From a2071eb4d2e346625025502eddff1857b3749cad Mon Sep 17 00:00:00 2001 From: t3chn0m4g3 Date: Sat, 3 Jul 2021 15:51:32 +0000 Subject: [PATCH] hellpot cleanup and prep for endlessh --- docker/endlessh/Dockerfile | 42 ++++++++++++++++++++++++++++++ docker/endlessh/dist/endlessh.conf | 27 +++++++++++++++++++ docker/endlessh/docker-compose.yml | 20 ++++++++++++++ docker/hellpot/Dockerfile | 4 +-- 4 files changed, 91 insertions(+), 2 deletions(-) create mode 100644 docker/endlessh/Dockerfile create mode 100644 docker/endlessh/dist/endlessh.conf create mode 100644 docker/endlessh/docker-compose.yml diff --git a/docker/endlessh/Dockerfile b/docker/endlessh/Dockerfile new file mode 100644 index 00000000..b1ef42f8 --- /dev/null +++ b/docker/endlessh/Dockerfile @@ -0,0 +1,42 @@ +FROM alpine:3.13 as builder +# +# Include dist +ADD dist/ /root/dist/ +# +# Install packages +RUN apk -U add --no-cache \ + build-base \ + git \ + libcap && \ +# +# Install endlessh from git + git clone https://github.com/skeeto/endlessh /opt/endlessh && \ + cd /opt/endlessh && \ + git checkout dfe44eb2c5b6fc3c48a39ed826fe0e4459cdf6ef && \ + make && \ + mv /opt/endlessh/endlessh /root/dist +# +FROM alpine:3.14 +# +COPY --from=builder /root/dist/* /opt/endlessh/ +# +# Install packages +RUN apk -U add --no-cache \ + libcap && \ +# +# Setup user, groups and configs + mkdir -p /var/log/endlessh && \ + addgroup -g 2000 endlessh && \ + adduser -S -H -s /bin/ash -u 2000 -D -g 2000 endlessh && \ + chown -R endlessh:endlessh /opt/endlessh && \ + #setcap cap_net_bind_service=+ep /usr/bin/python3.8 && \ +# +# Clean up + rm -rf /root/* && \ + rm -rf /var/cache/apk/* +# +# Set workdir and start endlessh +STOPSIGNAL SIGINT +USER endlessh:endlessh +WORKDIR /opt/endlessh/ +CMD ./endlessh -f endlessh.conf >/var/log/endlessh/endlessh.log diff --git a/docker/endlessh/dist/endlessh.conf b/docker/endlessh/dist/endlessh.conf new file mode 100644 index 00000000..fa5d3255 --- /dev/null +++ b/docker/endlessh/dist/endlessh.conf @@ -0,0 +1,27 @@ +# The port on which to listen for new SSH connections. +Port 2222 + +# The endless banner is sent one line at a time. This is the delay +# in milliseconds between individual lines. +Delay 10000 + +# The length of each line is randomized. This controls the maximum +# length of each line. Shorter lines may keep clients on for longer if +# they give up after a certain number of bytes. +MaxLineLength 32 + +# Maximum number of connections to accept at a time. Connections beyond +# this are not immediately rejected, but will wait in the queue. +MaxClients 4096 + +# Set the detail level for the log. +# 0 = Quiet +# 1 = Standard, useful log messages +# 2 = Very noisy debugging information +LogLevel 1 + +# Set the family of the listening socket +# 0 = Use IPv4 Mapped IPv6 (Both v4 and v6, default) +# 4 = Use IPv4 only +# 6 = Use IPv6 only +BindFamily 4 diff --git a/docker/endlessh/docker-compose.yml b/docker/endlessh/docker-compose.yml new file mode 100644 index 00000000..eb2359dd --- /dev/null +++ b/docker/endlessh/docker-compose.yml @@ -0,0 +1,20 @@ +version: '2.3' + +networks: + endlessh_local: + +services: + +# Endlessh service + endlessh: + build: . + container_name: endlessh + restart: always + networks: + - endlessh_local + ports: + - "22:2222" + image: "dtagdevsec/endlessh:2006" + read_only: true + volumes: + - /data/endlessh/log:/var/log/endlessh diff --git a/docker/hellpot/Dockerfile b/docker/hellpot/Dockerfile index 7058000b..858301c4 100644 --- a/docker/hellpot/Dockerfile +++ b/docker/hellpot/Dockerfile @@ -8,10 +8,10 @@ RUN apk -U --no-cache add \ build-base \ git \ go \ - g++ + g++ && \ # # Setup go, hellpot -RUN cd /root && \ + cd /root && \ export GOPATH=/opt/go/ && \ mkdir -p /opt/go && \ git clone https://github.com/yunginnanet/HellPot && \