|
|
@ -40,7 +40,8 @@ IMAGE_local="microservice-volatilitywindows" |
|
|
|
HYBRID_NETWORK="microservice-volatilitywindows" |
|
|
|
# dont edit |
|
|
|
#IMAGE_origin="hub.swarmlab.io:5480/hybrid-numpy:latest" |
|
|
|
IMAGE_origin="hub.swarmlab.io:5480/hybrid-volatility" |
|
|
|
#IMAGE_origin="hub.swarmlab.io:5480/hybrid-volatility" |
|
|
|
IMAGE_origin="alpine:3.11" |
|
|
|
bootstrap="sec_bootstrap" |
|
|
|
hostnames="auto_update_hosts" |
|
|
|
hostnames_get="get_hosts" |
|
|
@ -141,14 +142,38 @@ if [ -d "$Wdir/project" ]; then |
|
|
|
cat << EOF > $Wdir/Dockerfile |
|
|
|
FROM $IMAGE_origin AS builder |
|
|
|
# |
|
|
|
|
|
|
|
ARG DEF_USERNAME=root |
|
|
|
USER \${DEF_USERNAME} |
|
|
|
WORKDIR /tmp/build/ |
|
|
|
|
|
|
|
# Fetch the symbols from the Volatility 3 framework |
|
|
|
RUN apk add --no-cache --virtual .build \ |
|
|
|
bash \ |
|
|
|
coreutils \ |
|
|
|
findutils \ |
|
|
|
net-tools \ |
|
|
|
tcpdump \ |
|
|
|
nmap \ |
|
|
|
bind-tools \ |
|
|
|
gawk \ |
|
|
|
git \ |
|
|
|
curl \ |
|
|
|
gcc \ |
|
|
|
git \ |
|
|
|
musl-dev \ |
|
|
|
python3-dev \ |
|
|
|
unzip |
|
|
|
|
|
|
|
RUN git clone --recursive https://github.com/VirusTotal/yara-python && \ |
|
|
|
cd yara-python && \ |
|
|
|
python3 setup.py build |
|
|
|
|
|
|
|
RUN curl -fL https://downloads.volatilityfoundation.org/volatility3/symbols/windows.zip -o windows.zip && \ |
|
|
|
unzip windows.zip |
|
|
|
|
|
|
|
RUN apk --purge del \ |
|
|
|
.build |
|
|
|
|
|
|
|
FROM $IMAGE_origin |
|
|
|
|
|
|
|
ARG DEF_USERNAME=root |
|
|
@ -164,7 +189,6 @@ USER \${DEF_USERNAME} |
|
|
|
|
|
|
|
WORKDIR \${DEF_INSTALL_PREFIX}/lib |
|
|
|
|
|
|
|
# Install system dependencies |
|
|
|
RUN apk add --no-cache \ |
|
|
|
python3 && \ |
|
|
|
apk add --no-cache --virtual .build \ |
|
|
@ -175,7 +199,6 @@ COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/yara- |
|
|
|
RUN find . -type d -exec chmod 755 {} \; && \ |
|
|
|
find . -type f -exec chmod 644 {} \; |
|
|
|
|
|
|
|
# Install the Volatility 3 framework |
|
|
|
RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ |
|
|
|
cd volatility3 && \ |
|
|
|
python3 setup.py install && \ |
|
|
@ -183,15 +206,11 @@ RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ |
|
|
|
|
|
|
|
WORKDIR \${DEF_INSTALL_PREFIX}/lib/yara-python |
|
|
|
|
|
|
|
# Install the Python bindings for YARA |
|
|
|
RUN python3 setup.py install |
|
|
|
|
|
|
|
WORKDIR \${DEF_INSTALL_PREFIX}/lib/volatility3/volatility/symbols/ |
|
|
|
|
|
|
|
#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/linux linux |
|
|
|
#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/mac mac |
|
|
|
COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/windows windows |
|
|
|
|
|
|
|
RUN find . -type d -exec chmod 755 {} \; && \ |
|
|
|
find . -type f -exec chmod 644 {} \; |
|
|
|
|
|
|
@ -214,6 +233,7 @@ RUN apk update && apk add --no-cache \ |
|
|
|
musl-dev \ |
|
|
|
unzip |
|
|
|
|
|
|
|
|
|
|
|
USER root |
|
|
|
|
|
|
|
COPY $bootstrap /usr/bin |
|
|
@ -243,7 +263,7 @@ RUN apk update && apk add --no-cache \ |
|
|
|
&& chmod -R 600 \${SSHDIR}/* \ |
|
|
|
&& chown -R \${USER1}:\${USER1} \${SSHDIR} |
|
|
|
|
|
|
|
WORKDIR /home/docker/project |
|
|
|
WORKDIR / |
|
|
|
COPY .vimrc /home/docker |
|
|
|
EXPOSE 3787 |
|
|
|
USER docker |
|
|
@ -303,12 +323,34 @@ ARG DEF_USERNAME=root |
|
|
|
USER \${DEF_USERNAME} |
|
|
|
WORKDIR /tmp/build/ |
|
|
|
|
|
|
|
# Fetch the symbols from the Volatility 3 framework |
|
|
|
RUN apk add --no-cache --virtual .build \ |
|
|
|
bash \ |
|
|
|
coreutils \ |
|
|
|
findutils \ |
|
|
|
net-tools \ |
|
|
|
tcpdump \ |
|
|
|
nmap \ |
|
|
|
bind-tools \ |
|
|
|
gawk \ |
|
|
|
git \ |
|
|
|
curl \ |
|
|
|
gcc \ |
|
|
|
git \ |
|
|
|
musl-dev \ |
|
|
|
python3-dev \ |
|
|
|
unzip |
|
|
|
|
|
|
|
RUN git clone --recursive https://github.com/VirusTotal/yara-python && \ |
|
|
|
cd yara-python && \ |
|
|
|
python3 setup.py build |
|
|
|
|
|
|
|
RUN curl -fL https://downloads.volatilityfoundation.org/volatility3/symbols/windows.zip -o windows.zip && \ |
|
|
|
unzip windows.zip |
|
|
|
|
|
|
|
FROM $IMAGE_origin |
|
|
|
RUN apk --purge del \ |
|
|
|
.build |
|
|
|
|
|
|
|
FROM $IMAGE_origin |
|
|
|
|
|
|
|
ARG DEF_USERNAME=root |
|
|
|
ARG DEF_INSTALL_PREFIX=/usr |
|
|
@ -323,7 +365,6 @@ USER \${DEF_USERNAME} |
|
|
|
|
|
|
|
WORKDIR \${DEF_INSTALL_PREFIX}/lib |
|
|
|
|
|
|
|
# Install system dependencies |
|
|
|
RUN apk add --no-cache \ |
|
|
|
python3 && \ |
|
|
|
apk add --no-cache --virtual .build \ |
|
|
@ -334,7 +375,6 @@ COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/yara- |
|
|
|
RUN find . -type d -exec chmod 755 {} \; && \ |
|
|
|
find . -type f -exec chmod 644 {} \; |
|
|
|
|
|
|
|
# Install the Volatility 3 framework |
|
|
|
RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ |
|
|
|
cd volatility3 && \ |
|
|
|
python3 setup.py install && \ |
|
|
@ -342,15 +382,11 @@ RUN git clone https://github.com/volatilityfoundation/volatility3.git && \ |
|
|
|
|
|
|
|
WORKDIR \${DEF_INSTALL_PREFIX}/lib/yara-python |
|
|
|
|
|
|
|
# Install the Python bindings for YARA |
|
|
|
RUN python3 setup.py install |
|
|
|
|
|
|
|
WORKDIR \${DEF_INSTALL_PREFIX}/lib/volatility3/volatility/symbols/ |
|
|
|
|
|
|
|
#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/linux linux |
|
|
|
#COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/mac mac |
|
|
|
COPY --from=builder --chown="\${DEF_USERNAME}:\${DEF_USERNAME}" /tmp/build/windows windows |
|
|
|
|
|
|
|
RUN find . -type d -exec chmod 755 {} \; && \ |
|
|
|
find . -type f -exec chmod 644 {} \; |
|
|
|
|
|
|
@ -372,6 +408,7 @@ RUN apk update && apk add --no-cache \ |
|
|
|
git \ |
|
|
|
musl-dev \ |
|
|
|
unzip |
|
|
|
|
|
|
|
USER root |
|
|
|
COPY $bootstrap /usr/bin |
|
|
|
COPY $hostnames_get /usr/bin |
|
|
|