diff --git a/docker/cyberchef/Dockerfile b/docker/deprecated/cyberchef/Dockerfile similarity index 100% rename from docker/cyberchef/Dockerfile rename to docker/deprecated/cyberchef/Dockerfile diff --git a/docker/cyberchef/docker-compose.yml b/docker/deprecated/cyberchef/docker-compose.yml similarity index 100% rename from docker/cyberchef/docker-compose.yml rename to docker/deprecated/cyberchef/docker-compose.yml diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index e286cfca..3c40f5f8 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -158,11 +158,6 @@ services: #### Tools ################## -# Cyberchef service - cyberchef: - build: cyberchef/. - image: "dtagdevsec/cyberchef:2203" - #### ELK ## Elasticsearch service elasticsearch: @@ -186,7 +181,7 @@ services: # Nginx service nginx: - build: heimdall/. + build: nginx/. image: "dtagdevsec/nginx:2203" # Spiderfoot service diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 150055dc..8834cc68 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -9,14 +9,18 @@ RUN apk -U --no-cache add \ nginx-mod-http-headers-more \ && \ # -## Setup T-Pot Landing Page, Eleasticvue +## Setup T-Pot Landing Page, Eleasticvue, Cyberchef cp -R /root/dist/html/* /var/lib/nginx/html/ && \ cd /var/lib/nginx/html/esvue && \ tar xvfz esvue.tgz && \ rm esvue.tgz && \ + cd /var/lib/nginx/html/cyberchef && \ + tar xvfz cyberchef.tgz && \ + rm cyberchef.tgz && \ # ## Change ownership, permissions chown root:www-data -R /var/lib/nginx/html && \ + chmod 755 -R /var/lib/nginx/html && \ # ## Add Nginx / T-Pot specific configs rm -rf /etc/nginx/conf.d/* /usr/share/nginx/html/* && \ diff --git a/docker/nginx/builder/cyberchef/Dockerfile b/docker/nginx/builder/cyberchef/Dockerfile new file mode 100644 index 00000000..b33a4152 --- /dev/null +++ b/docker/nginx/builder/cyberchef/Dockerfile @@ -0,0 +1,17 @@ +FROM node:10.24.1-alpine3.11 as builder +# +# Prep and build Cyberchef +RUN apk -U --no-cache add git && \ + chown -R node:node /srv && \ + npm install -g grunt-cli +WORKDIR /srv +USER node +RUN git clone https://github.com/gchq/cyberchef -b v9.32.3 . && \ + NODE_OPTIONS=--max_old_space_size=2048 && \ + npm install && \ + grunt prod && \ + cd build/prod && \ + tar cvfz cyberchef.tgz * +# +FROM scratch AS exporter +COPY --from=builder /srv/build/prod/cyberchef.tgz / diff --git a/docker/nginx/builder/cyberchef/build.sh b/docker/nginx/builder/cyberchef/build.sh new file mode 100755 index 00000000..ccf3660b --- /dev/null +++ b/docker/nginx/builder/cyberchef/build.sh @@ -0,0 +1,3 @@ +#!/bin/bash +# Needs buildx to build. Run tpotce/bin/setup-builder.sh first +docker buildx build --output ../../dist/html/cyberchef/ . diff --git a/docker/nginx/builder/esvue/Dockerfile b/docker/nginx/builder/esvue/Dockerfile new file mode 100644 index 00000000..6c153ba6 --- /dev/null +++ b/docker/nginx/builder/esvue/Dockerfile @@ -0,0 +1,21 @@ +FROM node:14.18-alpine AS builder +# +# Prep and build Elasticvue +RUN apk -U --no-cache add git && \ + git clone https://github.com/cars10/elasticvue /opt/src && \ +# We need to adjust consts.js so the user has connection suggestion for reverse proxied ES + sed -i "s#export const DEFAULT_HOST = 'http://localhost:9200'#export const DEFAULT_HOST = window.location.origin + '/es'#g" /opt/src/src/consts.js && \ + sed -i 's#href="/images/logo/favicon.ico"#href="images/logo/favicon.ico"#g' /opt/src/public/index.html && \ + mkdir /opt/app && \ + cd /opt/app && \ + cp /opt/src/package.json . && \ + cp /opt/src/yarn.lock . && \ + yarn install && \ + cp -R /opt/src/* . && \ +# We need to set this ENV so we can run Elasticvue in its own location rather than / + VUE_APP_PUBLIC_PATH=/elasticvue/ yarn build && \ + cd dist && \ + tar cvfz esvue.tgz * +# +FROM scratch AS exporter +COPY --from=builder /opt/app/dist/esvue.tgz / diff --git a/docker/nginx/builder/esvue/build.sh b/docker/nginx/builder/esvue/build.sh new file mode 100755 index 00000000..07a37c14 --- /dev/null +++ b/docker/nginx/builder/esvue/build.sh @@ -0,0 +1,3 @@ +#!/bin/bash +# Needs buildx to build. Run tpotce/bin/setup-builder.sh first +docker buildx build --output ../../dist/html/esvue/ . diff --git a/docker/nginx/dist/conf/tpotweb.conf b/docker/nginx/dist/conf/tpotweb.conf index 63051827..2787e27d 100644 --- a/docker/nginx/dist/conf/tpotweb.conf +++ b/docker/nginx/dist/conf/tpotweb.conf @@ -95,6 +95,12 @@ server { try_files $uri $uri/ /index.html?$args; } + location ^~ /cyberchef { + index index.html; + alias /var/lib/nginx/html/cyberchef; + try_files $uri $uri/ /index.html?$args; + } + location ^~ /elasticvue { index index.html; alias /var/lib/nginx/html/esvue; @@ -118,12 +124,6 @@ server { rewrite /es/(.*)$ /$1 break; } - ### CyberChef - location /cyberchef { - proxy_pass http://127.0.0.1:64299; - rewrite ^/cyberchef(.*)$ /$1 break; - } - ### spiderfoot location /spiderfoot { proxy_pass http://127.0.0.1:64303; diff --git a/docker/nginx/dist/html/cyberchef/cyberchef.tgz b/docker/nginx/dist/html/cyberchef/cyberchef.tgz new file mode 100644 index 00000000..d7d1d206 Binary files /dev/null and b/docker/nginx/dist/html/cyberchef/cyberchef.tgz differ diff --git a/docker/nginx/dist/html/esvue/esvue.tgz b/docker/nginx/dist/html/esvue/esvue.tgz index 7e86496f..6f7ed808 100644 Binary files a/docker/nginx/dist/html/esvue/esvue.tgz and b/docker/nginx/dist/html/esvue/esvue.tgz differ diff --git a/etc/compose/collector.yml b/etc/compose/collector.yml index 7b75a8f2..1631295a 100644 --- a/etc/compose/collector.yml +++ b/etc/compose/collector.yml @@ -3,7 +3,6 @@ version: '2.3' networks: - cyberchef_local: heralding_local: ewsposter_local: spiderfoot_local: @@ -111,17 +110,6 @@ services: #### Tools ################## -# Cyberchef service - cyberchef: - container_name: cyberchef - restart: always - networks: - - cyberchef_local - ports: - - "127.0.0.1:64299:8000" - image: "dtagdevsec/cyberchef:2203" - read_only: true - #### ELK ## Elasticsearch service elasticsearch: diff --git a/etc/compose/hive.yml b/etc/compose/hive.yml index 861fb031..85d3c14d 100644 --- a/etc/compose/hive.yml +++ b/etc/compose/hive.yml @@ -3,7 +3,6 @@ version: '2.3' networks: - cyberchef_local: spiderfoot_local: services: @@ -12,17 +11,6 @@ services: #### Tools ################## -# Cyberchef service - cyberchef: - container_name: cyberchef - restart: always - networks: - - cyberchef_local - ports: - - "127.0.0.1:64299:8000" - image: "dtagdevsec/cyberchef:2203" - read_only: true - #### ELK ## Elasticsearch service elasticsearch: diff --git a/etc/compose/industrial.yml b/etc/compose/industrial.yml index a19b2f15..e787ddf1 100644 --- a/etc/compose/industrial.yml +++ b/etc/compose/industrial.yml @@ -9,7 +9,6 @@ networks: conpot_local_ipmi: conpot_local_kamstrup_382: cowrie_local: - cyberchef_local: dicompot_local: heralding_local: honeysap_local: @@ -318,17 +317,6 @@ services: #### Tools ################## -# Cyberchef service - cyberchef: - container_name: cyberchef - restart: always - networks: - - cyberchef_local - ports: - - "127.0.0.1:64299:8000" - image: "dtagdevsec/cyberchef:2203" - read_only: true - #### ELK ## Elasticsearch service elasticsearch: diff --git a/etc/compose/log4j.yml b/etc/compose/log4j.yml index 73fff881..39299f2d 100644 --- a/etc/compose/log4j.yml +++ b/etc/compose/log4j.yml @@ -3,7 +3,6 @@ version: '2.3' networks: - cyberchef_local: log4pot_local: ewsposter_local: spiderfoot_local: @@ -101,17 +100,6 @@ services: #### Tools ################## -# Cyberchef service - cyberchef: - container_name: cyberchef - restart: always - networks: - - cyberchef_local - ports: - - "127.0.0.1:64299:8000" - image: "dtagdevsec/cyberchef:2203" - read_only: true - #### ELK ## Elasticsearch service elasticsearch: diff --git a/etc/compose/medical.yml b/etc/compose/medical.yml index a5d0c0d4..104f2781 100644 --- a/etc/compose/medical.yml +++ b/etc/compose/medical.yml @@ -3,7 +3,6 @@ version: '2.3' networks: - cyberchef_local: dicompot_local: medpot_local: ewsposter_local: @@ -95,17 +94,6 @@ services: #### Tools ################## -# Cyberchef service - cyberchef: - container_name: cyberchef - restart: always - networks: - - cyberchef_local - ports: - - "127.0.0.1:64299:8000" - image: "dtagdevsec/cyberchef:2203" - read_only: true - #### ELK ## Elasticsearch service elasticsearch: diff --git a/etc/compose/mini.yml b/etc/compose/mini.yml index 9f50f456..9bf572fe 100644 --- a/etc/compose/mini.yml +++ b/etc/compose/mini.yml @@ -3,7 +3,6 @@ version: '2.3' networks: - cyberchef_local: honeypots_local: ewsposter_local: spiderfoot_local: @@ -120,17 +119,6 @@ services: #### Tools ################## -# Cyberchef service - cyberchef: - container_name: cyberchef - restart: always - networks: - - cyberchef_local - ports: - - "127.0.0.1:64299:8000" - image: "dtagdevsec/cyberchef:2203" - read_only: true - #### ELK ## Elasticsearch service elasticsearch: diff --git a/etc/compose/nextgen.yml b/etc/compose/nextgen.yml index 1d99160c..be526628 100644 --- a/etc/compose/nextgen.yml +++ b/etc/compose/nextgen.yml @@ -10,7 +10,6 @@ networks: conpot_local_guardian_ast: conpot_local_ipmi: conpot_local_kamstrup_382: - cyberchef_local: dicompot_local: dionaea_local: ddospot_local: @@ -461,17 +460,6 @@ services: #### Tools ################## -# Cyberchef service - cyberchef: - container_name: cyberchef - restart: always - networks: - - cyberchef_local - ports: - - "127.0.0.1:64299:8000" - image: "dtagdevsec/cyberchef:2203" - read_only: true - #### ELK ## Elasticsearch service elasticsearch: diff --git a/etc/compose/standard.yml b/etc/compose/standard.yml index 651e5c1c..1aadb6c7 100644 --- a/etc/compose/standard.yml +++ b/etc/compose/standard.yml @@ -10,7 +10,6 @@ networks: conpot_local_ipmi: conpot_local_kamstrup_382: cowrie_local: - cyberchef_local: dicompot_local: dionaea_local: elasticpot_local: @@ -494,17 +493,6 @@ services: #### Tools ################## -# Cyberchef service - cyberchef: - container_name: cyberchef - restart: always - networks: - - cyberchef_local - ports: - - "127.0.0.1:64299:8000" - image: "dtagdevsec/cyberchef:2203" - read_only: true - #### ELK ## Elasticsearch service elasticsearch: