mirror of
				https://github.com/telekom-security/tpotce.git
				synced 2025-10-26 18:24:45 +00:00 
			
		
		
		
	Compare commits
	
		
			No commits in common. "967ddf6d2fc2a85b7a66d90a7aea4f1c56185225" and "486c97335f693e9a48909693ecc6a3bb28de28f4" have entirely different histories.
		
	
	
		
			967ddf6d2f
			...
			486c97335f
		
	
		
					 17 changed files with 74 additions and 86 deletions
				
			
		|  | @ -17,8 +17,10 @@ RUN apk --no-cache -U add \ | |||
| RUN git clone https://github.com/nsmfoo/dicompot.git && \ | ||||
|     cd dicompot && \ | ||||
|     git checkout 41331194156bbb17078bcc1594f4952ac06a731e && \ | ||||
|     cp /root/dist/go.mod . | ||||
|     cp /root/dist/go.mod . && \ | ||||
|     pwd && ls -alR | ||||
| WORKDIR /go/dicompot | ||||
| RUN ls -alR | ||||
| RUN go mod tidy | ||||
| RUN go mod download | ||||
| RUN go build -o dicompot github.com/nsmfoo/dicompot/server | ||||
|  |  | |||
|  | @ -1,35 +1,44 @@ | |||
| FROM golang:1.23-alpine AS builder | ||||
| # | ||||
| ENV GO111MODULE=on \ | ||||
|     CGO_ENABLED=0 \ | ||||
|     GOOS=linux | ||||
| FROM golang:1.21-alpine AS builder | ||||
| # | ||||
| # Install packages | ||||
| RUN apk --no-cache -U add \ | ||||
| 		build-base \ | ||||
| 		git \ | ||||
|         g++ | ||||
| 		go \ | ||||
| 		g++ && \ | ||||
| # | ||||
| # Setup go, build medpot | ||||
| RUN mkdir -p /usr/local/go/src/medpot && \ | ||||
|     git clone https://github.com/schmalle/medpot /usr/local/go/src/medpot && \ | ||||
|     cd /usr/local/go/src/medpot && \ | ||||
|     export GOPATH=/opt/go/ && \ | ||||
|     export GO111MODULE=off && \ | ||||
|     mkdir -p /opt/go/src && \ | ||||
|     cd /opt/go/src && \ | ||||
|     git clone https://github.com/schmalle/medpot && \ | ||||
|     cd medpot && \ | ||||
|     git checkout 75a2e6134cf926c35b6017d62542274434c87388 && \ | ||||
|     go mod init github.com/schmalle/medpot && \ | ||||
|     go mod tidy && \ | ||||
|     go mod download && \ | ||||
|     cd .. && \ | ||||
|     go get -d -v github.com/davecgh/go-spew/spew && \ | ||||
|     go get -d -v github.com/go-ini/ini && \ | ||||
|     go get -d -v github.com/mozillazg/request && \ | ||||
|     go get -d -v go.uber.org/zap && \ | ||||
|     cd medpot && \ | ||||
|     cp dist/etc/ews.cfg /etc/ && \ | ||||
|     go build medpot | ||||
| # | ||||
| FROM scratch | ||||
| FROM alpine:3.19 | ||||
| # | ||||
| # Setup medpot | ||||
| # | ||||
| COPY --from=builder /usr/local/go/src/medpot/medpot /opt/medpot/medpot | ||||
| COPY --from=builder /usr/local/go/src/medpot/template/*.xml /opt/medpot/ | ||||
| COPY --from=builder /usr/local/go/src/medpot/dist/etc/ews.cfg /etc/ews.cfg | ||||
| COPY --from=builder /opt/go/src/medpot/medpot /opt/medpot/medpot | ||||
| COPY --from=builder /opt/go/src/medpot/template/*.xml /opt/medpot/ | ||||
| COPY --from=builder /opt/go/src/medpot/dist/etc/ews.cfg /etc/ews.cfg | ||||
| RUN mkdir -p /var/log/medpot && \ | ||||
| # | ||||
| # Setup user, groups and configs | ||||
|     addgroup -g 2000 medpot && \ | ||||
|     adduser -S -s /bin/ash -u 2000 -D -g 2000 medpot && \ | ||||
|     chown -R medpot:medpot /var/log/medpot | ||||
| # | ||||
| # Start medpot | ||||
| WORKDIR /opt/medpot | ||||
| USER 2000:2000 | ||||
| USER medpot:medpot | ||||
| CMD ["./medpot"] | ||||
|  |  | |||
|  | @ -1,29 +1,26 @@ | |||
| FROM alpine:3.20 AS builder | ||||
| FROM alpine:3.19 | ||||
| # | ||||
| # Install packages | ||||
| RUN apk --no-cache -U add \ | ||||
| 	build-base \ | ||||
| 	git \	 | ||||
| 	python3 \ | ||||
|     py3-pip | ||||
| # | ||||
| RUN	mkdir -p /opt && \ | ||||
|     py3-pip && \ | ||||
| 	mkdir -p /opt && \ | ||||
| 	cd /opt/ && \ | ||||
| 	git clone https://github.com/t3chn0m4g3/miniprint | ||||
| WORKDIR /opt/miniprint | ||||
| RUN pip3 install --break-system-packages pyinstaller | ||||
| RUN	pip3 install --break-system-packages -r requirements.txt | ||||
| RUN pyinstaller server.py \ | ||||
| 		--add-data "./fake-files:./fake-files" \ | ||||
| 		--add-data "./uploads:./uploads" | ||||
| 	git clone https://github.com/t3chn0m4g3/miniprint && \ | ||||
| 	cd miniprint && \ | ||||
| 	pip3 install --break-system-packages -r requirements.txt && \ | ||||
| # | ||||
| FROM alpine:3.20 | ||||
| COPY --from=builder /opt/miniprint/dist/* /opt/miniprint/ | ||||
| COPY --from=builder /opt/miniprint/fake-files/ /opt/miniprint/fake-files/ | ||||
| COPY --from=builder /opt/miniprint/uploads/ /opt/miniprint/uploads/ | ||||
| # Setup user, groups and configs | ||||
| 	addgroup -g 2000 miniprint && \ | ||||
| 	adduser -S -H -s /bin/ash -u 2000 -D -g 2000 miniprint && \ | ||||
| # | ||||
| # Clean up | ||||
| 	apk del --purge git && \ | ||||
|     rm -rf /root/* /var/cache/apk/* /opt/miniprint/.git | ||||
| # | ||||
| # Start miniprint | ||||
| STOPSIGNAL SIGINT | ||||
| USER 2000:2000 | ||||
| USER miniprint:miniprint | ||||
| WORKDIR /opt/miniprint/ | ||||
| CMD ["./server", "--bind", "0.0.0.0", "--log-file", "/opt/miniprint/log/miniprint.json"] | ||||
| CMD ["/usr/bin/python3", "./server.py", "--bind", "0.0.0.0", "--log-file", "log/miniprint.json"] | ||||
|  |  | |||
|  | @ -1,4 +1,4 @@ | |||
| FROM alpine:3.20 | ||||
| FROM alpine:3.19 | ||||
| # | ||||
| # Include dist | ||||
| COPY dist/ /root/dist/ | ||||
|  |  | |||
|  | @ -2,7 +2,7 @@ | |||
| FROM node:18-alpine as builder | ||||
| # | ||||
| # Prep and build Cyberchef | ||||
| ENV CY_VER=v10.19.4 | ||||
| ENV CY_VER=v10.8.2 | ||||
| RUN apk -U --no-cache add build-base git python3 && \ | ||||
|     chown -R node:node /srv && \ | ||||
|     npm install -g grunt-cli | ||||
|  |  | |||
|  | @ -4,7 +4,8 @@ FROM node:20-alpine AS builder | |||
| # | ||||
| # Prep and build Elasticvue  | ||||
| RUN apk -U --no-cache add git && \ | ||||
|     git clone https://github.com/cars10/elasticvue -b v1.1.0 /opt/src && \ | ||||
|     # git clone https://github.com/cars10/elasticvue -b v1.0.4 /opt/src && \ | ||||
|     git clone https://github.com/t3chn0m4g3/elasticvue /opt/src && \ | ||||
| # We need to adjust consts.ts so the user has connection suggestion for reverse proxied ES | ||||
|     sed -i "s#export const DEFAULT_CLUSTER_URI = 'http://localhost:9200'#export const DEFAULT_CLUSTER_URI = window.location.origin + '/es'#g" /opt/src/src/consts.ts && \ | ||||
|     sed -i 's#href="/images/logo/favicon.ico"#href="images/logo/favicon.ico"#g' /opt/src/index.html && \ | ||||
|  |  | |||
							
								
								
									
										3
									
								
								docker/nginx/dist/conf/lsweb.conf
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										3
									
								
								docker/nginx/dist/conf/lsweb.conf
									
									
									
									
										vendored
									
									
								
							|  | @ -7,8 +7,7 @@ server { | |||
|     ######################### | ||||
|     ### Basic server settings | ||||
|     ######################### | ||||
|     listen 64294 ssl; | ||||
|     http2 on; | ||||
|     listen 64294 ssl http2; | ||||
|     index index.html; | ||||
|     ssl_protocols TLSv1.3; | ||||
|     server_name example.com; | ||||
|  |  | |||
							
								
								
									
										3
									
								
								docker/nginx/dist/conf/tpotweb.conf
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										3
									
								
								docker/nginx/dist/conf/tpotweb.conf
									
									
									
									
										vendored
									
									
								
							|  | @ -7,8 +7,7 @@ server { | |||
|     ######################### | ||||
|     ### Basic server settings | ||||
|     ######################### | ||||
|     listen 64297 ssl; | ||||
|     http2 on; | ||||
|     listen 64297 ssl http2; | ||||
|     index index.html; | ||||
|     ssl_protocols TLSv1.3; | ||||
|     server_name example.com; | ||||
|  |  | |||
							
								
								
									
										
											BIN
										
									
								
								docker/nginx/dist/html/cyberchef/cyberchef.tgz
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										
											BIN
										
									
								
								docker/nginx/dist/html/cyberchef/cyberchef.tgz
									
									
									
									
										vendored
									
									
								
							
										
											Binary file not shown.
										
									
								
							
							
								
								
									
										
											BIN
										
									
								
								docker/nginx/dist/html/esvue/esvue.tgz
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										
											BIN
										
									
								
								docker/nginx/dist/html/esvue/esvue.tgz
									
									
									
									
										vendored
									
									
								
							
										
											Binary file not shown.
										
									
								
							|  | @ -1,4 +1,4 @@ | |||
| FROM alpine:3.20 | ||||
| FROM alpine:3.19 | ||||
| # | ||||
| # Add source | ||||
| COPY . /opt/p0f | ||||
|  |  | |||
|  | @ -1,4 +1,4 @@ | |||
| FROM golang:1.23-alpine as builder | ||||
| FROM golang:1.21-alpine as builder | ||||
| # | ||||
| # Include dist | ||||
| COPY dist/ /root/dist/ | ||||
|  | @ -20,14 +20,19 @@ RUN apk --no-cache -U add \ | |||
|     go mod download && \ | ||||
|     go install | ||||
| # | ||||
| FROM alpine:3.20 | ||||
| FROM alpine:3.19 | ||||
| # | ||||
| # Setup redishoneypot | ||||
| # | ||||
| COPY --from=builder /opt/go/bin/RedisHoneyPot /opt/redishoneypot/ | ||||
| COPY --from=builder /root/dist/redis.conf /opt/redishoneypot/ | ||||
| # | ||||
| # Setup user, groups and configs | ||||
| RUN addgroup -g 2000 redishoneypot && \ | ||||
|     adduser -S -s /bin/ash -u 2000 -D -g 2000 redishoneypot && \ | ||||
|     mkdir -p /var/log/redishoneypot | ||||
| # | ||||
| # Start redishoneypot | ||||
| WORKDIR /opt/redishoneypot | ||||
| USER 2000:2000 | ||||
| USER redishoneypot:redishoneypot | ||||
| CMD ./RedisHoneyPot > /var/log/redishoneypot/redishoneypot.log 2>&1 | ||||
|  |  | |||
|  | @ -1,8 +1,7 @@ | |||
| FROM alpine:edge | ||||
| # | ||||
| # Install packages | ||||
| RUN apk -U upgrade --no-cache && \ | ||||
| 	apk -U add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing \ | ||||
| RUN apk -U add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing \ | ||||
| 		sentrypeer && \ | ||||
| # | ||||
| # Setup user, groups and configs | ||||
|  |  | |||
|  | @ -1,4 +1,4 @@ | |||
| FROM alpine:3.20 | ||||
| FROM alpine:3.19 | ||||
| # | ||||
| # Include dist | ||||
| COPY dist/ /root/dist/ | ||||
|  | @ -62,9 +62,9 @@ RUN apk --no-cache -U add \ | |||
|     git clone https://github.com/smicallef/spiderfoot /home/spiderfoot && \ | ||||
|     cd /home/spiderfoot && \ | ||||
|     git checkout 0f815a203afebf05c98b605dba5cf0475a0ee5fd && \ | ||||
|     pip3 install --no-cache-dir --break-system-packages --upgrade pip && \ | ||||
|     pip3 install --break-system-packages --upgrade pip && \ | ||||
|     cp /root/dist/requirements.txt . && \ | ||||
|     pip3 install --no-cache-dir --break-system-packages --no-cache-dir -r requirements.txt && \  | ||||
|     pip3 install --break-system-packages --no-cache-dir -r requirements.txt && \  | ||||
|     mkdir -p /home/spiderfoot/.spiderfoot/logs && \ | ||||
|     chown -R spiderfoot:spiderfoot /home/spiderfoot && \ | ||||
|     sed -i "s#'root': '\/'#'root': '\/spiderfoot'#" /home/spiderfoot/sf.py && \ | ||||
|  |  | |||
|  | @ -4,8 +4,7 @@ FROM alpine:edge | |||
| COPY dist/ /root/dist/ | ||||
| # | ||||
| # Install packages | ||||
| RUN apk --no-cache -U upgrade && \ | ||||
|     apk --no-cache -U add \ | ||||
| RUN apk --no-cache -U add \ | ||||
| 		ca-certificates \ | ||||
| 		curl \ | ||||
| 		file \ | ||||
|  |  | |||
							
								
								
									
										6
									
								
								docker/suricata/dist/capture-filter.bpf
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										6
									
								
								docker/suricata/dist/capture-filter.bpf
									
									
									
									
										vendored
									
									
								
							|  | @ -1,5 +1,3 @@ | |||
| not (host sicherheitstacho.eu or community.sicherheitstacho.eu or listbot.sicherheitstacho.eu) and | ||||
| not (tcp port 64294 or tcp port 64305) and | ||||
| not (udp port 138 or udp port 5353) and | ||||
| not (ip broadcast or ip multicast or ip6 multicast) and | ||||
| not ip proto 2 | ||||
| not (tcp port 64294) and | ||||
| not (tcp port 64305) | ||||
|  |  | |||
							
								
								
									
										32
									
								
								docker/suricata/dist/suricata.yaml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										32
									
								
								docker/suricata/dist/suricata.yaml
									
									
									
									
										vendored
									
									
								
							|  | @ -5,7 +5,7 @@ | |||
| # options in this file, full documentation can be found at: | ||||
| # https://docs.suricata.io/en/latest/configuration/suricata-yaml.html | ||||
| 
 | ||||
| # This configuration file generated by Suricata 7.0.7. | ||||
| # This configuration file generated by Suricata 7.0.2. | ||||
| suricata-version: "7.0" | ||||
| 
 | ||||
| ## | ||||
|  | @ -176,7 +176,6 @@ outputs: | |||
|         - frame: | ||||
|             # disabled by default as this is very verbose. | ||||
|             enabled: no | ||||
|             # payload-buffer-size: 4kb # max size of frame payload buffer to output in eve-log | ||||
|         - anomaly: | ||||
|             # Anomaly log records describe unexpected conditions such | ||||
|             # as truncated packets, packets with invalid IP/UDP/TCP | ||||
|  | @ -215,7 +214,7 @@ outputs: | |||
|             extended: yes     # enable this for extended logging information | ||||
|             # custom allows additional HTTP fields to be included in eve-log. | ||||
|             # the example below adds three additional fields when uncommented | ||||
|             #custom: [Accept-Encoding, Accept-Language, Authorization] | ||||
|             custom: [Accept-Encoding, Accept-Language, Authorization, Forwarded, From, Referer, Via] | ||||
|             # set this value to one and only one from {both, request, response} | ||||
|             # to dump all HTTP headers for every HTTP request and/or response | ||||
|             # dump-all-headers: none | ||||
|  | @ -252,11 +251,8 @@ outputs: | |||
|             # output TLS transaction where the session is resumed using a | ||||
|             # session id | ||||
|             #session-resumption: no | ||||
|             # ja4 hashes in tls records will never be logged unless | ||||
|             # the following is set to on. (Default off) | ||||
|             ja4: on | ||||
|             # custom controls which TLS fields that are included in eve-log | ||||
|             custom: [subject, issuer, session_resumed, serial, fingerprint, sni, version, not_before, not_after, certificate, ja3, ja3s, ja4] | ||||
|             custom: [subject, issuer, session_resumed, serial, fingerprint, sni, version, not_before, not_after, certificate, ja3, ja3s] | ||||
|         - files: | ||||
|             force-magic: yes   # force logging magic on all logged files | ||||
|             # force logging of checksums, available hash functions are md5, | ||||
|  | @ -295,10 +291,7 @@ outputs: | |||
|         - snmp | ||||
|         - rfb | ||||
|         - sip | ||||
|         - quic: | ||||
|             # ja4 hashes in quic records will never be logged unless | ||||
|             # the following is set to on. (Default off) | ||||
|             ja4: on | ||||
|         - quic | ||||
|         - dhcp: | ||||
|             enabled: no | ||||
|             # When extended mode is on, all DHCP messages are logged | ||||
|  | @ -760,7 +753,6 @@ dpdk: | |||
|       # - auto takes all cores | ||||
|       # in IPS mode it is required to specify the number of cores and the numbers on both interfaces must match | ||||
|       threads: auto | ||||
|       # interrupt-mode: false # true to switch to interrupt mode  | ||||
|       promisc: true # promiscuous mode - capture all packets | ||||
|       multicast: true # enables also detection on multicast packets | ||||
|       checksum-checks: true # if Suricata should validate checksums | ||||
|  | @ -900,10 +892,9 @@ app-layer: | |||
|       detection-ports: | ||||
|         dp: 443 | ||||
| 
 | ||||
|       # Generate JA3/JA4 fingerprints from client hello. If not specified it | ||||
|       # Generate JA3 fingerprint from client hello. If not specified it | ||||
|       # will be disabled by default, but enabled if rules require it. | ||||
|       ja3-fingerprints: yes | ||||
|       ja4-fingerprints: yes | ||||
| 
 | ||||
|       # What to do when the encrypted communications start: | ||||
|       # - default: keep tracking TLS session, check for protocol anomalies, | ||||
|  | @ -943,13 +934,9 @@ app-layer: | |||
|       #max-streams: 4096 | ||||
|       # Maximum headers table size | ||||
|       #max-table-size: 65536 | ||||
|       # Maximum reassembly size for header + continuation frames | ||||
|       #max-reassembly-size: 102400 | ||||
|     smtp: | ||||
|       enabled: yes | ||||
|       raw-extraction: no | ||||
|       # Maximum number of live SMTP transactions per flow | ||||
|       # max-tx: 256 | ||||
|       # Configure SMTP-MIME Decoder | ||||
|       mime: | ||||
|         # Decode MIME messages from SMTP transactions | ||||
|  | @ -1097,10 +1084,6 @@ app-layer: | |||
|            #compression-bomb-limit: 1mb | ||||
|            # Maximum time spent decompressing a single transaction in usec | ||||
|            #decompression-time-limit: 100000 | ||||
|            # Maximum number of live transactions per flow | ||||
|            #max-tx: 512 | ||||
|            # Maximum used number of HTTP1 headers in one request or response | ||||
|            #headers-limit: 1024 | ||||
| 
 | ||||
|          server-config: | ||||
| 
 | ||||
|  | @ -1307,6 +1290,7 @@ unix-command: | |||
| 
 | ||||
| # Magic file. The extension .mgc is added to the value here. | ||||
| magic-file: /usr/share/misc/magic.mgc | ||||
| #magic-file:  | ||||
| 
 | ||||
| # GeoIP2 database file. Specify path and filename of GeoIP2 database | ||||
| # if using rules with "geoip" rule option. | ||||
|  | @ -1814,10 +1798,6 @@ profiling: | |||
|     enabled: no | ||||
|     filename: rule_perf.log | ||||
|     append: yes | ||||
|     # Set active to yes to enable rules profiling at start | ||||
|     # if set to no (default), the rules profiling will have to be started | ||||
|     # via unix socket commands. | ||||
|     #active:no | ||||
| 
 | ||||
|     # Sort options: ticks, avgticks, checks, matches, maxticks | ||||
|     # If commented out all the sort options will be used. | ||||
|  |  | |||
		Loading…
	
		Reference in a new issue