/proc emulation about tanner HOT 9 CLOSED

@afeena I think current LFI emulator emulates /proc, and it can be made more effective using docker as implemented in CMD emulator (#144)

from tanner.

@rnehra01 I like docker, but I worried a bit about performance. Do you make tests with loading lots of containers simultaneously? Or maybe we should use one container for all attackers?

from tanner.

Using the script https://pastebin.com/QLsu8MRy, I got this result https://pastebin.com/5K2vSSh0. So, I guess docker is efficient.

from tanner.

Well done :) But I meant the resources of the host machine, we should remember about that, good reading https://docs.docker.com/engine/admin/resource_constraints/#limit-a-containers-access-to-memory

from tanner.

Okay, actually my initial doubt was that why this issue still open, although we have some sort of /proc emulation already.
So if you think docker can be inefficient, we can think of something else.

from tanner.

As you suggested, we can do one thing, we can provide an option to host/user, to use 1 for all attackers or one for each attacker in the config, so that user can do it as per available resources.

from tanner.

@rnehra01 I like the idea to make it manageable via config :)

from tanner.

I think we forgot one thing that in LFI, files are meant for reading purpose only, so we can use a single container.

from tanner.

@afeena I guess we can close this?

from tanner.