study
[Network] SynFlood 실습 Docker 사용
pwnhub
2024. 5. 5. 04:54
실습 방법은 VM과 거의 일치한다.
Dockerfile만 공유하겠다. ( 직접 만든 이미지 )
<피해자>
FROM ghcr.io/linuxserver/baseimage-kasmvnc:alpine319
# Set version label
ARG BUILD_DATE
ARG VERSION
ARG WIRESHARK_VERSION
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
LABEL maintainer="thelamer"
# Title
ENV TITLE=Wireshark
# Install packages including OpenSSH
RUN \
echo "**** add icon ****" && \
curl -o \
/kclient/public/icon.png \
https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/wireshark-icon.png && \
echo "**** install packages ****" && \
if [ -z ${WIRESHARK_VERSION+x} ]; then \
WIRESHARK_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.19/community/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
&& awk '/^P:wireshark$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://'); \
fi && \
apk add --no-cache \
libcap-utils \
wireshark==${WIRESHARK_VERSION} && \
echo "**** permissions ****" && \
setcap \
'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' \
/usr/bin/dumpcap && \
usermod -a -G wireshark abc && \
echo "**** install apache ****" && \
apk add --no-cache apache2 && \
echo "<html><body><h1>Hello ZeroPointer</h1></body></html>" > /var/www/localhost/htdocs/index.html && \
echo "**** install OpenSSH ****" && \
apk add --no-cache openssh && \
echo "root:smart" | chpasswd && \
ssh-keygen -A && \
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config && \
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
# Add local files
COPY root /
# Ports and volumes
EXPOSE 3000 80 22
VOLUME /config
# Start Apache and SSH
#CMD ["/bin/sh", "-c", "httpd -D FOREGROUND && /usr/sbin/sshd -D"]
CMD ["/bin/sh", "-c", "httpd -D FOREGROUND & /usr/sbin/sshd -D"]80번 포트에서 http web서버를 apache로 띄우고 있으며 접속 시 Hello Zeropointer가 나타난다.
3000번 포트로 접속 시 wireshark가 웹ui로 구동되고 있다.
22번 포트를 통해 ssh 접속이 가능하다.
ssh id : root
ssh pw : smart
<공격자>
FROM ubuntu:22.04
ENV TZ Asia/Seoul
ENV PYTHONIOENCODING UTF-8
ENV LC_CTYPE C.UTF-8
ARG DEBIAN_FRONTEND=noninteractive
RUN dpkg --add-architecture i386
RUN apt update && apt upgrade -y
RUN apt-get update && apt-get install -y netcat
RUN apt-get dist-upgrade
RUN apt install python3 python3-dev python3-pip -y
RUN apt install git curl wget vim zsh gdb make -y
RUN apt install libffi-dev build-essential libssl-dev libc6-i386 libc6-dbg gcc-multilib make -y
RUN apt-get install libcapstone-dev -y
RUN apt-get install libc6:i386 -y
RUN apt install ruby-full -y
RUN apt install ruby-dev -y
RUN gem install one_gadget seccomp-tools
RUN pip3 install unicorn keystone-engine pathlib2 pwntools capstone ropper ropgadget
RUN wget https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh -O - | zsh || true
RUN mkdir -p "$HOME/.zsh"
RUN git clone https://github.com/sindresorhus/pure.git "$HOME/.zsh/pure"
RUN echo "fpath+=("$HOME/.zsh/pure")\nautoload -U promptinit; promptinit\nprompt pure" >> ~/.zshrc
RUN git clone https://github.com/zsh-users/zsh-syntax-highlighting.git
RUN echo "source ./zsh-syntax-highlighting/zsh-syntax-highlighting.zsh" >> ~/.zshrc
RUN git clone https://github.com/zsh-users/zsh-autosuggestions ~/.zsh/zsh-autosuggestions
RUN echo "source ~/.zsh/zsh-autosuggestions/zsh-autosuggestions.zsh" >> ~/.zshrc
RUN echo "ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE='fg=111'" >> ~/.zshrc
RUN apt install net-tools openssh-server -y
RUN apt install -y iputils-ping hping3
WORKDIR /root
RUN git clone https://github.com/pwndbg/pwndbg
RUN chsh -s /usr/bin/zsh
# Configure and enable SSH access
RUN echo "root:smart" | chpasswd
RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
# SSH login fix. Otherwise user is kicked off after login
RUN mkdir /var/run/sshd
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]22번 포트에 ssh를 열어둔 우분투 22.04 이미지이다.
추가로 hping3를 설치해두었다.
ssh id : root
ssh pw : smart
실습방법은 VM 포스트를 참고하면 된다.