work in progress (map, wordpot)

bin/dps.sh

@@ -44,7 +44,7 @@ grc --colour=on docker ps -f status=running -f status=exited --format "table {{.
 function fuGETSYS {
 printf "[ ========| System |======== ]\n"
 printf "${myBLUE}%+11s ${myWHITE}%-20s\n" "DATE: " "$(date)"
-printf "${myBLUE}%+11s ${myWHITE}%-20s\n" "UPTIME: " "$(uptime | cut -b 2-)"
+printf "${myBLUE}%+11s ${myWHITE}%-20s\n" "UPTIME: " "$(grc --colour=on uptime)"
 printf "${myMAGENTA}%+11s %-20s\n" "T-POT: " "$(fuGETTPOT_STATUS)"
 printf "${myMAGENTA}%+11s %-20s\n" "BLACKHOLE: " "$myBLACKHOLE_STATUS${myWHITE}"
 echo

bin/updateip.sh

@@ -8,6 +8,12 @@ myEXTIP=$(/opt/tpot/bin/myip.sh)
 if [ "$myEXTIP" = "" ];
   then
     myEXTIP=$myLOCALIP
+    myEXTIP_LAT="49.865835022498125"
+    myEXTIP_LONG="8.62606472775735"
+  else
+    myEXTIP_LOC=$(curl -s ipinfo.io/$myEXTIP/loc)
+    myEXTIP_LAT=$(echo "$myEXTIP_LOC" | cut -f1 -d",")
+    myEXTIP_LONG=$(echo "$myEXTIP_LOC" | cut -f2 -d",")
 fi
 
 # Load Blackhole routes if enabled 
@@ -27,6 +33,17 @@ if [ "$myBLACKHOLE_STATUS" -gt "500" ];
 fi
 
 mySSHUSER=$(cat /etc/passwd | grep 1000 | cut -d ':' -f1)
+
+# Export
+export myUUID
+export myLOCALIP
+export myEXTIP
+export myEXTIP_LAT
+export myEXTIP_LONG
+export myBLACKHOLE_STATUS
+export mySSHUSER
+
+# Build issue
 echo "" > /etc/issue
 toilet -f ivrit -F metal --filter border:metal "T-Pot   22.03" | sed 's/\\/\\\\/g' >> /etc/issue
 echo >> /etc/issue
@@ -47,6 +64,8 @@ EOF
 tee /opt/tpot/etc/compose/elk_environment << EOF
 HONEY_UUID=$myUUID
 MY_EXTIP=$myEXTIP
+MY_EXTIP_LAT=$myEXTIP_LAT
+MY_EXTIP_LONG=$myEXTIP_LONG
 MY_INTIP=$myLOCALIP
 MY_HOSTNAME=$HOSTNAME
 EOF

docker/elk/docker-compose.yml

@@ -57,3 +57,51 @@ services:
     volumes:
      - /data:/data
 #     - /root/tpotce/docker/elk/logstash/dist/logstash.conf:/etc/logstash/conf.d/logstash.conf
+
+# Map Redis Service
+  map_redis:
+    container_name: map_redis
+    restart: always
+    stop_signal: SIGKILL
+    tty: true
+    #    networks:
+    #     - map_local
+    ports:
+      - "127.0.0.1:6379:6379"
+    image: "dtagdevsec/redis:2203"
+    read_only: true
+
+# Map Web Service
+  map_web:
+    build: .
+    container_name: map_web
+    restart: always
+    environment:
+     - MAP_COMMAND=AttackMapServer.py
+    env_file:
+     - /opt/tpot/etc/compose/elk_environment
+    stop_signal: SIGKILL
+    tty: true
+    #    networks:
+    #     - map_local
+    ports:
+     - "9999:13337"
+    image: "dtagdevsec/map_web:2203"
+    depends_on:
+     - map_redis
+
+# Map Data Service
+  map_data:
+    container_name: map_data
+    restart: always
+    environment:
+     - MAP_COMMAND=DataServer_v2.py
+    env_file:
+     - /opt/tpot/etc/compose/elk_environment
+    stop_signal: SIGKILL
+    tty: true
+    #    networks:
+    #     - map_local
+    image: "dtagdevsec/map_web:2203"
+    depends_on:
+     - map_redis

docker/elk/map/Dockerfile

@@ -0,0 +1,39 @@
+FROM alpine:3.15
+#
+# Install packages
+RUN apk -U add \
+             build-base \
+             git \
+	     libcap \
+	     py3-pip \
+             python3 \
+             python3-dev && \
+#	     
+# Install  Server from GitHub and setup
+    mkdir -p /opt && \
+    cd /opt/ && \
+    git clone https://github.com/t3chn0m4g3/geoip-attack-map && \
+    cd geoip-attack-map && \
+#    git checkout 4dae740178455f371b667ee095f824cb271f07e8 && \
+    #sed "s/MarkupSafe==1.0/MarkupSafe==1.1.1/g" -i requirements.txt && \
+    pip3 install -r requirements.txt && \
+    pip3 install flask && \
+    setcap cap_net_bind_service=+ep /usr/bin/python3.9 && \
+#
+# Setup user, groups and configs
+    addgroup -g 2000 map && \
+    adduser -S -H -s /bin/ash -u 2000 -D -g 2000 map && \
+    chown map:map -R /opt/geoip-attack-map && \
+#
+# Clean up
+    apk del --purge build-base \
+                    git \
+		    python3-dev && \
+    rm -rf /root/* && \
+    rm -rf /var/cache/apk/*
+#
+# Start wordpot
+STOPSIGNAL SIGINT
+USER map:map
+WORKDIR /opt/geoip-attack-map
+CMD exec /usr/bin/python3 $MAP_COMMAND

docker/elk/map/docker-compose.yml

@@ -0,0 +1,54 @@
+version: '2.3'
+
+#networks:
+#  map_local:
+
+services:
+
+# Map Redis Service
+  map_redis:
+    container_name: map_redis
+    restart: always
+    stop_signal: SIGKILL
+    tty: true
+    #    networks:
+    #     - map_local
+    ports:
+      - "127.0.0.1:6379:6379"
+    image: "dtagdevsec/redis:2203"
+    read_only: true
+
+# Map Web Service
+  map_web:
+    build: .
+    container_name: map_web
+    restart: always
+    environment:
+     - MAP_COMMAND=AttackMapServer.py
+    env_file:
+     - /opt/tpot/etc/compose/elk_environment
+    stop_signal: SIGKILL
+    tty: true
+    #    networks:
+    #     - map_local
+    ports:
+     - "9999:13337"
+    image: "dtagdevsec/map_web:2203"
+    depends_on:
+     - map_redis
+
+# Map Data Service
+  map_data:
+    container_name: map_data
+    restart: always
+    environment:
+     - MAP_COMMAND=DataServer_v2.py
+    env_file:
+     - /opt/tpot/etc/compose/elk_environment
+    stop_signal: SIGKILL
+    tty: true
+    #    networks:
+    #     - map_local
+    image: "dtagdevsec/map_web:2203"
+    depends_on:
+     - map_redis

docker/wordpot/Dockerfile

@@ -0,0 +1,38 @@
+FROM alpine:3.15
+#
+# Install packages
+RUN apk -U add \
+             build-base \
+             git \
+	     libcap \
+	     py3-pip \
+             python3 \
+             python3-dev && \
+#	     
+# Install wordpot from GitHub and setup
+    mkdir -p /opt && \
+    cd /opt/ && \
+    git clone https://github.com/Will-777/wordpot2 && \
+    cd wordpot2 && \
+    git checkout e93a2e00d84d280b0acd58ba6889b4bee8a6e4d2 && \
+    sed "s/MarkupSafe==1.0/MarkupSafe==1.1.1/g" -i requirements.txt && \
+    pip3 install -r requirements.txt && \
+    setcap cap_net_bind_service=+ep /usr/bin/python3.9 && \
+#
+# Setup user, groups and configs
+    addgroup -g 2000 wordpot && \
+    adduser -S -H -s /bin/ash -u 2000 -D -g 2000 wordpot && \
+    chown wordpot:wordpot -R /opt/wordpot2 && \
+#
+# Clean up
+    apk del --purge build-base \
+                    git \
+		    python3-dev && \
+    rm -rf /root/* && \
+    rm -rf /var/cache/apk/*
+#
+# Start wordpot
+STOPSIGNAL SIGINT
+USER wordpot:wordpot
+WORKDIR /opt/wordpot2
+CMD ["/usr/bin/python3","wordpot2.py", "--host", "0.0.0.0", "--port", "80", "--title", "Crypto Plaza"]

docker/wordpot/docker-compose.yml

@@ -0,0 +1,20 @@
+version: '2.3'
+
+networks:
+  wordpot_local:
+
+services:
+
+# Wordpot service
+  wordpot:
+    build: .
+    container_name: wordpot
+    restart: always
+    networks:
+     - wordpot_local
+    ports:
+     - "80:80"
+    image: "dtagdevsec/wordpot:2203"
+    #    read_only: true
+    #    volumes:
+    #     - /data/ddospot/db:/opt/ddospot/ddospot/db