From 9d7c24892d664a8799b3b22785f71d73ec47f508 Mon Sep 17 00:00:00 2001 From: t3chn0m4g3 Date: Tue, 8 Mar 2022 23:36:03 +0000 Subject: [PATCH] image tweaking --- docker/dicompot/Dockerfile | 2 +- docker/dionaea/Dockerfile | 5 ++--- docker/elasticpot/Dockerfile | 6 +++--- docker/elk/elasticsearch/Dockerfile | 5 ++--- docker/elk/kibana/Dockerfile | 5 ++--- docker/elk/logstash/Dockerfile | 5 ++--- docker/elk/map/Dockerfile | 7 +++---- docker/ews/Dockerfile | 6 +++--- docker/fatt/Dockerfile | 12 ++++++++---- docker/glutton/Dockerfile | 4 ++-- docker/hellpot/Dockerfile | 4 ++-- docker/heralding/Dockerfile | 2 +- docker/honeypots/Dockerfile | 8 ++++---- docker/honeytrap/Dockerfile | 5 ++--- docker/ipphoney/Dockerfile | 7 +++---- docker/mailoney/Dockerfile | 3 +-- docker/nginx/Dockerfile | 5 ++--- docker/p0f/Dockerfile | 2 +- docker/redishoneypot/Dockerfile | 5 +++-- docker/spiderfoot/Dockerfile | 2 +- docker/tanner/phpox/Dockerfile | 3 +-- docker/tanner/redis/Dockerfile | 2 +- docker/tanner/snare/Dockerfile | 9 ++++++++- docker/tanner/tanner/Dockerfile | 5 ++--- docker/wordpot/Dockerfile | 9 ++++----- 25 files changed, 64 insertions(+), 64 deletions(-) diff --git a/docker/dicompot/Dockerfile b/docker/dicompot/Dockerfile index aaebf37a..886fc587 100644 --- a/docker/dicompot/Dockerfile +++ b/docker/dicompot/Dockerfile @@ -5,7 +5,7 @@ RUN apk -U add --no-cache \ build-base \ git \ g++ && \ - apk -U add go --repository http://dl-3.alpinelinux.org/alpine/edge/community && \ + apk -U add --no-cache go --repository http://dl-3.alpinelinux.org/alpine/edge/community && \ # # Setup go, build dicompot mkdir -p /opt/go && \ diff --git a/docker/dionaea/Dockerfile b/docker/dionaea/Dockerfile index 3f89922b..3d8a0f3c 100644 --- a/docker/dionaea/Dockerfile +++ b/docker/dionaea/Dockerfile @@ -2,7 +2,7 @@ FROM ubuntu:20.04 ENV DEBIAN_FRONTEND noninteractive # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Determine arch, get and install packages RUN ARCH=$(arch) && \ @@ -16,7 +16,6 @@ RUN ARCH=$(arch) && \ http://ftp.us.debian.org/debian/pool/main/libe/libemu/libemu-dev_0.2.0+git20120122-1.2+b1_$ARCH.deb && \ apt install ./libemu2_0.2.0+git20120122-1.2+b1_$ARCH.deb \ ./libemu-dev_0.2.0+git20120122-1.2+b1_$ARCH.deb -y && \ - apt-get dist-upgrade -y && \ apt-get install -y --no-install-recommends \ build-essential \ ca-certificates \ @@ -108,7 +107,7 @@ RUN ARCH=$(arch) && \ # apt-get autoremove --purge -y && \ apt-get clean && \ - rm -rf /root/* /var/lib/apt/lists/* /tmp/* /var/tmp/* + rm -rf /root/* /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/dionaea/.git # # Start dionaea USER dionaea:dionaea diff --git a/docker/elasticpot/Dockerfile b/docker/elasticpot/Dockerfile index d5c50995..2b836d8e 100644 --- a/docker/elasticpot/Dockerfile +++ b/docker/elasticpot/Dockerfile @@ -1,10 +1,10 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Install packages -RUN apk -U add \ +RUN apk -U --no-cache add \ build-base \ ca-certificates \ git \ @@ -39,7 +39,7 @@ RUN apk -U add \ postgresql-dev \ python3-dev && \ rm -rf /root/* && \ - rm -rf /var/cache/apk/* + rm -rf /var/cache/apk/* /opt/elasticpot/.git # # Start elasticpot STOPSIGNAL SIGINT diff --git a/docker/elk/elasticsearch/Dockerfile b/docker/elk/elasticsearch/Dockerfile index e39b7abd..e74b789c 100644 --- a/docker/elk/elasticsearch/Dockerfile +++ b/docker/elk/elasticsearch/Dockerfile @@ -4,10 +4,9 @@ FROM ubuntu:20.04 ENV ES_VER=8.0.0 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # RUN apt-get update -y && \ - apt-get dist-upgrade -y && \ apt-get install -y \ aria2 \ curl && \ @@ -37,7 +36,7 @@ RUN apt-get update -y && \ # Clean up apt-get purge aria2 -y && \ apt-get autoremove -y --purge && \ - apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/dist + apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/* # # Healthcheck HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9200/_cat/health' diff --git a/docker/elk/kibana/Dockerfile b/docker/elk/kibana/Dockerfile index 0ebb59d6..19a8ed46 100644 --- a/docker/elk/kibana/Dockerfile +++ b/docker/elk/kibana/Dockerfile @@ -3,10 +3,9 @@ FROM ubuntu:20.04 # VARS ENV KB_VER=8.0.0 # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # RUN apt-get update -y && \ - apt-get dist-upgrade -y && \ apt-get install -y \ aria2 \ curl && \ @@ -47,7 +46,7 @@ RUN apt-get update -y && \ # Clean up apt-get purge aria2 -y && \ apt-get autoremove -y --purge && \ - apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/dist + apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/* # # Healthcheck HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:5601' diff --git a/docker/elk/logstash/Dockerfile b/docker/elk/logstash/Dockerfile index 78d1d22c..a451ee71 100644 --- a/docker/elk/logstash/Dockerfile +++ b/docker/elk/logstash/Dockerfile @@ -3,11 +3,10 @@ FROM ubuntu:20.04 # VARS ENV LS_VER=8.0.0 # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Setup env and apt RUN apt-get update -y && \ - apt-get dist-upgrade -y && \ apt-get install -y \ aria2 \ autossh \ @@ -55,7 +54,7 @@ RUN apt-get update -y && \ # # Clean up apt-get autoremove -y --purge && \ - apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/dist + apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/* # # Healthcheck HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9600' diff --git a/docker/elk/map/Dockerfile b/docker/elk/map/Dockerfile index 7ebf1c7e..9176fe99 100644 --- a/docker/elk/map/Dockerfile +++ b/docker/elk/map/Dockerfile @@ -1,10 +1,10 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Install packages -RUN apk -U add \ +RUN apk -U --no-cache add \ build-base \ git \ libcap \ @@ -32,8 +32,7 @@ RUN apk -U add \ apk del --purge build-base \ git \ python3-dev && \ - rm -rf /root/* && \ - rm -rf /var/cache/apk/* + rm -rf /root/* /var/cache/apk/* /opt/geoip-attack-map/.git # # Start wordpot STOPSIGNAL SIGINT diff --git a/docker/ews/Dockerfile b/docker/ews/Dockerfile index 3786d052..b4674c6c 100644 --- a/docker/ews/Dockerfile +++ b/docker/ews/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Install packages RUN apk -U --no-cache add \ @@ -20,6 +20,7 @@ RUN apk -U --no-cache add \ py3-requests \ py3-pip \ py3-setuptools && \ + pip3 install --upgrade pip && \ pip3 install --no-cache-dir configparser hpfeeds3 influxdb influxdb-client pyOpenSSL xmljson && \ # # Setup ewsposter @@ -44,8 +45,7 @@ RUN apk -U --no-cache add \ openssl-dev \ python3-dev \ py-setuptools && \ - rm -rf /root/* && \ - rm -rf /var/cache/apk/* + rm -rf /root/* /var/cache/apk/* /opt/ewsposter/.git # # Run ewsposter STOPSIGNAL SIGINT diff --git a/docker/fatt/Dockerfile b/docker/fatt/Dockerfile index be7b6681..ace00609 100644 --- a/docker/fatt/Dockerfile +++ b/docker/fatt/Dockerfile @@ -1,8 +1,9 @@ FROM alpine:3.15 # # Get and install dependencies & packages -RUN apk -U add \ +RUN apk -U --no-cache add \ git \ + libcap \ py3-libxml2 \ py3-lxml \ py3-pip \ @@ -19,22 +20,25 @@ RUN apk -U add \ cd /opt && \ git clone https://github.com/0x4D31/fatt && \ cd fatt && \ - git checkout 314cd1ff7873b5a145a51ec4e85f6107828a2c79 && \ + git checkout 45cabf0b8b59162b99a1732d853efb01614563fe && \ + #git checkout 314cd1ff7873b5a145a51ec4e85f6107828a2c79 && \ mkdir -p log && \ # pyshark >= 0.4.3 breaks fatt pip3 install pyshark==0.4.2.11 && \ # # Setup configs + chgrp fatt /usr/bin/dumpcap && \ + setcap cap_net_raw,cap_net_admin=+eip /usr/bin/dumpcap && \ chown fatt:fatt -R /opt/fatt/* && \ # # Clean up apk del --purge git \ python3-dev && \ - rm -rf /root/* && \ - rm -rf /var/cache/apk/* + rm -rf /root/* /var/cache/apk/* /opt/fatt/.git # # Start fatt STOPSIGNAL SIGINT ENV PYTHONPATH /opt/fatt WORKDIR /opt/fatt +USER fatt:fatt CMD python3 fatt.py -i $(/sbin/ip address show | /usr/bin/awk '/inet.*brd/{ print $NF; exit }') --print_output --json_logging -o log/fatt.log diff --git a/docker/glutton/Dockerfile b/docker/glutton/Dockerfile index fefbabdd..41f37935 100644 --- a/docker/glutton/Dockerfile +++ b/docker/glutton/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Setup apk RUN apk -U --no-cache add \ @@ -47,7 +47,7 @@ RUN apk -U --no-cache add \ g++ && \ rm -rf /var/cache/apk/* \ /opt/go \ - /root/dist + /root/* # # Start glutton WORKDIR /opt/glutton diff --git a/docker/hellpot/Dockerfile b/docker/hellpot/Dockerfile index c71620ea..2d50aae1 100644 --- a/docker/hellpot/Dockerfile +++ b/docker/hellpot/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Setup apk RUN apk -U --no-cache add \ @@ -41,7 +41,7 @@ RUN apk -U --no-cache add \ g++ && \ rm -rf /var/cache/apk/* \ /opt/go \ - /root/dist + /root/* # # Start hellpot WORKDIR /opt/hellpot diff --git a/docker/heralding/Dockerfile b/docker/heralding/Dockerfile index e0a5126c..7590c527 100644 --- a/docker/heralding/Dockerfile +++ b/docker/heralding/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Install packages RUN apk -U --no-cache add \ diff --git a/docker/honeypots/Dockerfile b/docker/honeypots/Dockerfile index ef5b541c..32da0814 100644 --- a/docker/honeypots/Dockerfile +++ b/docker/honeypots/Dockerfile @@ -1,10 +1,10 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Install packages -RUN apk -U add \ +RUN apk -U --no-cache add \ build-base \ freetds \ freetds-dev \ @@ -53,8 +53,8 @@ RUN apk -U add \ postgresql-dev \ python3-dev \ zlib-dev && \ - rm -rf /root/* && \ - rm -rf /var/cache/apk/* + rm -rf /root/* /var/cache/apk/* /opt/honeypots/.git + # # Start honeypots STOPSIGNAL SIGINT diff --git a/docker/honeytrap/Dockerfile b/docker/honeytrap/Dockerfile index 780696f7..5af73372 100644 --- a/docker/honeytrap/Dockerfile +++ b/docker/honeytrap/Dockerfile @@ -2,12 +2,11 @@ FROM ubuntu:20.04 ENV DEBIAN_FRONTEND noninteractive # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Setup apt RUN apt-get update && \ apt-get update -y && \ - apt-get dist-upgrade -y && \ # # Install packages apt-get install -y autoconf \ @@ -56,7 +55,7 @@ RUN apt-get update && \ libnetfilter-queue-dev \ libpq-dev && \ apt-get autoremove -y --purge && \ - apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/* /opt/honeytrap/.git # # Start honeytrap USER honeytrap:honeytrap diff --git a/docker/ipphoney/Dockerfile b/docker/ipphoney/Dockerfile index 42454f56..11fa9985 100644 --- a/docker/ipphoney/Dockerfile +++ b/docker/ipphoney/Dockerfile @@ -1,10 +1,10 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Install packages -RUN apk -U add \ +RUN apk -U --no-cache add \ build-base \ ca-certificates \ git \ @@ -40,8 +40,7 @@ RUN apk -U add \ openssl-dev \ postgresql-dev \ python3-dev && \ - rm -rf /root/* && \ - rm -rf /var/cache/apk/* + rm -rf /root/* /var/cache/apk/* /opt/ipphoney/.git # # Start ipphoney STOPSIGNAL SIGINT diff --git a/docker/mailoney/Dockerfile b/docker/mailoney/Dockerfile index 4551e0c2..b1314269 100644 --- a/docker/mailoney/Dockerfile +++ b/docker/mailoney/Dockerfile @@ -18,8 +18,7 @@ RUN apk -U --no-cache add \ # # Clean up apk del --purge git && \ - rm -rf /root/* && \ - rm -rf /var/cache/apk/* + rm -rf /root/* /var/cache/apk/* /opt/mailoney/.git # # Set workdir and start mailoney STOPSIGNAL SIGINT diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 8834cc68..5244ac49 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -1,13 +1,12 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Get and install dependencies & packages RUN apk -U --no-cache add \ nginx \ - nginx-mod-http-headers-more \ - && \ + nginx-mod-http-headers-more && \ # ## Setup T-Pot Landing Page, Eleasticvue, Cyberchef cp -R /root/dist/html/* /var/lib/nginx/html/ && \ diff --git a/docker/p0f/Dockerfile b/docker/p0f/Dockerfile index 3dc1da4e..4bb900a2 100644 --- a/docker/p0f/Dockerfile +++ b/docker/p0f/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.15 # # Add source -ADD . /opt/p0f +COPY . /opt/p0f # # Install packages RUN apk -U --no-cache add \ diff --git a/docker/redishoneypot/Dockerfile b/docker/redishoneypot/Dockerfile index 6695789e..a5aa187e 100644 --- a/docker/redishoneypot/Dockerfile +++ b/docker/redishoneypot/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Setup apk RUN apk -U --no-cache add \ @@ -35,7 +35,8 @@ RUN apk -U --no-cache add \ g++ && \ rm -rf /var/cache/apk/* \ /opt/go \ - /root/dist + /root/* \ + /opt/redishoneypot/.git # # Start redishoneypot WORKDIR /opt/redishoneypot diff --git a/docker/spiderfoot/Dockerfile b/docker/spiderfoot/Dockerfile index 0952dbb2..11ddda36 100644 --- a/docker/spiderfoot/Dockerfile +++ b/docker/spiderfoot/Dockerfile @@ -51,7 +51,7 @@ RUN apk -U --no-cache add \ python3-dev \ swig \ tinyxml-dev && \ - rm -rf /var/cache/apk/* + rm -rf /var/cache/apk/* /home/spiderfoot/.git # # Healthcheck HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:8080/spiderfoot/' diff --git a/docker/tanner/phpox/Dockerfile b/docker/tanner/phpox/Dockerfile index 0acf496b..5eb69c69 100644 --- a/docker/tanner/phpox/Dockerfile +++ b/docker/tanner/phpox/Dockerfile @@ -39,8 +39,7 @@ RUN apk -U --no-cache add \ git \ php7-dev \ python3-dev && \ - rm -rf /root/* && \ - rm -rf /var/cache/apk/* + rm -rf /root/* /var/cache/apk/* /opt/phpox/.git # # Set workdir and start phpsandbox STOPSIGNAL SIGKILL diff --git a/docker/tanner/redis/Dockerfile b/docker/tanner/redis/Dockerfile index de08b929..3ac962b0 100644 --- a/docker/tanner/redis/Dockerfile +++ b/docker/tanner/redis/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Setup apk and redis RUN apk -U --no-cache add redis shadow && \ diff --git a/docker/tanner/snare/Dockerfile b/docker/tanner/snare/Dockerfile index a737a5f2..db7da008 100644 --- a/docker/tanner/snare/Dockerfile +++ b/docker/tanner/snare/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Setup apt RUN apk -U --no-cache add \ @@ -24,6 +24,12 @@ RUN apk -U --no-cache add \ mkdir -p /opt/snare/pages && \ # clone --target http://example.com && \ mv /root/dist/pages/* /opt/snare/pages/ && \ +# +# Setup configs, user, groups + addgroup -g 2000 snare && \ + adduser -S -s /bin/ash -u 2000 -D -g 2000 snare && \ + mkdir /var/log/tanner && \ + chown -R snare:snare /opt/snare && \ # # Clean up apk del --purge \ @@ -36,5 +42,6 @@ RUN apk -U --no-cache add \ # # Start snare STOPSIGNAL SIGKILL +USER snare:snare #CMD snare --tanner tanner --debug true --no-dorks true --auto-update false --host-ip 0.0.0.0 --port 80 --page-dir $(shuf -i 1-10 -n 1) CMD snare --tanner tanner --debug true --auto-update false --host-ip 0.0.0.0 --port 80 --page-dir $(shuf -i 1-10 -n 1) diff --git a/docker/tanner/tanner/Dockerfile b/docker/tanner/tanner/Dockerfile index 22750dc3..1221303b 100644 --- a/docker/tanner/tanner/Dockerfile +++ b/docker/tanner/tanner/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +COPY dist/ /root/dist/ # # Setup apt RUN apk -U --no-cache add \ @@ -59,8 +59,7 @@ RUN apk -U --no-cache add \ linux-headers \ python3-dev && \ rm -rf /root/* && \ - rm -rf /tmp/* /var/tmp/* && \ - rm -rf /var/cache/apk/* + rm -rf /tmp/* /var/tmp/* /var/cache/apk/* /opt/tanner/.git # # Start tanner STOPSIGNAL SIGKILL diff --git a/docker/wordpot/Dockerfile b/docker/wordpot/Dockerfile index a1f8e0ba..fe75d6d1 100644 --- a/docker/wordpot/Dockerfile +++ b/docker/wordpot/Dockerfile @@ -1,9 +1,9 @@ FROM alpine:3.15 # # Include dist -ADD dist/ /root/dist/ +#COPY dist/ /root/dist/ # Install packages -RUN apk -U add \ +RUN apk -U --no-cache add \ build-base \ git \ libcap \ @@ -18,7 +18,7 @@ RUN apk -U add \ cd wordpot2 && \ git checkout e93a2e00d84d280b0acd58ba6889b4bee8a6e4d2 && \ sed "s/MarkupSafe==1.0/MarkupSafe==1.1.1/g" -i requirements.txt && \ - cp /root/dist/views.py /opt/wordpot2/wordpot/views.py && \ +# cp /root/dist/views.py /opt/wordpot2/wordpot/views.py && \ pip3 install -r requirements.txt && \ setcap cap_net_bind_service=+ep /usr/bin/python3.9 && \ # @@ -31,8 +31,7 @@ RUN apk -U add \ apk del --purge build-base \ git \ python3-dev && \ - rm -rf /root/* && \ - rm -rf /var/cache/apk/* + rm -rf /root/* /var/cache/apk/* /opt/wordpot2/.git # # Start wordpot STOPSIGNAL SIGINT