From 19740bef7f3fc27ab6a2f7a997ca640c68e6a710 Mon Sep 17 00:00:00 2001
From: Oleksii Shevchuk
Date: Fri, 10 Mar 2017 18:08:38 +0200
Subject: [PATCH] Rework dockerfile
---
pupy/.dockerignore | 1 +
pupy/Dockerfile | 9 +++----
pupy/conf/.bashrc | 13 ++++++----
pupy/conf/pupyenv.sh | 56 ++++++++++++++++++++++++++++----------------
4 files changed, 51 insertions(+), 28 deletions(-)
diff --git a/pupy/.dockerignore b/pupy/.dockerignore
index f2b7522a..75ae8727 100644
--- a/pupy/.dockerignore
+++ b/pupy/.dockerignore
@@ -7,5 +7,6 @@ Dockerfile
crypto
data
external/winpty
+external/scapy
*/__pycache__*
packages/src/*
diff --git a/pupy/Dockerfile b/pupy/Dockerfile
index b6d1e103..778d739e 100644
--- a/pupy/Dockerfile
+++ b/pupy/Dockerfile
@@ -13,8 +13,8 @@ RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' >>/etc/apt/sou
RUN echo 'en_US.UTF-8 UTF-8' >/etc/locale.gen; locale-gen; echo 'LC_ALL=en_US.UTF-8' >/etc/default/locale
RUN python -m pip install --upgrade setuptools wheel pip
RUN useradd -m -d /home/pupy -s /bin/bash pupy
-RUN mkdir -p /var/run/sshd /home/pupy/.config/pupy /home/pupy/projects/default /home/pupy/.ssh
-RUN ln -sf /home/pupy/projects/keys/authorized_keys /home/pupy/.ssh/authorized_keys
+RUN mkdir -p /var/run/sshd /home/pupy/.config/pupy /home/pupy/.ssh /projects
+RUN ln -sf /projects/keys/authorized_keys /home/pupy/.ssh/authorized_keys
COPY requirements.txt /tmp/requirements.txt
RUN pip install -r /tmp/requirements.txt --no-binary :all:
@@ -26,7 +26,7 @@ COPY conf/.bashrc /home/pupy/.bashrc.pupy
RUN echo 'source /home/pupy/.bashrc.pupy' >> /home/pupy/.bashrc
COPY . /opt/pupy
-RUN cd /opt/pupy && python -OO -m compileall
+RUN cd /opt/pupy && python -O -m compileall -qf && python -OO -m compileall -qf
ADD https://github.com/gentilkiwi/mimikatz/releases/download/2.1.0-20170305/mimikatz_trunk.zip \
/opt/mimikatz/mimikatz.zip
@@ -39,6 +39,7 @@ ENV LANG en_US.UTF-8
ENV LC_ALL en_US.UTF-8
EXPOSE 22 53 9999 53/udp
-VOLUME /home/pupy/projects
+VOLUME [ "/projects" ]
ENTRYPOINT [ "/opt/pupy/conf/pupyenv.sh" ]
+CMD [ "default" ]
diff --git a/pupy/conf/.bashrc b/pupy/conf/.bashrc
index ea2612cd..fc7b3201 100644
--- a/pupy/conf/.bashrc
+++ b/pupy/conf/.bashrc
@@ -4,14 +4,19 @@ alias pupysh=/opt/pupy/pupysh.py
alias pupygen=/opt/pupy/pupygen.py
alias gen=/opt/pupy/pupygen.py
+project=default
+
+if [ -f /home/pupy/.project ]; then
+ project=`cat /home/pupy/.project`
+fi
+
case $- in *i*)
if [ -z "$TMUX" ]; then
- echo "Starting tmux.."
- echo -ne "\033]0;[ PUPY ]\007"
+ echo -ne "\033]0;[ PUPY:${project} ]\007"
( tmux -2 attach || tmux -2 new-session \
- -c '/home/pupy/projects/default' \
+ -c "/projects/${project}" \
-s pupy \
- -n 'default' /opt/pupy/pupysh.py )
+ -n "${project}" /opt/pupy/pupysh.py )
[ $? -eq 0 ] && exit 0
fi
esac
diff --git a/pupy/conf/pupyenv.sh b/pupy/conf/pupyenv.sh
index 1b31f5ca..23eabbcd 100755
--- a/pupy/conf/pupyenv.sh
+++ b/pupy/conf/pupyenv.sh
@@ -1,43 +1,59 @@
#!/bin/sh
-mkdir -p /home/pupy/projects/keys
-mkdir -p /home/pupy/projects/hostkeys
+mkdir -p /projects/keys
+mkdir -p /projects/hostkeys
-chown root /home/pupy/projects/hostkeys
-chmod 700 /home/pupy/projects/hostkeys
+chown root /projects/hostkeys
+chmod 700 /projects/hostkeys
-chown pupy /home/pupy/projects/keys
-chmod 700 /home/pupy/projects/keys
+chown pupy /projects/keys
+chmod 700 /projects/keys
-if [ ! -f /home/pupy/projects/hostkeys/ssh_host_rsa_key ]; then
- ssh-keygen -f /home/pupy/projects/hostkeys/ssh_host_rsa_key -N '' -t rsa
+if [ ! -f /projects/hostkeys/ssh_host_rsa_key ]; then
+ ssh-keygen -f /projects/hostkeys/ssh_host_rsa_key -N '' -t rsa
fi
-if [ ! -f /home/pupy/projects/hostkeys/ssh_host_dsa_key ]; then
- ssh-keygen -f /home/pupy/projects/hostkeys/ssh_host_dsa_key -N '' -t dsa
+if [ ! -f /projects/hostkeys/ssh_host_dsa_key ]; then
+ ssh-keygen -f /projects/hostkeys/ssh_host_dsa_key -N '' -t dsa
fi
-if [ ! -f /home/pupy/projects/hostkeys/ssh_host_ecdsa_key ]; then
- ssh-keygen -f /home/pupy/projects/hostkeys/ssh_host_ecdsa_key -N '' -t ecdsa
+if [ ! -f /projects/hostkeys/ssh_host_ecdsa_key ]; then
+ ssh-keygen -f /projects/hostkeys/ssh_host_ecdsa_key -N '' -t ecdsa
fi
-if [ ! -f /home/pupy/projects/hostkeys/ssh_host_ed25519_key ]; then
- ssh-keygen -f /home/pupy/projects/hostkeys/ssh_host_ed25519_key -N '' -t ed25519
+if [ ! -f /projects/hostkeys/ssh_host_ed25519_key ]; then
+ ssh-keygen -f /projects/hostkeys/ssh_host_ed25519_key -N '' -t ed25519
fi
-for k in /home/pupy/projects/hostkeys/*; do
+for k in /projects/hostkeys/*; do
cp -af $k /etc/ssh/
done
-if [ ! -d "/home/pupy/projects/$1" ]; then
- mkdir -p "/home/pupy/projects/$1"
- chown pupy "/home/pupy/projects/$1"
+if [ ! -d "/projects/$1" ]; then
+ mkdir -p "/projects/$1"
+ chown pupy "/projects/$1"
fi
+echo "$1" >/home/pupy/.project
+
cd /opt/pupy
-python -m compileall
+python -m compileall -q >/dev/null
-echo 'Copy your authorized_keys here!' >/home/pupy/projects/keys/README
+echo 'Copy your authorized_keys here!' >/projects/keys/README
+
+cat >>/projects/README <<__EOF__
+SSH user: pupy
+Port: 22
+
+cp ~/.ssh/authorized_keys /projects/keys/authorized_keys
+
+Example:
+
+mkdir /tmp/projects/keys
+cp ~/.ssh/authorized_keys /projects/keys/authorized_keys
+docker run -D -p 2022:22 -p 9999:9999 -v /tmp/projects:/projects pupy:latest
+ssh -p 2022 pupy@127.0.0.1
+__EOF__
/usr/sbin/sshd -D