Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-19 13:42:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

update for py 3.12, harden image

Browse source
This commit is contained in:
t3chn0m4g3 2024-11-19 16:34:04 +01:00
parent 09716a30c1
commit f04455544e
1 changed files with 16 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
docker/citrixhoneypot/Dockerfile
View file

@ -1,21 +1,21 @@
FROM alpine:3.19 FROM alpine:3.20 AS builder
# #
# Install packages # Install packages
RUN apk --no-cache -U add \ RUN apk --no-cache -U add \
build-base \
git \ git \
libcap \
openssl \ openssl \
py3-pip \ py3-pip \
python3 && \ python3 && \
# #
pip3 install --break-system-packages --no-cache-dir python-json-logger && \ pip3 install --break-system-packages --no-cache-dir \
pyinstaller \
python-json-logger
# #
# Install CitrixHoneypot from GitHub # Install CitrixHoneypot from GitHub
git clone https://github.com/t3chn0m4g3/CitrixHoneypot /opt/citrixhoneypot && \ RUN git clone https://github.com/t3chn0m4g3/CitrixHoneypot /opt/citrixhoneypot && \
cd /opt/citrixhoneypot && \ cd /opt/citrixhoneypot && \
git checkout f59ad7320dc5bbb8c23c8baa5f111b52c52fbef3 && \
# #
# Setup user, groups and configs
mkdir -p /opt/citrixhoneypot/logs /opt/citrixhoneypot/ssl && \ mkdir -p /opt/citrixhoneypot/logs /opt/citrixhoneypot/ssl && \
openssl req \ openssl req \
-nodes \ -nodes \
@ -25,20 +25,18 @@ RUN apk --no-cache -U add \
-out "/opt/citrixhoneypot/ssl/cert.pem" \ -out "/opt/citrixhoneypot/ssl/cert.pem" \
-days 365 \ -days 365 \
-subj '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd' && \ -subj '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd' && \
addgroup -g 2000 citrixhoneypot && \ chown 2000:2000 -R ssl/
adduser -S -H -s /bin/ash -u 2000 -D -g 2000 citrixhoneypot && \
chown -R citrixhoneypot:citrixhoneypot /opt/citrixhoneypot && \
setcap cap_net_bind_service=+ep $(readlink -f $(type -P python3)) && \
# #
# Clean up WORKDIR /opt/citrixhoneypot
apk del --purge git \ RUN pyinstaller CitrixHoneypot.py
openssl && \ #
rm -rf /root/* \ FROM alpine:3.20
/opt/citrixhoneypot/.git \ COPY --from=builder /opt/citrixhoneypot/dist/CitrixHoneypot/ /opt/citrixhoneypot
/var/cache/apk/* COPY --from=builder /opt/citrixhoneypot/ssl /opt/citrixhoneypot/ssl
COPY --from=builder /opt/citrixhoneypot/responses/ /opt/citrixhoneypot/responses
# #
# Set workdir and start citrixhoneypot # Set workdir and start citrixhoneypot
STOPSIGNAL SIGINT STOPSIGNAL SIGINT
USER citrixhoneypot:citrixhoneypot USER 2000:2000
WORKDIR /opt/citrixhoneypot/ WORKDIR /opt/citrixhoneypot/
CMD nohup /usr/bin/python3 CitrixHoneypot.py CMD nohup ./CitrixHoneypot