housekeeping

docker/go-pot/Dockerfile

@@ -1,11 +1,12 @@
 FROM golang:1.23-alpine AS builder
 RUN <<EOF
+apk -U upgrade
 apk -U add git
 mkdir -p /opt
 cd /opt
-git clone https://github.com/ryanolee/go-pot
+git clone https://github.com/t3chn0m4g3/go-pot
 cd go-pot
-git checkout fbb3e66e454e5f6092b4294a52e2cfa44e5b7259
+git checkout 75a2cae856642fdccf3e9d47d0733cf4190ba70b
 EOF
 WORKDIR /opt/go-pot
 #

docker/h0neytr4p/Dockerfile

@@ -1,6 +1,7 @@
 FROM golang:1.23-alpine AS builder
 WORKDIR /app
 #
+RUN apk -U upgrade
 RUN apk -U add git openssl
 RUN git clone https://github.com/t3chn0m4g3/h0neytr4p -b v0.33 /app
 RUN go mod download

docker/hellpot/Dockerfile

@@ -4,7 +4,8 @@ FROM golang:1.23-alpine AS builder
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+    apk --no-cache -U add \
 		build-base \
 		git \
 		g++ && \

docker/heralding/Dockerfile

@@ -4,7 +4,8 @@ FROM alpine:3.20
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+	apk --no-cache -U add \
 		build-base \
 		git \
 		libcap \
@@ -34,7 +35,7 @@ RUN apk --no-cache -U add \
     cd heralding && \
     git checkout ac12724ab38c4e2fe78f07d1bc35e6e586ba69c0 && \
     cp /root/dist/requirements.txt . && \
-    pip3 install --break-system-packages --upgrade pip && \
+    pip3 install --break-system-packages --no-cache-dir --upgrade pip && \
     pip3 install --break-system-packages --no-cache-dir -r requirements.txt && \
     pip3 install --break-system-packages --no-cache-dir . && \
 #

docker/honeyaml/Dockerfile

@@ -1,8 +1,15 @@
 FROM rust:latest AS builder
 #
-RUN apt update && apt install -y git musl-tools musl-dev libzstd-dev
+RUN apt update && \
+    apt upgrade -y && \
+    apt install -y git \
+                    musl-tools \
+                    musl-dev \
+                    libzstd-dev
 RUN update-ca-certificates
-RUN git clone https://github.com/t3chn0m4g3/honeyaml /opt/honeyaml
+RUN git clone https://github.com/t3chn0m4g3/honeyaml /opt/honeyaml && \
+    cd /opt/honeyaml && \
+    git checkout 9648c27bb31ad554ccabfdd9aeb77028219f24b0
 #
 WORKDIR /opt/honeyaml
 # Need to dynamically link, otherwise multi platform builds are breaking with zstd-sys

docker/honeypots/Dockerfile

@@ -4,7 +4,8 @@ FROM alpine:3.20
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+	apk --no-cache -U add \
 		build-base \
 		freetds \
 		freetds-dev \

docker/honeypots/Dockerfile.old

@@ -1,87 +0,0 @@
-FROM alpine:3.20
-#
-# Include dist
-COPY dist/ /root/dist/
-#
-# Install packages
-RUN apk --no-cache -U add \
-		build-base \
-		freetds \
-		freetds-dev \
-		gcc \
-		git \
-		hiredis \
-		jpeg-dev \
-		libcap \
-		libffi-dev \
-		libpq \
-		musl-dev \
-		openssl \
-		openssl-dev \
-		postgresql-dev \
-		py3-chardet \
-		py3-click \
-		py3-cryptography \
-		py3-dnspython \
-		py3-flask \
-		py3-future \
-		py3-hiredis \
-		py3-impacket \
-		py3-itsdangerous \
-		py3-jinja2 \
-		py3-ldap3 \
-		py3-markupsafe \
-		py3-netifaces \
-		py3-openssl \
-		py3-packaging \
-		py3-paramiko \
-		py3-pip \
-		# py3-psutil \
-		py3-psycopg2 \
-		py3-pycryptodomex \
-		py3-requests \
-		py3-service_identity \
-		py3-twisted \
-		py3-werkzeug \
-		py3-wheel \
-		python3 \
-		python3-dev \
-		zlib-dev && \
-#	     
-# Install honeypots from GitHub and setup
-    mkdir -p /opt \
-             /var/log/honeypots && \
-    cd /opt/ && \
-    git clone https://github.com/qeeqbox/honeypots && \
-    cd honeypots && \
-    git checkout 7283529c1773c6fc26e072fa9c78074d66fe9fa6 && \
-    pip3 install --break-system-packages --upgrade pip && \
-    pip3 install --break-system-packages . && \
-    setcap cap_net_bind_service=+ep $(readlink -f $(type -P python3)) && \
-#
-# Setup user, groups and configs
-    addgroup -g 2000 honeypots && \
-    adduser -S -H -s /bin/ash -u 2000 -D -g 2000 honeypots && \
-    chown honeypots:honeypots -R /opt/honeypots && \
-    chown honeypots:honeypots -R /var/log/honeypots && \
-    mv /root/dist/config.json /opt/honeypots/ && \
-#
-# Clean up
-    apk del --purge build-base \
-		freetds-dev \
-		git \
-		jpeg-dev \
-		libffi-dev \
-		openssl-dev \
-		postgresql-dev \
-		python3-dev \
-		zlib-dev && \
-	rm -rf /root/* \
-			/var/cache/apk/* \
-			/opt/honeypots/.git
-#
-# Start honeypots 
-STOPSIGNAL SIGINT
-USER honeypots:honeypots
-WORKDIR /opt/honeypots/
-CMD python3 -E -m honeypots --setup all --config config.json

docker/honeytrap/Dockerfile

@@ -6,7 +6,7 @@ COPY dist/ /root/dist/
 #
 # Install packages
 RUN apt-get update && \
-    apt-get -y dist-upgrade && \
+    apt-get -y upgrade && \
 #
 # Install packages
     apt-get install -y autoconf \
@@ -28,6 +28,7 @@ RUN apt-get update && \
 # Install honeytrap from source
     git clone https://github.com/t3chn0m4g3/honeytrap /root/honeytrap && \
     cd /root/honeytrap/ && \
+    git checkout 9b63a5452ed3d5004ca714a7965218c25226a504 && \
     autoreconf -vfi && \
     ./configure \
       --with-stream-mon=nfq \

docker/ipphoney/Dockerfile

@@ -4,7 +4,8 @@ FROM alpine:3.20 AS builder
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+	apk --no-cache -U add \
 		build-base \
 		ca-certificates \
 		git \
@@ -45,6 +46,7 @@ RUN pyinstaller ipphoney.py \
 		--hidden-import output_plugins.jsonlog
 #
 FROM alpine:3.20
+RUN apk --no-cache -U upgrade
 COPY --from=builder /opt/ipphoney/dist/ /opt/
 COPY --from=builder /opt/ipphoney/responses/ /opt/ipphoney/responses/
 COPY dist/honeypot.cfg /opt/ipphoney/etc/

docker/ipphoney/Dockerfile.old

@@ -1,60 +0,0 @@
-FROM alpine:3.19
-#
-# Include dist
-COPY dist/ /root/dist/
-#
-# Install packages
-RUN apk --no-cache -U add \
-		build-base \
-		ca-certificates \
-		git \
-		libcap \
-		libffi-dev \
-		openssl \
-		openssl-dev \
-		postgresql-dev \
-		py3-cryptography \
-		py3-elasticsearch \
-		py3-geoip2 \
-		py3-maxminddb \
-		py3-mysqlclient \
-		py3-requests \
-		py3-packaging \
-		py3-pip \
-		py3-psycopg2 \
-		py3-redis \
-		py3-requests \
-		py3-service_identity \
-		py3-setuptools \
-		py3-twisted \
-		py3-wheel \
-		python3 \
-		python3-dev && \
-    mkdir -p /opt && \
-    cd /opt/ && \
-    git clone https://gitlab.com/bontchev/ipphoney.git/ && \
-    cd ipphoney && \
-    git checkout 7ab1cac437baba17cb2cd25d5bb1400327e1bb79 && \
-    cp /root/dist/requirements.txt . && \
-    pip3 install --break-system-packages -r requirements.txt && \
-    setcap cap_net_bind_service=+ep $(readlink -f $(type -P python3)) && \
-#
-# Setup user, groups and configs
-    addgroup -g 2000 ipphoney && \
-    adduser -S -H -s /bin/ash -u 2000 -D -g 2000 ipphoney && \
-    mv /root/dist/honeypot.cfg /opt/ipphoney/etc/ && \
-#
-# Clean up
-    apk del --purge build-base \
-                    git \
-                    libffi-dev \
-		    openssl-dev \
-		    postgresql-dev \
-		    python3-dev && \
-    rm -rf /root/* /var/cache/apk/* /opt/ipphoney/.git
-#
-# Start ipphoney
-STOPSIGNAL SIGINT
-USER ipphoney:ipphoney
-WORKDIR /opt/ipphoney/
-CMD ["/usr/bin/python3","ipphoney.py"]

docker/log4pot/Dockerfile

@@ -3,6 +3,7 @@ ENV DEBIAN_FRONTEND noninteractive
 #
 # Install packages
 RUN apt-get update -y && \
+	apt-get upgrade -y && \
     apt-get install -y \
 		build-essential \
 		cargo \
@@ -27,11 +28,9 @@ RUN apt-get update -y && \
     mkdir -p /opt /var/log/log4pot && \
     cd /opt/ && \
     git clone https://github.com/thomaspatzke/Log4Pot && \
-	#git clone https://github.com/t3chn0m4g3/Log4Pot && \
     cd Log4Pot && \
     git checkout 5002b1fe0f82359ef32dbc3a899e8a701dc3256e && \
     sed -i 's#"type": logtype,#"reason": logtype,#g' log4pot-server.py && \
-	# rm poetry.lock && \
 	poetry --no-cache install && \
 	setcap cap_net_bind_service=+ep $(readlink -f $(which python3)) && \
 #

docker/medpot/Dockerfile

@@ -5,7 +5,8 @@ ENV GO111MODULE=on \
     GOOS=linux
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+    apk --no-cache -U add \
         build-base \
         git \
         g++

docker/miniprint/Dockerfile

@@ -1,7 +1,8 @@
 FROM alpine:3.20 AS builder
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+	apk --no-cache -U add \
 	build-base \
 	git \	
 	python3 \
@@ -18,6 +19,7 @@ RUN pyinstaller server.py \
 		--add-data "./uploads:./uploads"
 #
 FROM alpine:3.20
+RUN apk --no-cache -U upgrade
 COPY --from=builder /opt/miniprint/dist/* /opt/miniprint/
 COPY --from=builder /opt/miniprint/fake-files/ /opt/miniprint/fake-files/
 COPY --from=builder /opt/miniprint/uploads/ /opt/miniprint/uploads/

docker/nginx/Dockerfile

@@ -4,7 +4,8 @@ FROM alpine:3.20
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+    apk --no-cache -U add \
       nginx \
       nginx-mod-http-brotli \
       nginx-mod-http-headers-more \

docker/p0f/Dockerfile

@@ -4,7 +4,8 @@ FROM alpine:3.20
 COPY . /opt/p0f
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+    apk --no-cache -U add \
 		bash \
 		build-base \
 		jansson \

docker/redishoneypot/Dockerfile

@@ -4,7 +4,8 @@ FROM golang:1.23-alpine as builder
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+    apk --no-cache -U add \
 		build-base \
 		git \
 		go \

docker/spiderfoot/Dockerfile

@@ -4,7 +4,8 @@ FROM alpine:3.20
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U upgrade && \
+	apk --no-cache -U add \
 		build-base \
 		curl \
 		git \