Merge pull request #261 from nre-learning/hackathon-lessons-poc

Prototyping new Images for Security Content

CHANGELOG.md

@@ -5,6 +5,7 @@
 - Added Cumulus PTR demo [#253](https://github.com/nre-learning/nrelabs-curriculum/pull/253)
 - Updated collection in BASH lesson file to 9 (PacketPushers) [#258](https://github.com/nre-learning/nrelabs-curriculum/pull/258)
 - Disable caching for all image builds [#260](https://github.com/nre-learning/nrelabs-curriculum/pull/260)
+- New Images and PoC Lessons for NXTWORK 2019 Hackathon [#261](https://github.com/nre-learning/nrelabs-curriculum/pull/261)
 
 ## v1.0.0 - August 08, 2019
 

images/kali/Dockerfile

@@ -0,0 +1,42 @@
+FROM kalilinux/kali-linux-docker
+
+RUN apt-get update && apt-get install -y openssh-server \
+    zlib1g-dev libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential
+
+# python \
+#     python-pip dnsutils iputils-ping git vim curl util-linux sshpass nano jq sudo
+RUN mkdir /var/run/sshd
+
+# Antidote user
+RUN mkdir -p /home/antidote
+RUN useradd antidote -p antidotepassword
+RUN chown antidote:antidote /home/antidote
+RUN chsh antidote --shell=/bin/bash
+RUN echo 'antidote:antidotepassword' | chpasswd
+RUN echo 'root:$(uuidgen)' | chpasswd
+
+# Adjust MOTD
+RUN rm -f /etc/update-motd.d/*
+RUN rm -f /etc/legal
+ADD motd.sh /etc/update-motd.d/00-antidote-motd
+
+# Disable root Login
+RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin no/' /etc/ssh/sshd_config
+RUN sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
+
+# SSH login fix. Otherwise user is kicked off after login
+RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+# Disable su for everyone not in the wheel group (no one is in the wheel group)
+RUN echo "auth required pam_wheel.so use_uid" >> /etc/pam.d/su
+
+#ENV NOTVISIBLE "in users profile"
+RUN echo "export VISIBLE=now" >> /etc/profile
+
+RUN gem install wpscan
+
+RUN wpscan --update
+RUN su - antidote -c "wpscan --update"
+
+EXPOSE 22
+CMD ["/usr/sbin/sshd", "-D"]

images/kali/Makefile

@@ -0,0 +1,9 @@
+# SHELL=/bin/bash
+
+TARGET_VERSION ?= latest
+
+all: docker
+
+docker:
+	docker build --pull --no-cache -t antidotelabs/kali:$(TARGET_VERSION) .
+	docker push antidotelabs/kali:$(TARGET_VERSION)

images/kali/motd.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+printf "\n"
+printf " ###############################################################\n"
+printf " #                     WELCOME TO KALI                         #\n"
+printf " # Documentation: https://antidoteproject.readthedocs.io       #\n"
+printf " ###############################################################\n"

images/webserver/000-default.conf

@@ -0,0 +1,33 @@
+<VirtualHost *:8080>
+	# The ServerName directive sets the request scheme, hostname and port that
+	# the server uses to identify itself. This is used when creating
+	# redirection URLs. In the context of virtual hosts, the ServerName
+	# specifies what hostname must appear in the request's Host: header to
+	# match this virtual host. For the default virtual host (this file) this
+	# value is not decisive as it is used as a last resort host regardless.
+	# However, you must set it for any further virtual host explicitly.
+	#ServerName www.example.com
+
+	ServerAdmin webmaster@localhost
+	DocumentRoot /var/www/html
+    Alias "/${SYRINGE_FULL_REF}" "/var/www/html"
+	ProxyPreserveHost On
+
+	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+	# error, crit, alert, emerg.
+	# It is also possible to configure the loglevel for particular
+	# modules, e.g.
+	#LogLevel info ssl:warn
+
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+	# For most configuration files from conf-available/, which are
+	# enabled or disabled at a global level, it is possible to
+	# include a line for only one particular virtual host. For example the
+	# following line enables the CGI configuration for this host only
+	# after it has been globally disabled with "a2disconf".
+	#Include conf-available/serve-cgi-bin.conf
+</VirtualHost>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

images/webserver/Dockerfile

@@ -0,0 +1,25 @@
+FROM ubuntu:16.04
+
+RUN apt-get update && apt-get install -y vim less curl wget apache2
+
+# Configure Apache
+ADD 000-default.conf /etc/apache2/sites-enabled/000-default.conf
+ADD ports.conf /etc/apache2/ports.conf
+
+RUN a2enmod proxy
+RUN a2enmod proxy_http
+RUN a2enmod rewrite
+
+# RUN cd /var/www/html \
+#     && chown -R www-data:www-data /var/www/html
+
+# Antidote user
+# RUN mkdir -p /home/antidote
+# RUN useradd antidote -p antidotepassword
+# RUN chown antidote:antidote /home/antidote
+# RUN chsh antidote --shell=/bin/bash
+# RUN echo 'antidote:antidotepassword' | chpasswd
+# USER antidote
+# WORKDIR /home/antidote
+
+CMD ["/usr/sbin/apache2ctl", "-DFOREGROUND"]

images/webserver/Makefile

@@ -0,0 +1,9 @@
+# SHELL=/bin/bash
+
+TARGET_VERSION ?= latest
+
+all: docker
+
+docker:
+	docker build --pull --no-cache -t antidotelabs/webserver:$(TARGET_VERSION) .
+	docker push antidotelabs/webserver:$(TARGET_VERSION)

images/webserver/ports.conf

@@ -0,0 +1,13 @@
+# If you just change the port or add more ports here, you will likely also
+# have to change the VirtualHost statement in
+# /etc/apache2/sites-enabled/000-default.conf
+
+Listen 8080
+
+<IfModule ssl_module>
+	Listen 8443
+</IfModule>
+
+<IfModule mod_gnutls.c>
+	Listen 8443
+</IfModule>

images/wordpress/000-default.conf

@@ -0,0 +1,33 @@
+<VirtualHost *:8080>
+	# The ServerName directive sets the request scheme, hostname and port that
+	# the server uses to identify itself. This is used when creating
+	# redirection URLs. In the context of virtual hosts, the ServerName
+	# specifies what hostname must appear in the request's Host: header to
+	# match this virtual host. For the default virtual host (this file) this
+	# value is not decisive as it is used as a last resort host regardless.
+	# However, you must set it for any further virtual host explicitly.
+	#ServerName www.example.com
+
+	ServerAdmin webmaster@localhost
+	DocumentRoot /var/www/html
+    # Alias "/${SYRINGE_FULL_REF}" "/var/www/html"
+	ProxyPreserveHost On
+
+	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+	# error, crit, alert, emerg.
+	# It is also possible to configure the loglevel for particular
+	# modules, e.g.
+	#LogLevel info ssl:warn
+
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+	# For most configuration files from conf-available/, which are
+	# enabled or disabled at a global level, it is possible to
+	# include a line for only one particular virtual host. For example the
+	# following line enables the CGI configuration for this host only
+	# after it has been globally disabled with "a2disconf".
+	#Include conf-available/serve-cgi-bin.conf
+</VirtualHost>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

images/wordpress/Dockerfile

@@ -0,0 +1,42 @@
+FROM ubuntu:16.04
+
+RUN apt-get update && apt-get install -y vim less curl wget apache2 php7.0 libapache2-mod-php7.0 php7.0-mysql \
+    php7.0-curl php7.0-mbstring php7.0-gd php7.0-xml php7.0-xmlrpc php7.0-intl php7.0-soap php7.0-zip
+
+# Install MySQL Server in a Non-Interactive mode. Default root password will be "juniper2019"
+RUN echo "mysql-server-5.7 mysql-server/root_password password juniper2019" | debconf-set-selections
+RUN echo "mysql-server-5.7 mysql-server/root_password_again password juniper2019" | debconf-set-selections
+RUN apt-get -y install mysql-server-5.7
+
+# Configure Apache
+ADD 000-default.conf /etc/apache2/sites-enabled/000-default.conf
+ADD ports.conf /etc/apache2/ports.conf
+
+RUN cd /var/www/html \
+    && wget -c https://wordpress.org/latest.tar.gz \
+    && tar -xzvf latest.tar.gz \
+    && chown -R www-data:www-data /var/www/html \
+    && rm -rf /var/www/html/latest.tar.gz \
+    && mv wordpress/* . \
+    && rm -rf wordpress/ \
+    rm index.html
+
+ADD wp-config.php /var/www/html/wp-config.php
+ADD functions.php /var/www/html/wp-content/themes/twentynineteen
+
+# https://wp-cli.org/
+RUN curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \
+    && chmod +x wp-cli.phar \
+    && mv wp-cli.phar /usr/local/bin/wp
+
+# Antidote user
+# RUN mkdir -p /home/antidote
+# RUN useradd antidote -p antidotepassword
+# RUN chown antidote:antidote /home/antidote
+# RUN chsh antidote --shell=/bin/bash
+# RUN echo 'antidote:antidotepassword' | chpasswd
+# USER antidote
+# WORKDIR /home/antidote
+
+ADD start-wp.sh /home/antidote/start-wp.sh
+CMD ["/home/antidote/start-wp.sh"]

images/wordpress/Makefile

@@ -0,0 +1,9 @@
+# SHELL=/bin/bash
+
+TARGET_VERSION ?= latest
+
+all: docker
+
+docker:
+	docker build --pull --no-cache -t antidotelabs/wordpress:$(TARGET_VERSION) .
+	docker push antidotelabs/wordpress:$(TARGET_VERSION)