zeus 3 years ago
parent
commit
b6ef3ff0ce
  1. 71
      install/usr/share/swarmlab.io/sec/swarmlab-sec

71
install/usr/share/swarmlab.io/sec/swarmlab-sec

@ -40,7 +40,8 @@ IMAGE_local="microservice-volatilitywindows"
HYBRID_NETWORK="microservice-volatilitywindows" HYBRID_NETWORK="microservice-volatilitywindows"
# dont edit # dont edit
#IMAGE_origin="hub.swarmlab.io:5480/hybrid-numpy:latest" #IMAGE_origin="hub.swarmlab.io:5480/hybrid-numpy:latest"
IMAGE_origin="hub.swarmlab.io:5480/hybrid-volatility" #IMAGE_origin="hub.swarmlab.io:5480/hybrid-volatility"
IMAGE_origin="alpine:3.11"
bootstrap="sec_bootstrap" bootstrap="sec_bootstrap"
hostnames="auto_update_hosts" hostnames="auto_update_hosts"
hostnames_get="get_hosts" hostnames_get="get_hosts"
@ -141,14 +142,38 @@ if [ -d "$Wdir/project" ]; then
cat << EOF > $Wdir/Dockerfile cat << EOF > $Wdir/Dockerfile
FROM $IMAGE_origin AS builder FROM $IMAGE_origin AS builder
# #
ARG DEF_USERNAME=root ARG DEF_USERNAME=root
USER \${DEF_USERNAME} USER \${DEF_USERNAME}
WORKDIR /tmp/build/ WORKDIR /tmp/build/
# Fetch the symbols from the Volatility 3 framework RUN apk add --no-cache --virtual .build \
bash \
coreutils \
findutils \
net-tools \
tcpdump \
nmap \
bind-tools \
gawk \
git \
curl \
gcc \
git \
musl-dev \
python3-dev \
unzip
RUN git clone --recursive https://github.com/VirusTotal/yara-python && \
cd yara-python && \
python3 setup.py build
RUN curl -fL https://downloads.volatilityfoundation.org/volatility3/symbols/windows.zip -o windows.zip && \ RUN curl -fL https://downloads.volatilityfoundation.org/volatility3/symbols/windows.zip -o windows.zip && \
unzip windows.zip unzip windows.zip
RUN apk --purge del \
.build
FROM $IMAGE_origin FROM $IMAGE_origin
ARG DEF_USERNAME=root ARG DEF_USERNAME=root
@ -164,7 +189,6 @@ USER \${DEF_USERNAME}
WORKDIR \${DEF_INSTALL_PREFIX}/lib WORKDIR \${DEF_INSTALL_PREFIX}/lib
# Install system dependencies
RUN apk add --no-cache \ RUN apk add --no-cache \
python3 && \ python3 && \
apk add --no-cache --virtual .build \ apk add --no-cache --virtual .build \
@ -175,7 +199,6 @@ COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/yara-
RUN find . -type d -exec chmod 755 {} \; && \ RUN find . -type d -exec chmod 755 {} \; && \
find . -type f -exec chmod 644 {} \; find . -type f -exec chmod 644 {} \;
# Install the Volatility 3 framework
RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ RUN git clone https://github.com/volatilityfoundation/volatility3.git && \
cd volatility3 && \ cd volatility3 && \
python3 setup.py install && \ python3 setup.py install && \
@ -183,15 +206,11 @@ RUN git clone https://github.com/volatilityfoundation/volatility3.git && \
WORKDIR \${DEF_INSTALL_PREFIX}/lib/yara-python WORKDIR \${DEF_INSTALL_PREFIX}/lib/yara-python
# Install the Python bindings for YARA
RUN python3 setup.py install RUN python3 setup.py install
WORKDIR \${DEF_INSTALL_PREFIX}/lib/volatility3/volatility/symbols/ WORKDIR \${DEF_INSTALL_PREFIX}/lib/volatility3/volatility/symbols/
#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/linux linux
#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/mac mac
COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/windows windows COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/windows windows
RUN find . -type d -exec chmod 755 {} \; && \ RUN find . -type d -exec chmod 755 {} \; && \
find . -type f -exec chmod 644 {} \; find . -type f -exec chmod 644 {} \;
@ -214,6 +233,7 @@ RUN apk update && apk add --no-cache \
musl-dev \ musl-dev \
unzip unzip
USER root USER root
COPY $bootstrap /usr/bin COPY $bootstrap /usr/bin
@ -243,7 +263,7 @@ RUN apk update && apk add --no-cache \
&& chmod -R 600 \${SSHDIR}/* \ && chmod -R 600 \${SSHDIR}/* \
&& chown -R \${USER1}:\${USER1} \${SSHDIR} && chown -R \${USER1}:\${USER1} \${SSHDIR}
WORKDIR /home/docker/project WORKDIR /
COPY .vimrc /home/docker COPY .vimrc /home/docker
EXPOSE 3787 EXPOSE 3787
USER docker USER docker
@ -303,12 +323,34 @@ ARG DEF_USERNAME=root
USER \${DEF_USERNAME} USER \${DEF_USERNAME}
WORKDIR /tmp/build/ WORKDIR /tmp/build/
# Fetch the symbols from the Volatility 3 framework RUN apk add --no-cache --virtual .build \
bash \
coreutils \
findutils \
net-tools \
tcpdump \
nmap \
bind-tools \
gawk \
git \
curl \
gcc \
git \
musl-dev \
python3-dev \
unzip
RUN git clone --recursive https://github.com/VirusTotal/yara-python && \
cd yara-python && \
python3 setup.py build
RUN curl -fL https://downloads.volatilityfoundation.org/volatility3/symbols/windows.zip -o windows.zip && \ RUN curl -fL https://downloads.volatilityfoundation.org/volatility3/symbols/windows.zip -o windows.zip && \
unzip windows.zip unzip windows.zip
FROM $IMAGE_origin RUN apk --purge del \
.build
FROM $IMAGE_origin
ARG DEF_USERNAME=root ARG DEF_USERNAME=root
ARG DEF_INSTALL_PREFIX=/usr ARG DEF_INSTALL_PREFIX=/usr
@ -323,7 +365,6 @@ USER \${DEF_USERNAME}
WORKDIR \${DEF_INSTALL_PREFIX}/lib WORKDIR \${DEF_INSTALL_PREFIX}/lib
# Install system dependencies
RUN apk add --no-cache \ RUN apk add --no-cache \
python3 && \ python3 && \
apk add --no-cache --virtual .build \ apk add --no-cache --virtual .build \
@ -334,7 +375,6 @@ COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/yara-
RUN find . -type d -exec chmod 755 {} \; && \ RUN find . -type d -exec chmod 755 {} \; && \
find . -type f -exec chmod 644 {} \; find . -type f -exec chmod 644 {} \;
# Install the Volatility 3 framework
RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ RUN git clone https://github.com/volatilityfoundation/volatility3.git && \
cd volatility3 && \ cd volatility3 && \
python3 setup.py install && \ python3 setup.py install && \
@ -342,15 +382,11 @@ RUN git clone https://github.com/volatilityfoundation/volatility3.git && \
WORKDIR \${DEF_INSTALL_PREFIX}/lib/yara-python WORKDIR \${DEF_INSTALL_PREFIX}/lib/yara-python
# Install the Python bindings for YARA
RUN python3 setup.py install RUN python3 setup.py install
WORKDIR \${DEF_INSTALL_PREFIX}/lib/volatility3/volatility/symbols/ WORKDIR \${DEF_INSTALL_PREFIX}/lib/volatility3/volatility/symbols/
#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/linux linux
#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/mac mac
COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/windows windows COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/windows windows
RUN find . -type d -exec chmod 755 {} \; && \ RUN find . -type d -exec chmod 755 {} \; && \
find . -type f -exec chmod 644 {} \; find . -type f -exec chmod 644 {} \;
@ -372,6 +408,7 @@ RUN apk update && apk add --no-cache \
git \ git \
musl-dev \ musl-dev \
unzip unzip
USER root USER root
COPY $bootstrap /usr/bin COPY $bootstrap /usr/bin
COPY $hostnames_get /usr/bin COPY $hostnames_get /usr/bin

Loading…
Cancel
Save