Comments (9)
@afeena I think current LFI emulator emulates /proc
, and it can be made more effective using docker as implemented in CMD emulator
(#144)
from tanner.
@rnehra01 I like docker, but I worried a bit about performance. Do you make tests with loading lots of containers simultaneously? Or maybe we should use one container for all attackers?
from tanner.
Using the script https://pastebin.com/QLsu8MRy
, I got this result https://pastebin.com/5K2vSSh0
. So, I guess docker is efficient.
from tanner.
Well done :) But I meant the resources of the host machine, we should remember about that, good reading https://docs.docker.com/engine/admin/resource_constraints/#limit-a-containers-access-to-memory
from tanner.
Okay, actually my initial doubt was that why this issue still open, although we have some sort of /proc
emulation already.
So if you think docker can be inefficient, we can think of something else.
from tanner.
As you suggested, we can do one thing, we can provide an option to host/user
, to use 1 for all attackers
or one for each attacker
in the config, so that user can do it as per available resources.
from tanner.
@rnehra01 I like the idea to make it manageable via config :)
from tanner.
I think we forgot one thing that in LFI, files are meant for reading purpose only, so we can use a single container.
from tanner.
@afeena I guess we can close this?
from tanner.
Related Issues (20)
- Feature Request: Log4Shell exploit detection
- TannerWeb Redis issue HOT 2
- RFI emulator exception: Future <Future pending> attached to a different loop
- TypeError: zrevrangebyscore() got an unexpected keyword argument 'offset' HOT 2
- GSoC 2022 FAQ [WIP]
- GSoC'22 - HTTP requests evaluation HOT 1
- GSoC'22 - Web Improvement
- Tanner installation HOT 1
- Python 3.10 breaks Tanner HOT 1
- Docker Installation of Tanner fails due to some dependencies HOT 1
- TypeError: zrevrangebyscore() got an unexpected keyword argument 'offset' when running through docker HOT 2
- Session analyzer is not working
- Snare-Stats returns error code 500 Internal Server Error HOT 2
- I have 500 Internal Server Error
- Attempt to decode JSON with unexpected mimetype
- How to use this
- Please, remove "<3.0.0" from jinja paquet inside "requirements.txt" file HOT 4
- The port is required to be int when running snare & tanner HOT 1
- Error after installation tanner, how to solve it
- Tanner "Detection Type" shows only index, unknown and xss HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tanner.