w3af docker container won't start on MacOS 10.10+

[joarleymoraes]

Followed the instructions from:

https://hub.docker.com/r/andresriancho/w3af/

The image is downloaded properly but the container won't start (or just exits), meaning I don't get the w3af>>> prompt, there's no output for the command sudo ./w3af_console_docker, not even with the debug option (-d). Same thing for w3af_gui_docker.

I have verified this on both Yosemite and El Capitan.

[mtoothman]

Same here, container exits 0 with no errors in logs.

[vinzenzweber]

Same here as well

[CarbonC]

Same here

[andresriancho]

Works for me in ubuntu.

I don't have access to a mac laptop. Could anyone add some print statements to w3af_console_docker so that we can understand where the code is going?

[kfr-ma]

hi i have the same issue , how can i get logs to see the error's , the container exit with zero 👍
practical_jang
ffadc5b19bc3 andresriancho/w3af:latest "/usr/sbin/sshd -D" 10 minutes ago Exited (0) 8 minutes ago

[kfr-ma]

docker logs show nothings

[timiscoding]

@andresriancho Logging reveals that the problem happens when running the ssh command at

w3af/extras/docker/scripts/common/docker_helpers.py

Line 100 in 1910600

subprocess.call(ssh_cmd)

I logged out ssh_cmd and ran it manually with debugging turned on:

sudo ssh -i /<REDACTED>/w3af/extras/docker/scripts/common/w3af-docker.prv -t -t -oStrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=DEBUG root@172.17.0.2 /home/w3af/w3af/w3af_console --no-update

Password:
OpenSSH_8.0p1, OpenSSL 1.1.1d  10 Sep 2019
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug2: resolve_canonicalize: hostname 172.17.0.2 is address
debug2: ssh_connect_direct
debug1: Connecting to 172.17.0.2 [172.17.0.2] port 22.
debug1: Connection established.
setsockopt SO_KEEPALIVE: Invalid argument
debug1: getpeername failed: Invalid argument
debug1: identity file /<REDACTED>/w3af/extras/docker/scripts/common/w3af-docker.prv type -1
debug1: identity file /<REDACTED>/w3af/extras/docker/scripts/common/w3af-docker.prv-cert type -1
kex_exchange_identification: write: Broken pipe

I initially thought it had something to do with the invalid argument messages so I googled how to fix those problems like setting 'tcp keep alive' to no in ssh_config.

Nothing fruitful came from that so I did a traceroute to 172.17.0.2 which kept going to an external IP. As it turns out, the app has a known limitation where Docker Desktop for Mac can’t route traffic to containers. See known limitations

Been an ongoing issue since 2016...
moby/moby#22753
docker/for-mac#2670

The official docs provide the work around which is to port forward when creating a container (see I want to connect to a container from the Mac):

$ docker run -d -p 22:22 --name w3af andresriancho/w3af

then the ssh command connects to localhost instead:

sudo ssh -i /<REDACTED>/w3af/extras/docker/scripts/common/w3af-docker.prv -t -t -oStrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet root@localhost /home/w3af/w3af/w3af_console --no-update

For anyone looking for a quick fix, here's the changes I made to get it to work

macOS mojave 10.14.6
Docker Desktop for Mac 2.1.0.5