Hacking Book | Free Online Hacking Learning

Home

building target machine bodgeit based on docker container

Posted by harmelink at 2020-02-27
all

In addition to learning theoretical knowledge, learning safety infiltration technology needs to provide hands-on ability in combination with practice. It is a good way to build a target environment with loopholes. It can not only enhance the understanding of security loopholes from a practical point of view, but also enhance the ability to use common security tools. With the rapid development of container virtualization technology, it is widely recognized as a container technology that can save resources and improve work efficiency. Docker is an open source application container engine developed based on go language, which has formed a relatively mature ecosystem, allowing developers to package their own applications and dependency packages into a lightweight container.

Docker is very suitable for building a security testing vulnerability target for learning and experiment. In this paper, we take building a web security testing vulnerability target, bodgeit, as an example to learn how to install the docker engine, and how to create, run and stop the docker image.

1 centos7 install docker engine

Take centos7 as an example to build the docker engine.

1.1 change centos7 Yum source to Alibaba cloud source with faster speed in China

#Considering the stability of Yum source, the original source can be backed up first

$ mv CentOS-Base.repo CentOS-Base.repo.bak

#Then download Alibaba cloud Yum source configuration

$wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

#Clear local cache of Yum mechanism

$yum clean all

$yum makecache

1.2 add the latest version of Yum configuration for docker

The main used by the default Yum warehouse of docker. If you want to use the latest version, you need to set the baseurl to

https://yum.dockerproject.org/repo/main/centos/7

$cd /etc/yum.repos.d

Create a new docker.repo file in this directory

$touc docker.repo

The contents of the file are as follows:

[dockerrepo]

name=Docker Repository

baseurl=https://yum.dockerproject.org/repo/main/centos/7/

Enabled=1

Gpgcheck=1

gpgkey=https://yum.dockerproject.org/gpg

Then update the yum warehouse source

$yum update

1.3 install docker engine

$yum install –y docker-engine

Wait a few minutes for the installation to complete. The author's system has already installed the docker engine before, so the latest version has been installed

1.4 set domestic docker image warehouse address

$touch /etc/docker/daemon.json

{

"registry-mirrors":["https://registry.docker-cn.com"]

}

The official image acceleration of docker China can be accessed through http://registry.docker-cn.com. The image library only contains popular public images. Private images still need to be pulled from the US image library.

2. Docker common commands

docker pull mysql

docker version

List all local mirrors

List all containers

List last started containers

-Tselect the user name, warehouse name, and tag for the specified image generation

--RM = true specifies that the temporary container generated in the middle is deleted during image generation.

View new images

-P specifies that port 80 of the host is bound to port 8080 of the container

-D. after the specified container runs, it is separated from the current TTY and runs in the background

5207 is the first 4 bits of the ID of the image.

docker stop $(docker ps -q)

Docker stop 2882c14cefa9 (container ID)

docker rm $(docker ps -aq)

To view details of the container

8f1b89183df5 is the command to be executed for container ID / bin / Sh

-d: Separation mode: running in the background

-i: Keep stdin open even if there is no attachment - t: assign a pseudo terminal

3. Build a container target

The gadget store is an open-source penetration test platform that contains common web application vulnerabilities. The gadget store contains the following major vulnerabilities.

You need to start the docker engine first

$ service docker start

Then we need to build a bodgeitdocker image

Gadget.war can be obtained from the following address:

https://github.com/psiinon/bodgeit/releases/download/1.4.0/bodgeit.war

Dockerfile is used to create a custom image, which contains user specified software dependency and other information. Dockerfile consists of four parts: basic image information, maintainer information, image operation instructions and container execution instructions at startup. Content of dockerfile defined by Gadget:

FROM tomcat:7

MAINTAINER pez1420 [email protected]

ADD bodgeit.war /usr/local/tomcat/webapps/

CMD ["catalina.sh", "run"]

EXPOSE 1111

Build and run a vulnerability bodgeit environment:

` ` ` `

$docker build -t bodgeit/javavul:1.4.0 . --rm=true

$docker images bodgeit/javavul

$docker run - D - P 1111:8080 containerid top 4 bits

` ` ` `

The operation results of bodegit show that it is successful to build a bodegit target based on docker.