2022-06-14 10:47:11 +00:00
|
|
|
FROM ubuntu:22.04
|
2021-12-20 18:40:38 +00:00
|
|
|
ENV DEBIAN_FRONTEND noninteractive
|
2021-12-16 20:25:40 +00:00
|
|
|
#
|
|
|
|
|
# Install packages
|
2022-01-23 14:49:07 +00:00
|
|
|
RUN apt-get update -y && \
|
2021-12-20 18:40:38 +00:00
|
|
|
apt-get install -y \
|
tweaking
updating .env, env.example and compose files regarding sentrypeer ENVs
make glutton image aware of payloads feature
bump glutton to latest master, alpine 3.19, multi-stage build
bump ipphoney to alpine 3.19
bump mailoney to alpine 3.19, adjust for py3
revert medpot to previous master, use multi stage build and alpine 3.19
bump cyberchef to latest master
bump ngninx to alpine 3.19
bump p0f to alpine 3.19, use multi stage build
bump redishoneypot to alpine 3.19, use multi stage build
bump sentrypeer to latest master, fix bug for open ports in compose files, now all tcp/5060, udp/5060 traffic will be seen
bump spiderfoot to latest master
bump spiderfoot to alpine 3.19
bump suricata to 7.0.2, fix performance issue with capture-filter-bpf by reducing the rules
update clean.sh to include glutton payloads folder
2024-03-09 11:11:14 +00:00
|
|
|
build-essential \
|
|
|
|
|
cargo \
|
|
|
|
|
cleo \
|
|
|
|
|
git \
|
|
|
|
|
libcap2 \
|
|
|
|
|
libcap2-bin \
|
|
|
|
|
libcurl4 \
|
|
|
|
|
libcurl4-nss-dev \
|
|
|
|
|
libffi7 \
|
|
|
|
|
libffi-dev \
|
|
|
|
|
libssl-dev \
|
|
|
|
|
python3-pip \
|
|
|
|
|
python3 \
|
|
|
|
|
python3-dev \
|
|
|
|
|
rust-all && \
|
2021-12-20 18:40:38 +00:00
|
|
|
pip3 install --upgrade pip && \
|
|
|
|
|
pip3 install poetry pycurl && \
|
2021-12-16 20:25:40 +00:00
|
|
|
#
|
|
|
|
|
# Install log4pot from GitHub and setup
|
|
|
|
|
mkdir -p /opt /var/log/log4pot && \
|
|
|
|
|
cd /opt/ && \
|
|
|
|
|
git clone https://github.com/thomaspatzke/Log4Pot && \
|
|
|
|
|
cd Log4Pot && \
|
2022-11-01 09:39:11 +00:00
|
|
|
# git checkout fac539f470217347e51127c635f16749a887c0ac && \
|
|
|
|
|
git checkout e224c0f786efb68b4aab892e69857e379b75b0c6 && \
|
2022-01-17 14:52:32 +00:00
|
|
|
sed -i 's#"type": logtype,#"reason": logtype,#g' log4pot-server.py && \
|
2021-12-16 20:25:40 +00:00
|
|
|
poetry install && \
|
tweaking
updating .env, env.example and compose files regarding sentrypeer ENVs
make glutton image aware of payloads feature
bump glutton to latest master, alpine 3.19, multi-stage build
bump ipphoney to alpine 3.19
bump mailoney to alpine 3.19, adjust for py3
revert medpot to previous master, use multi stage build and alpine 3.19
bump cyberchef to latest master
bump ngninx to alpine 3.19
bump p0f to alpine 3.19, use multi stage build
bump redishoneypot to alpine 3.19, use multi stage build
bump sentrypeer to latest master, fix bug for open ports in compose files, now all tcp/5060, udp/5060 traffic will be seen
bump spiderfoot to latest master
bump spiderfoot to alpine 3.19
bump suricata to 7.0.2, fix performance issue with capture-filter-bpf by reducing the rules
update clean.sh to include glutton payloads folder
2024-03-09 11:11:14 +00:00
|
|
|
setcap cap_net_bind_service=+ep $(readlink -f $(which python3)) && \
|
2021-12-16 20:25:40 +00:00
|
|
|
#
|
|
|
|
|
# Setup user, groups and configs
|
tweaking
updating .env, env.example and compose files regarding sentrypeer ENVs
make glutton image aware of payloads feature
bump glutton to latest master, alpine 3.19, multi-stage build
bump ipphoney to alpine 3.19
bump mailoney to alpine 3.19, adjust for py3
revert medpot to previous master, use multi stage build and alpine 3.19
bump cyberchef to latest master
bump ngninx to alpine 3.19
bump p0f to alpine 3.19, use multi stage build
bump redishoneypot to alpine 3.19, use multi stage build
bump sentrypeer to latest master, fix bug for open ports in compose files, now all tcp/5060, udp/5060 traffic will be seen
bump spiderfoot to latest master
bump spiderfoot to alpine 3.19
bump suricata to 7.0.2, fix performance issue with capture-filter-bpf by reducing the rules
update clean.sh to include glutton payloads folder
2024-03-09 11:11:14 +00:00
|
|
|
addgroup --gid 2000 log4pot && \
|
2021-12-20 18:40:38 +00:00
|
|
|
adduser --system --no-create-home --shell /bin/bash -uid 2000 --disabled-password --disabled-login -gid 2000 log4pot && \
|
2021-12-16 20:25:40 +00:00
|
|
|
chown log4pot:log4pot -R /opt/Log4Pot && \
|
|
|
|
|
#
|
|
|
|
|
# Clean up
|
tweaking
updating .env, env.example and compose files regarding sentrypeer ENVs
make glutton image aware of payloads feature
bump glutton to latest master, alpine 3.19, multi-stage build
bump ipphoney to alpine 3.19
bump mailoney to alpine 3.19, adjust for py3
revert medpot to previous master, use multi stage build and alpine 3.19
bump cyberchef to latest master
bump ngninx to alpine 3.19
bump p0f to alpine 3.19, use multi stage build
bump redishoneypot to alpine 3.19, use multi stage build
bump sentrypeer to latest master, fix bug for open ports in compose files, now all tcp/5060, udp/5060 traffic will be seen
bump spiderfoot to latest master
bump spiderfoot to alpine 3.19
bump suricata to 7.0.2, fix performance issue with capture-filter-bpf by reducing the rules
update clean.sh to include glutton payloads folder
2024-03-09 11:11:14 +00:00
|
|
|
apt-get purge -y build-essential \
|
|
|
|
|
cargo \
|
|
|
|
|
git \
|
|
|
|
|
libffi-dev \
|
|
|
|
|
libssl-dev \
|
|
|
|
|
python3-dev \
|
|
|
|
|
rust-all && \
|
|
|
|
|
apt-get autoremove -y --purge && \
|
|
|
|
|
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/Log4Pot/.git
|
2021-12-16 20:25:40 +00:00
|
|
|
#
|
|
|
|
|
# Start log4pot
|
|
|
|
|
STOPSIGNAL SIGINT
|
|
|
|
|
USER log4pot:log4pot
|
|
|
|
|
WORKDIR /opt/Log4Pot/
|
2022-01-17 14:52:32 +00:00
|
|
|
CMD ["/usr/bin/python3","log4pot-server.py","--port","8080","--log","/var/log/log4pot/log/log4pot.log","--payloader","--download-dir","/var/log/log4pot/payloads/","--download-timeout","15","--response","/opt/Log4Pot/responses/sap-netweaver.html"]
|
