New guineapig node and some refactoring.

uleroboticsgroup · Jun 12, 2024 · b157ee8 · b157ee8
1 parent 4964f28
commit b157ee8
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 8 deletions.
diff --git a/Dockerfile.kali-port-scan → Dockerfile.attacker b/Dockerfile.kali-port-scan → Dockerfile.attacker
@@ -1,12 +1,12 @@
 # Attacker 
 FROM kalilinux/kali-last-release:latest
 
-ENV DEFAULT_NETWORK=172.17.0.0/16
-
 # Install nmap package
 RUN apt-get update && \
     apt-get install -y \
-    nmap
+    nmap \
+    # hydra \
+    # slowloris
 
 # Run the nmap scan against vulnerable nodes
-CMD nmap -p0- -v -A -T4 ${DEFAULT_NETWORK}
+#CMD nmap -p0- -v -A -T4 ${DEFAULT_NETWORK}
diff --git a/Dockerfile.dorothea b/Dockerfile.dorothea
@@ -36,13 +36,17 @@ ENV PMACCT_CONFIG=/dorothea/dorothea-pmacctd.conf
 # Copy the built files from the build stage to the final stage
 COPY --from=build /usr/local/ /usr/local
 
+# Copy pmacct default config
+COPY ./entrypoint.sh /entrypoint.sh
+
 # Copy pmacct default config
 COPY ./dorothea-pmacctd.conf /dorothea/dorothea-pmacctd.conf
 
 # Install libpcap0.8 package required by pmacct
 RUN apt-get update && \
     apt-get install -y \
-    libpcap0.8 && \
+    libpcap0.8 \
+    gawk && \
     apt-get clean -y && \
     rm -rf /var/lib/apt/lists/*
 

diff --git a/Dockerfile.guineapig b/Dockerfile.guineapig
@@ -0,0 +1,21 @@
+# Attacker 
+FROM nginx:bookworm
+
+# Install nmap package
+RUN apt-get update && \
+    apt-get install -y \
+    openssh-server \
+    sudo \
+    && rm -rf /var/lib/apt/lists/*
+
+# Create SSH directory
+RUN mkdir /var/run/sshd
+
+# Create a user for SSH access
+RUN useradd -m -s /bin/bash dorothea && echo 'dorothea:somepass' | chpasswd && adduser dorothea sudo
+
+# Expose the SSH port
+EXPOSE 22
+
+# Start the SSH service
+CMD ["/usr/sbin/sshd", "-D"]
diff --git a/docker-compose.port-scan.yml → docker-compose.example.yml b/docker-compose.port-scan.yml → docker-compose.example.yml
@@ -11,22 +11,33 @@ services:
 
   # YOUR ACTIONS: Remove the example service below and add your own
   guinea-pig:
-    image: vulnerables/web-dvwa:latest
+    build:
+      context: .
+      dockerfile: Dockerfile.guineapig
     network_mode: "bridge"
     ports:
       - "80:80"
     healthcheck:
-      test: ["CMD-SHELL", "ls /var/log/apache2/other_vhosts_access.log || exit 1"]
+      test: ["CMD-SHELL", "service ssh status || exit 1"]
       interval: 10s
       timeout: 5s
       retries: 5
+    deploy:
+      resources:
+        limits:
+          cpus: '1.0'     # Limit to 1.0 CPUs
+          memory: 1024M    # Limit to 1024 MB of RAM
+        reservations:
+          cpus: '0.25'    # Reserve 0.5 CPUs
+          memory: 512M    # Reserve 512 MB of RAM
 
   attacker:
     build:
         context: .
-        dockerfile: Dockerfile.kali-port-scan
+        dockerfile: Dockerfile.attacker
     network_mode: "bridge"
     depends_on:
       guinea-pig:
         condition: service_healthy
+    command: ["nmap", "-p0-", "-v", "-A", "-T4", "172.17.0.0/16"]