diff --git a/protocols/servers/ftp_server.py b/protocols/servers/ftp_server.py index ccd558a..65aedc7 100644 --- a/protocols/servers/ftp_server.py +++ b/protocols/servers/ftp_server.py @@ -11,7 +11,6 @@ from pyftpdlib.authorizers import DummyAuthorizer from pyftpdlib.handlers import FTPHandler from pyftpdlib.servers import FTPServer - class Server: def __init__(self, cli_object): @@ -23,6 +22,10 @@ class Server: self.port = int(cli_object.server_port) else: self.port = 21 + if cli_object.ip: + self.ip = cli_object.ip + else: + self.ip = None def serve(self): # current directory @@ -45,6 +48,9 @@ class Server: # Define a customized banner (string returned when client connects) handler.banner = "Connecting to Egress-Assess's FTP server!" + #Define public address and passive ports making NAT configurations more predictable + handler.masquerade_address = self.ip + handler.passive_ports = range(60000, 60100) try: server = FTPServer(('', self.port), handler) diff --git a/setup/Dockerfile b/setup/Dockerfile new file mode 100644 index 0000000..6770587 --- /dev/null +++ b/setup/Dockerfile @@ -0,0 +1,26 @@ +#All client protocols work with Docker Image. Server Protocols FTP and ICMP are not currently functional. +#Build this docker file with the following command +#$cd ./setup +#$docker build -t egressassess . +#You can also just pull it from Docker hub +#docker pull piesecurity/egress-assess +FROM ubuntu +MAINTAINER piesecurity +RUN apt-get update && \ +#python-pip is just too big, but I don't think it is required right now +apt-get install tcpdump git wget -y && \ +git clone https://github.com/ChrisTruncer/Egress-Assess.git +ADD setup-docker.sh /Egress-Assess/setup/setup-docker.sh +RUN chmod +x /Egress-Assess/setup/setup-docker.sh +RUN bash -c "cd /Egress-Assess && ./setup/setup-docker.sh" +EXPOSE 80 443 53/udp 25 21 20 445 +ENTRYPOINT bash -c "cd /Egress-Assess && ./Egress-Assess.py --list-servers && ./Egress-Assess.py -h && bash" +#Example Client Execution +#docker run -it piesecurity/egress-assess +#Example Server Execution- This requires all of the port mappings and location of your loots folder +#Slight changes in port incase these are already in use +#loots can be any local folder you want +#docker run -it -p 25:25 -p 20-21:20-21 -p 60000-60100:60000-60100 -p 80:80 -p 445:445 -p 53:53/udp -p 444:443 -p 23:22 -v /home/ubuntu/loots:/Egress-Assess/data/ piesecurity/egress-assess +#Special note for running the ICMP Server in Docker: Add the below iptables rule after the docker container is running +#iptables -t nat -A PREROUTING -p ICMP -i -j DNAT --to-destination +#You can find the through the docker inpsect command, or just look at the rest of your iptables rules under the DOCKER chain diff --git a/setup/setup-docker.sh b/setup/setup-docker.sh new file mode 100644 index 0000000..c0f0909 --- /dev/null +++ b/setup/setup-docker.sh @@ -0,0 +1,39 @@ +#Customize the certificate below if you wish. Otherwise this file is good to go. +#See ./setup/Dockerfile for instructions to build a docker image +#!/bin/bash + +clear +echo "[*] Installing Egress-Assess Dependencies..." +apt-get install -y smbclient +echo "[*] Installing scapy" +apt-get install -y python-scapy +echo "[*] Installing paramiko" +apt-get install -y python-paramiko python-crypto +echo "[*] Installing ecdsa" +pip install ecdsa +echo "[*] Installing pyasn1" +apt-get install -y python-pyasn1 +echo "[*] Installing dnspython" +apt-get install -y python-dnspython +echo "[*] Installing impacket" +wget https://pypi.python.org/packages/source/i/impacket/impacket-0.9.13.tar.gz +tar -xvf impacket-0.9.13.tar.gz +cd impacket-0.9.13 +python setup.py install +cd .. +rm -rf impacket-0.9.13 +echo "[*] Installing pyftpdlib..." +git clone https://github.com/giampaolo/pyftpdlib.git +cd pyftpdlib +python setup.py install +cd .. +rm -rf pyftpdlib +cd /Egress-Assess/protocols/servers/serverlibs/web +clear +echo "[*] Generating SSL Certificate" +#Change the certificate information in the below line if you wish +openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes -subj "/C=US/ST=Texas/L=Huston/O=Another Network/OU=IT Department/CN=www.change.org" +echo +echo +echo "[*] Install complete!" +echo "[*] Enjoy Egress-Assess!"