From 2d3c28a449d7617c8cfcc93958a3e860e300f85e Mon Sep 17 00:00:00 2001
From: brompwnie <lerockschris@gmail.com>
Date: Wed, 21 Aug 2019 14:56:05 +0100
Subject: [PATCH] adding -always-succeed flag and bug fixes

---
 Makefile |  1 +
 main.go  | 19 +++++++++++++------
 utils.go |  8 +++-----
 3 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/Makefile b/Makefile
index 0bebff6..ec67f46 100644
--- a/Makefile
+++ b/Makefile
@@ -30,3 +30,4 @@ build-linux:
 	@go mod tidy
 	@echo ">> building binary"
 	$(GOV111PREFIX) GOOS=linux GOARCH=amd64 go build -o $(OUTPUTDIR)/$(BINARY_NAME)-linux-amd64 ./
+ 
\ No newline at end of file
diff --git a/main.go b/main.go
index eeb6c9b..5a043d9 100644
--- a/main.go
+++ b/main.go
@@ -21,7 +21,7 @@ import (
 	"golang.org/x/crypto/ssh/terminal"
 )
 
-var verbosePtr, huntSockPtr, huntHttpPtr, huntDockerPtr, interfacesPtr, toJsonPtr, autopwnPtr, cicdPtr, reconPtr, metaDataPtr, findDockerdPtr, scrapeGcpMeta *bool
+var verbosePtr, huntSockPtr, huntHttpPtr, huntDockerPtr, interfacesPtr, toJsonPtr, autopwnPtr, cicdPtr, reconPtr, metaDataPtr, findDockerdPtr, scrapeGcpMeta, alwaysSucceedPtr *bool
 
 var validSocks []string
 
@@ -45,7 +45,7 @@ func main() {
 	pathPtr = flag.String("path", "/", "Path to Start Scanning for UNIX Domain Sockets")
 	verbosePtr = flag.Bool("verbose", false, "Verbose output")
 	huntSockPtr = flag.Bool("socket", false, "Hunt for Available UNIX Domain Sockets")
-	huntHttpPtr = flag.Bool("findHTTP", false, "Hunt for Available UNIX Domain Sockets with HTTP")
+	huntHttpPtr = flag.Bool("find-http", false, "Hunt for Available UNIX Domain Sockets with HTTP")
 	interfacesPtr = flag.Bool("interfaces", false, "Display available network interfaces")
 
 	autopwnPtr = flag.Bool("autopwn", false, "Attempt to autopwn exposed sockets")
@@ -56,12 +56,13 @@ func main() {
 	hijackPtr = flag.String("hijack", "nil", "Attempt to hijack binaries on host")
 	wordlistPtr = flag.String("wordlist", "nil", "Provide a wordlist")
 	endpointList = flag.String("endpointlist", "nil", "Provide a wordlist")
-	findDockerdPtr = flag.Bool("findDockerD", false, "Attempt to find Dockerd")
+	findDockerdPtr = flag.Bool("find-docker", false, "Attempt to find Dockerd")
 	pushToS3ptr = flag.String("s3push", "nil", "Push a file to S3 e.g Full command to push to https://YOURBUCKET.s3.eu-west-2.amazonaws.com/FILENAME would be: -region eu-west-2 -s3bucket YOURBUCKET -s3push FILENAME")
 	s3BucketPtr = flag.String("s3bucket", "nil", "Provide a bucket name for S3 Push")
 	awsRegionPtr = flag.String("region", "nil", "Provide a AWS Region e.g eu-west-2")
-	scrapeGcpMeta = flag.Bool("scrapeGCP", false, "Attempt to scrape the GCP metadata service")
-	cgroupPtr = flag.String("pwnCgroup", "nil", "Provide a command payload to try exploit --privilege CGROUP release_agent's")
+	scrapeGcpMeta = flag.Bool("scrape-gcp", false, "Attempt to scrape the GCP metadata service")
+	cgroupPtr = flag.String("pwn-privileged", "nil", "Provide a command payload to try exploit --privilege CGROUP release_agent's")
+	alwaysSucceedPtr = flag.Bool("always-succeed", false, "Attempt to scrape the GCP metadata service")
 
 	flag.Parse()
 
@@ -129,10 +130,16 @@ func main() {
 		sockets, _ := getValidSockets(*pathPtr)
 		for _, element := range sockets {
 			fmt.Println("[!] Valid Socket: " + element)
+			exitCode = 1
 		}
 	}
 	fmt.Println("[+] Finished")
-	os.Exit(exitCode)
+	if *alwaysSucceedPtr {
+		os.Exit(0)
+	} else {
+		os.Exit(exitCode)
+	}
+
 }
 
 func downloadFile(filepath string, url string) error {
diff --git a/utils.go b/utils.go
index 46464bb..a009287 100644
--- a/utils.go
+++ b/utils.go
@@ -731,15 +731,11 @@ func processInterfaces() error {
 
 func findHttpSockets() {
 	fmt.Println("[+] Looking for HTTP enabled Sockets")
-	// dockerdVal, checkResult := checkForDockerEnvSock()
-	// if checkResult {
-	// 	fmt.Println("[!] Dockerd DOCKER_HOST found:", dockerdVal)
-	// }
 	sockets, _ := getValidSockets(*pathPtr)
 	httpSockets := getHTTPEnabledSockets(sockets)
-	// dockerSocks := getDockerEnabledSockets(httpSockets)
 	for _, aSock := range httpSockets {
 		fmt.Println("[!] Valid HTTP Socket:", aSock)
+		exitCode = 1
 	}
 }
 
@@ -748,12 +744,14 @@ func findDockerD() {
 	dockerdVal, checkResult := checkForDockerEnvSock()
 	if checkResult {
 		fmt.Println("[!] Dockerd DOCKER_HOST found:", dockerdVal)
+		exitCode = 1
 	}
 	sockets, _ := getValidSockets(*pathPtr)
 	httpSockets := getHTTPEnabledSockets(sockets)
 	dockerSocks := getDockerEnabledSockets(httpSockets)
 	for _, aSock := range dockerSocks {
 		fmt.Println("[!] Valid Docker Socket:", aSock)
+		exitCode = 1
 	}
 }