From b6ef3ff0ce868c1c14e168486a4a5d688f4a78f7 Mon Sep 17 00:00:00 2001 From: zeus Date: Thu, 23 Dec 2021 17:26:01 +0200 Subject: [PATCH] add --- .../usr/share/swarmlab.io/sec/swarmlab-sec | 75 ++++++++++++++----- 1 file changed, 56 insertions(+), 19 deletions(-) diff --git a/install/usr/share/swarmlab.io/sec/swarmlab-sec b/install/usr/share/swarmlab.io/sec/swarmlab-sec index 0fe5926..a1f3c88 100755 --- a/install/usr/share/swarmlab.io/sec/swarmlab-sec +++ b/install/usr/share/swarmlab.io/sec/swarmlab-sec @@ -40,7 +40,8 @@ IMAGE_local="microservice-volatilitywindows" HYBRID_NETWORK="microservice-volatilitywindows" # dont edit #IMAGE_origin="hub.swarmlab.io:5480/hybrid-numpy:latest" -IMAGE_origin="hub.swarmlab.io:5480/hybrid-volatility" +#IMAGE_origin="hub.swarmlab.io:5480/hybrid-volatility" +IMAGE_origin="alpine:3.11" bootstrap="sec_bootstrap" hostnames="auto_update_hosts" hostnames_get="get_hosts" @@ -141,14 +142,38 @@ if [ -d "$Wdir/project" ]; then cat << EOF > $Wdir/Dockerfile FROM $IMAGE_origin AS builder # + ARG DEF_USERNAME=root USER \${DEF_USERNAME} WORKDIR /tmp/build/ -# Fetch the symbols from the Volatility 3 framework +RUN apk add --no-cache --virtual .build \ + bash \ + coreutils \ + findutils \ + net-tools \ + tcpdump \ + nmap \ + bind-tools \ + gawk \ + git \ + curl \ + gcc \ + git \ + musl-dev \ + python3-dev \ + unzip + +RUN git clone --recursive https://github.com/VirusTotal/yara-python && \ + cd yara-python && \ + python3 setup.py build + RUN curl -fL https://downloads.volatilityfoundation.org/volatility3/symbols/windows.zip -o windows.zip && \ unzip windows.zip +RUN apk --purge del \ + .build + FROM $IMAGE_origin ARG DEF_USERNAME=root @@ -164,7 +189,6 @@ USER \${DEF_USERNAME} WORKDIR \${DEF_INSTALL_PREFIX}/lib -# Install system dependencies RUN apk add --no-cache \ python3 && \ apk add --no-cache --virtual .build \ @@ -175,7 +199,6 @@ COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/yara- RUN find . -type d -exec chmod 755 {} \; && \ find . -type f -exec chmod 644 {} \; -# Install the Volatility 3 framework RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ cd volatility3 && \ python3 setup.py install && \ @@ -183,15 +206,11 @@ RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ WORKDIR \${DEF_INSTALL_PREFIX}/lib/yara-python -# Install the Python bindings for YARA RUN python3 setup.py install WORKDIR \${DEF_INSTALL_PREFIX}/lib/volatility3/volatility/symbols/ -#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/linux linux -#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/mac mac COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/windows windows - RUN find . -type d -exec chmod 755 {} \; && \ find . -type f -exec chmod 644 {} \; @@ -212,7 +231,8 @@ RUN apk update && apk add --no-cache \ gcc \ git \ musl-dev \ - unzip + unzip + USER root @@ -243,7 +263,7 @@ RUN apk update && apk add --no-cache \ && chmod -R 600 \${SSHDIR}/* \ && chown -R \${USER1}:\${USER1} \${SSHDIR} - WORKDIR /home/docker/project + WORKDIR / COPY .vimrc /home/docker EXPOSE 3787 USER docker @@ -303,12 +323,34 @@ ARG DEF_USERNAME=root USER \${DEF_USERNAME} WORKDIR /tmp/build/ -# Fetch the symbols from the Volatility 3 framework +RUN apk add --no-cache --virtual .build \ + bash \ + coreutils \ + findutils \ + net-tools \ + tcpdump \ + nmap \ + bind-tools \ + gawk \ + git \ + curl \ + gcc \ + git \ + musl-dev \ + python3-dev \ + unzip + +RUN git clone --recursive https://github.com/VirusTotal/yara-python && \ + cd yara-python && \ + python3 setup.py build + RUN curl -fL https://downloads.volatilityfoundation.org/volatility3/symbols/windows.zip -o windows.zip && \ unzip windows.zip -FROM $IMAGE_origin +RUN apk --purge del \ + .build +FROM $IMAGE_origin ARG DEF_USERNAME=root ARG DEF_INSTALL_PREFIX=/usr @@ -323,7 +365,6 @@ USER \${DEF_USERNAME} WORKDIR \${DEF_INSTALL_PREFIX}/lib -# Install system dependencies RUN apk add --no-cache \ python3 && \ apk add --no-cache --virtual .build \ @@ -334,7 +375,6 @@ COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/yara- RUN find . -type d -exec chmod 755 {} \; && \ find . -type f -exec chmod 644 {} \; -# Install the Volatility 3 framework RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ cd volatility3 && \ python3 setup.py install && \ @@ -342,15 +382,11 @@ RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ WORKDIR \${DEF_INSTALL_PREFIX}/lib/yara-python -# Install the Python bindings for YARA RUN python3 setup.py install WORKDIR \${DEF_INSTALL_PREFIX}/lib/volatility3/volatility/symbols/ -#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/linux linux -#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/mac mac COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/windows windows - RUN find . -type d -exec chmod 755 {} \; && \ find . -type f -exec chmod 644 {} \; @@ -371,7 +407,8 @@ RUN apk update && apk add --no-cache \ gcc \ git \ musl-dev \ - unzip + unzip + USER root COPY $bootstrap /usr/bin COPY $hostnames_get /usr/bin