Merge 50beeef63a into 6933ee0065

docker/_builder/builder.sh

@@ -132,7 +132,7 @@ fi
 
 # Ensure QEMU is set up for cross-platform builds
 echo -n "Ensuring QEMU is configured for cross-platform builds..."
-if docker run --rm --privileged multiarch/qemu-user-static --reset -p yes > /dev/null 2>&1; then
+if docker run --rm --privileged tonistiigi/binfmt --install all > /dev/null 2>&1; then
     echo -e " [${GREEN}OK${NC}]"
 else
     echo -e " [${RED}FAIL${NC}]"

docker/_builder/setup_builder.sh

@@ -19,8 +19,7 @@ fi
 if [ "$1" != "-y" ]; then
     echo "### Setting up Docker for Multi-Arch Builds."
     echo "### Requires Docker packages from https://get.docker.com/"
-    echo "### Use on x64 only!"
+    echo "### Run with -y if you meet the requirements!"
-    echo "### Run with -y if you fit the requirements!"
     exit 0
 fi
 
@@ -42,7 +41,7 @@ fi
 
 # Ensure QEMU is set up for cross-platform builds
 echo -n "Ensuring QEMU is configured for cross-platform builds..."
-if docker run --rm --privileged multiarch/qemu-user-static --reset -p yes >/dev/null 2>&1; then
+if docker run --rm --privileged tonistiigi/binfmt --install all >/dev/null 2>&1; then
     echo -e " [${GREEN}OK${NC}]"
 else
     echo -e " [${RED}FAIL${NC}]"
@@ -95,5 +94,5 @@ echo "    docker login -u <username>"
 echo "    docker login ghcr.io -u <username>"
 echo
 echo -e "${BLUE}Fix segmentation faults when building arm64 images:${NC}"
-echo "    docker run --rm --privileged multiarch/qemu-user-static --reset -p yes"
+echo "    docker buildx rm mybuilder && docker run --rm --privileged tonistiigi/binfmt --install all"
 echo

docker/elk/elasticsearch/Dockerfile

@@ -1,6 +1,6 @@
 FROM ubuntu:24.04
 ENV DEBIAN_FRONTEND noninteractive
-ENV ES_VER=8.18.1
+ENV ES_VER=8.18.2
 #
 # Include dist
 COPY dist/ /root/dist/

docker/elk/kibana/Dockerfile

@@ -1,5 +1,5 @@
 FROM node:20.18.2-alpine3.20
-ENV KB_VER=8.18.1
+ENV KB_VER=8.18.2
 #
 # Include dist
 COPY dist/ /root/dist/

docker/elk/logstash/Dockerfile

@@ -1,6 +1,6 @@
 FROM ubuntu:24.04
 ENV DEBIAN_FRONTEND=noninteractive
-ENV LS_VER=8.18.1
+ENV LS_VER=8.18.2
 #
 # Include dist
 COPY dist/ /root/dist/

docker/elk/map/Dockerfile

@@ -14,7 +14,7 @@ RUN apk --no-cache -U upgrade && \
 # Install from GitHub and setup
     mkdir -p /opt && \
     cd /opt/ && \
-    git clone https://github.com/t3chn0m4g3/t-pot-attack-map -b 2.2.6 && \
+    git clone https://github.com/t3chn0m4g3/t-pot-attack-map -b 2.2.7 && \
     cd t-pot-attack-map && \
     pip3 install --break-system-packages --upgrade pip && \
     pip3 install --break-system-packages -r requirements.txt && \

docker/sentrypeer/Dockerfile

@@ -1,5 +1,8 @@
 FROM alpine:edge
 #
+# Include dist
+COPY dist/ /root/dist/
+#
 # Install packages
 RUN apk -U upgrade --no-cache && \
 	apk -U add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing \
@@ -8,7 +11,9 @@ RUN apk -U upgrade --no-cache && \
 # Setup user, groups and configs
     mkdir -p /var/log/sentrypeer && \
     addgroup -g 2000 sentrypeer && \
-    adduser -S -H -s /bin/ash -u 2000 -D -g 2000 sentrypeer && \
+    adduser -S -s /bin/ash -u 2000 -D -g 2000 sentrypeer && \
+    mkdir -p /home/sentrypeer/.config/sentrypeer && \
+    cp /root/dist/default-config.toml /home/sentrypeer/.config/sentrypeer && \
     chown -R sentrypeer:sentrypeer /usr/bin/sentrypeer && \
 #
 # Clean up
@@ -18,4 +23,5 @@ RUN apk -U upgrade --no-cache && \
 # Set workdir and start sentrypeer
 STOPSIGNAL SIGKILL
 USER sentrypeer:sentrypeer
+WORKDIR /var/log/sentrypeer/
 CMD /usr/bin/sentrypeer -jar -f /var/log/sentrypeer/sentrypeer.db -l /var/log/sentrypeer/sentrypeer.json

docker/sentrypeer/dist/default-config.toml

@@ -0,0 +1,3 @@
+cert = "cert.pem"
+key = "key.pem"
+tls_listen_address = "0.0.0.0:5061"

docker/sentrypeer/docker-compose.yml

@@ -22,7 +22,7 @@ services:
      - "5060:5060/udp"
      - "5060:5060/tcp"
 #     - "127.0.0.1:8082:8082"
-    image: "dtagdevsec/sentrypeer:24.04"
+    image: "ghcr.io/telekom-security/sentrypeer:testing"
     read_only: true
     volumes:
      - $HOME/tpotce/data/sentrypeer/log:/var/log/sentrypeer

install.sh

@@ -1,5 +1,67 @@
 #!/usr/bin/env bash
 
+
+print_help() {
+  echo "Usage: $0 [-s y|n] [-t h|s|l|i|m|t] -u <webuser name> -p <password for web user>"
+  echo "  -s: yes or no (optional)"
+  echo "  -t: h (host),s (sensor), l (llm), i(mini),m(mobile),t(tarpit) (optional)"
+  echo "  -u: web username (optional)"
+  echo "  -p: password for web user (optional)"
+  exit 1
+}
+
+validate_s() {
+  if [[ -n "$myQST" ]]; then
+    if [[ "$myQST" =~ ^[yYnN]$ ]]; then
+      return 1 # Valid
+    else
+      print_help
+    fi
+  else
+    print_help
+  fi
+
+}
+
+validate_t() {
+  if [[ -n "$myTPOT_TYPE" ]]; then
+    if [[ "$myTPOT_TYPE" =~ ^[hslimtHSLIMT]$ ]]; then
+      return 1 # Valid
+    else
+      print_help
+    fi
+  else
+    print_help
+  fi
+
+}
+
+while getopts ":s:t:u:p:" opt; do
+  case "$opt" in
+  s)
+    myQST="${OPTARG}"
+    validate_s
+    ;;
+  t)
+    myTPOT_TYPE="${OPTARG}"
+    validate_t
+    ;;
+  u)
+    export myWEB_USER="${OPTARG}"
+    ;;
+  p)
+    export myWEB_PW="${OPTARG}"
+    ;;
+  :)
+    echo "Option -${OPTARG} requires an argument."
+    print_help
+    exit 1
+    ;;
+  \?)
+    print_help
+    ;;
+  esac
+done
 myINSTALL_NOTIFICATION="### Now installing required packages ..."
 myUSER=$(whoami)
 myTPOT_CONF_FILE="/home/${myUSER}/tpotce/.env"
@@ -43,12 +105,13 @@ echo "$myINSTALLER"
 echo
 echo
 echo "### This script will now install T-Pot and all of its dependencies."
-while [ "${myQST}" != "y" ] && [ "${myQST}" != "n" ];
+if [[ -z "$myQST" ]]; then
-  do
+  while [ "${myQST}" != "y" ] && [ "${myQST}" != "n" ]; do
     echo
     read -p "### Install? (y/n) " myQST
     echo
   done
+fi
 if [ "${myQST}" = "n" ];
   then
     echo
@@ -183,7 +246,10 @@ echo "###            Feed data endlessly to attackers, bots and scanners."
 echo "###            Also runs a Denial of Service Honeypot (ddospot)."
 echo
 while true; do
-  read -p "### Install Type? (h/s/l/i/m/t) " myTPOT_TYPE
+  if [[ -z "$myTPOT_TYPE" ]]; then
+    read -p "### Install Type? (h/s/l/i/m/t) " myTPOT_TYPE
+  fi  
+  
   case "${myTPOT_TYPE}" in
     h|H)
       echo
@@ -234,75 +300,71 @@ done
 if [ "${myTPOT_TYPE}" == "HIVE" ];
   # If T-Pot Type is HIVE ask for WebUI username and password
   then
-	# Preparing web user for T-Pot
+  # Preparing web user for T-Pot
-	echo
+  echo
-	echo "### T-Pot User Configuration ..."
+  echo "### T-Pot User Configuration ..."
-	echo
+  echo
-	# Asking for web user name
+  # Asking for web user name
-	myWEB_USER=""
+  if [[ -z "$myWEB_USER" ]]; then
-	while [ 1 != 2 ];
+    myWEB_USER=""
-	  do
+    while [ 1 != 2 ]; do
-	    myOK=""
+      myOK=""
-	    read -rp "### Enter your web user name: " myWEB_USER
+      read -rp "### Enter your web user name: " myWEB_USER
-	    myWEB_USER=$(echo $myWEB_USER | tr -cd "[:alnum:]_.-")
+      myWEB_USER=$(echo $myWEB_USER | tr -cd "[:alnum:]_.-")
-	    echo "### Your username is: ${myWEB_USER}"
+      echo "### Your username is: ${myWEB_USER}"
-	    while [[ ! "${myOK}" =~ [YyNn] ]];
+      while [[ ! "${myOK}" =~ [YyNn] ]]; do    
-	      do
+        read -rp "### Is this correct? (y/n) " myOK
-	        read -rp "### Is this correct? (y/n) " myOK
+      done
-	      done
+      if [[ "${myOK}" =~ [Yy] ]] && [ "$myWEB_USER" != "" ]; then
-	    if [[ "${myOK}" =~ [Yy] ]] && [ "$myWEB_USER" != "" ];
+        break
-	      then
+      else
-	        break
+        echo
-	      else
+      fi
-	        echo
+    done
-	    fi
+  fi
-	  done
 
-	# Asking for web user password
+  # Asking for web user password
-	myWEB_PW="pass1"
+  if [[ -z "$myWEB_PW" ]]; then
-	myWEB_PW2="pass2"
+    myWEB_PW="pass1"
-	mySECURE=0
+    myWEB_PW2="pass2"
-	myOK=""
+    mySECURE=0
-	while [ "${myWEB_PW}" != "${myWEB_PW2}"  ] && [ "${mySECURE}" == "0" ]
+    myOK=""
-	  do
+    while [ "${myWEB_PW}" != "${myWEB_PW2}" ] && [ "${mySECURE}" == "0" ]; do
-	    echo
+      echo
-	    while [ "${myWEB_PW}" == "pass1"  ] || [ "${myWEB_PW}" == "" ]
+      while [ "${myWEB_PW}" == "pass1" ] || [ "${myWEB_PW}" == "" ]; do
-	      do
+        read -rsp "### Enter password for your web user: " myWEB_PW
-	        read -rsp "### Enter password for your web user: " myWEB_PW
+        echo
-	        echo
+      done
-	      done
+      read -rsp "### Repeat password you your web user: " myWEB_PW2
-	    read -rsp "### Repeat password you your web user: " myWEB_PW2
+      echo
-	    echo
+      if [ "${myWEB_PW}" != "${myWEB_PW2}" ]; then
-	    if [ "${myWEB_PW}" != "${myWEB_PW2}" ];
+        echo "### Passwords do not match."
-	      then
+        myWEB_PW="pass1"
-	        echo "### Passwords do not match."
+        myWEB_PW2="pass2"
-	        myWEB_PW="pass1"
+      fi
-	        myWEB_PW2="pass2"
+      mySECURE=$(printf "%s" "$myWEB_PW" | /usr/sbin/cracklib-check | grep -c "OK")
-	    fi
+      if [ "$mySECURE" == "0" ] && [ "$myWEB_PW" == "$myWEB_PW2" ]; then
-	    mySECURE=$(printf "%s" "$myWEB_PW" | /usr/sbin/cracklib-check | grep -c "OK")
+        while [[ ! "${myOK}" =~ [YyNn] ]]; do
-	    if [ "$mySECURE" == "0" ] && [ "$myWEB_PW" == "$myWEB_PW2" ];
+          read -rp "### Keep insecure password? (y/n) " myOK
-	      then
+        done
-	        while [[ ! "${myOK}" =~ [YyNn] ]];
+        if [[ "${myOK}" =~ [Nn] ]] || [ "$myWEB_PW" == "" ]; then
-	          do
+          myWEB_PW="pass1"
-	            read -rp "### Keep insecure password? (y/n) " myOK
+          myWEB_PW2="pass2"
-	          done
+          mySECURE=0
-	        if [[ "${myOK}" =~ [Nn] ]] || [ "$myWEB_PW" == "" ];
+          myOK=""
-	          then
+        fi
-	            myWEB_PW="pass1"
+      fi
-	            myWEB_PW2="pass2"
+    done
-	            mySECURE=0
+  fi
-	            myOK=""
-	        fi
-	    fi
-	done
 
-	# Write username and password to T-Pot config file
+
-	echo "### Creating base64 encoded htpasswd username and password for T-Pot config file: ${myTPOT_CONF_FILE}"
+  # Write username and password to T-Pot config file
-	myWEB_USER_ENC=$(htpasswd -b -n "${myWEB_USER}" "${myWEB_PW}")
+  echo "### Creating base64 encoded htpasswd username and password for T-Pot config file: ${myTPOT_CONF_FILE}"
+  myWEB_USER_ENC=$(htpasswd -b -n "${myWEB_USER}" "${myWEB_PW}")
     myWEB_USER_ENC_B64=$(echo -n "${myWEB_USER_ENC}" | base64 -w0)
     
-	echo
+  echo
-	sed -i "s|^WEB_USER=.*|WEB_USER=${myWEB_USER_ENC_B64}|" ${myTPOT_CONF_FILE}
+  sed -i "s|^WEB_USER=.*|WEB_USER=${myWEB_USER_ENC_B64}|" ${myTPOT_CONF_FILE}
 fi
 
 # Pull docker images