...

Thanks!
Rajesh

@craig-willis
Copy link

With nds-org/ndslabs#283 the privileged setting was replaced with a securityContext that allows for finer grained controls. We apparently never updated the specs in the catalog to match.

For example:
https://github.com/nds-org/ndslabs/blob/develop/apiserver/test/services/test/full.json#L11-L26

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@craig-willis craig-willis

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@craig-willis @rkalyanapurdue