andrew.rioux/sparse
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

build: actually added firewalls to test container

Browse Source 
One of the more interesting selling points about this project is that it
works through local system firewalls on Linux (iptables, nf_tables)

This commit makes the testing environments in the docker containers
actually have to go up against a firewall, one which has a default
incoming and outgoing policy of drop
This commit is contained in:
Andrew Rioux 2023-05-01 07:31:22 -04:00
parent 1165d687ff
commit be5772fa23
3 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docker-compose.yml
View File

@ -1,10 +1,13 @@
version: '3.8' version: '3.8'
services: services:
examples_bindshell_target: examples_bindshell_target:
image: ubuntu:20.04 build:
context: examples/secure-image
dockerfile: Dockerfile
volumes: volumes:
- ./target:/backdoor - ./target:/backdoor
command: /backdoor/release/ex-bind-shell-backdoor command: /backdoor/release/ex-bind-shell-backdoor
privileged: true
examples_bindshell_client: examples_bindshell_client:
image: alpine image: alpine

22
examples/secure-image/Dockerfile Normal file
View File

@ -0,0 +1,22 @@
# Copyright (C) 2023 Andrew Rioux
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
FROM ubuntu:20.04
COPY ./setup.sh /container-init.sh
RUN apt update && apt install -y iptables && chmod +x /container-init.sh
ENTRYPOINT ["/container-init.sh"]

20
examples/secure-image/setup.sh Executable file
View File

@ -0,0 +1,20 @@
#!/bin/sh
# Copyright (C) 2023 Andrew Rioux
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
iptables -P INPUT DROP
iptables -P OUTPUT DROP
exec "$@"