-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile
85 lines (74 loc) · 2.46 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#
# This Docker image encapsulates Thug, a low-interaction honeyclient,
# which was created by Angelo Dell'Aera and is available at
# https://github.com/buffer/thug.
#
# To run this image after installing Docker, use a command like this:
#
# sudo docker run --rm -it remnux/thug bash
#
# then run "thug" with the desired parameters (such as -F to enable
# file logging).
#
# To share the "logs" directory between your host and the container,
# create a "logs" directory on your host and make it world-accessible
# (e.g., "chmod a+xwr ~/logs"). Then run the tool like this:
#
# sudo docker run --rm -it -v ~/logs:/tmp/thug/logs remnux/thug bash
#
# To support distributed operations and MongoDB output, install the folloging
# packages into the image using "apt-get": mongodb, mongodb-dev, python-pymongo,
# rabbitmq-server, python-pika.
#
# This file was originally based on ideas from Spenser Reinhardt's Dockerfile
# (https://registry.hub.docker.com/u/sreinhardt/honeynet/dockerfile),
# on instructions outlined by M. Fields (@shakey_1) and
# on the installation script created by Payload Security
# (https://github.com/PayloadSecurity/VxCommunity/blob/master/bash/thuginstallation.sh)
#
FROM ubuntu:14.04
MAINTAINER Lenny Zeltser (@lennyzeltser, www.zeltser.com)
USER root
RUN apt-get update && \
apt-get install -y --no-install-recommends \
build-essential \
python-dev \
python-setuptools \
libboost-python-dev \
libboost-all-dev \
python-pip \
libxml2-dev \
libxslt-dev \
git \
libtool \
graphviz-dev \
automake \
libffi-dev \
graphviz \
libfuzzy-dev \
libjpeg8-dev \
sed \
autoconf && \
rm -rf /var/lib/apt/lists/*
RUN easy_install -U setuptools pygraphviz
WORKDIR /home
RUN git clone https://github.com/buffer/pyv8.git && \
cd pyv8 && \
python setup.py build && \
python setup.py install && \
cd .. && \
rm -rf pyv8
RUN pip install thug==0.8
RUN groupadd -r thug && \
useradd -r -g thug -d /home/thug -s /sbin/nologin -c "Thug User" thug && \
mkdir -p /home/thug /tmp/thug/logs && \
chown -R thug:thug /home/thug /tmp/thug/logs
RUN echo "/opt/libemu/lib/" > /etc/ld.so.conf.d/libemu.conf && ldconfig
RUN sed -i "/^\[mongodb\]$/,/^\[/s/^enable:.*/enable: True/" /etc/thug/logging.conf.default
RUN sed -i '/^\[mongodb\]$/,/^\[/s=^host:.*=host: mongodb://localhost:27017=' /etc/thug/logging.conf.default
USER thug
ENV HOME /home/thug
ENV USER thug
WORKDIR /home/thug
VOLUME ["/tmp/thug/logs"]
CMD ["thug"]