Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-01 20:42:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

bump glutton to latest master

Browse source
This commit is contained in:
t3chn0m4g3 2024-11-28 12:03:57 +01:00
parent 882ad6f7d1
commit c6f71d9600
5 changed files with 55 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
docker/glutton/Dockerfile
View file

@ -1,4 +1,4 @@
FROM golang:1.21-alpine as builder FROM golang:1.23-alpine AS builder
# #
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
@ -16,34 +16,27 @@ RUN apk -U --no-cache add \
cd /opt/ && \ cd /opt/ && \
git clone https://github.com/mushorg/glutton && \ git clone https://github.com/mushorg/glutton && \
cd /opt/glutton/ && \ cd /opt/glutton/ && \
git checkout c1204c65ce32bfdc0e08fb2a9abe89b3b8eeed62 && \ git checkout b3b5944b79893ccb1da19e112571674841bbe124 && \
cp /root/dist/system.go . && \ cp /root/dist/system.go . && \
make build && \ make build && \
mv /root/dist/config.yaml /opt/glutton/config/ cp /root/dist/*.yaml /opt/glutton/config/
# #
FROM alpine:3.19 FROM alpine:3.20
# #
COPY --from=builder /opt/glutton/bin /opt/glutton/bin COPY --from=builder /opt/glutton/bin /opt/glutton/bin
COPY --from=builder /opt/glutton/config /opt/glutton/config COPY --from=builder /opt/glutton/config /opt/glutton/config
COPY --from=builder /opt/glutton/rules /opt/glutton/rules
# #
RUN apk -U --no-cache add \ RUN apk -U --no-cache upgrade && \
iptables-dev \ apk -U --no-cache add \
iptables \
libcap \
libpcap-dev && \ libpcap-dev && \
setcap cap_net_admin,cap_net_raw=+ep /opt/glutton/bin/server && \ setcap cap_net_admin,cap_net_raw=+ep /opt/glutton/bin/server && \
setcap cap_net_admin,cap_net_raw=+ep /sbin/xtables-nft-multi && \ setcap cap_net_admin,cap_net_raw=+ep /sbin/xtables-nft-multi && \
mkdir -p /var/log/glutton \ mkdir -p /var/log/glutton \
/opt/glutton/payloads && \ /opt/glutton/payloads
#
# Setup user, groups and configs
addgroup -g 2000 glutton && \
adduser -S -s /bin/ash -u 2000 -D -g 2000 glutton && \
#
# Clean up
rm -rf /var/cache/apk/* \
/root/*
# #
# Start glutton # Start glutton
WORKDIR /opt/glutton WORKDIR /opt/glutton
USER glutton:glutton USER 2000:2000
CMD exec bin/server -d true -i $(/sbin/ip address show | /usr/bin/awk '/inet.*brd/{ print $NF; exit }') -l /var/log/glutton/glutton.log > /dev/null 2>&1 CMD exec bin/server -d true -i $(/sbin/ip address show | /usr/bin/awk '/inet.*brd/{ print $NF; exit }') -l /var/log/glutton/glutton.log > /dev/null 2>&1

3
docker/glutton/dist/config.yaml vendored
View file

@ -1,6 +1,7 @@
ports: ports:
tcp: 5000 tcp: 5000
# udp: 5001 udp: 5001
ssh: 2222
rules_path: config/rules.yaml rules_path: config/rules.yaml

36
docker/glutton/dist/rules.yaml vendored Normal file
View file

@ -0,0 +1,36 @@
rules:
- match: tcp dst port 23 or port 2323 or port 23231
type: conn_handler
target: telnet
- match: tcp dst port 1883
type: conn_handler
target: mqtt
- match: tcp dst port 6969
type: conn_handler
target: bittorrent
- match: tcp dst port 25
type: conn_handler
target: smtp
- match: tcp dst port 3389
type: conn_handler
target: rdp
- match: tcp dst port 445
type: conn_handler
target: smb
- match: tcp dst port 21
type: conn_handler
target: ftp
- match: tcp dst port 5060
type: conn_handler
target: sip
- match: tcp dst port 5222 or port 5223
type: conn_handler
target: jabber
- match: tcp dst port 11211
type: conn_handler
target: memcache
- match: tcp
type: conn_handler
target: tcp
- match: udp
type: drop

2
docker/tpotinit/dist/bin/rules.sh vendored
View file

@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
### Vars, Ports for Standard services ### Vars, Ports for Standard services
myHOSTPORTS="7634 64294 64295" myHOSTPORTS="7634 64294 64295 64296 64297 64298 64299 64303 64305"
myDOCKERCOMPOSEYML="$1" myDOCKERCOMPOSEYML="$1"
myRULESFUNCTION="$2" myRULESFUNCTION="$2"