ChrisTruncer
GitHub
commit
fca2cbad29
|
|
@ -11,7 +11,6 @@ from pyftpdlib.authorizers import DummyAuthorizer
|
||||||
from pyftpdlib.handlers import FTPHandler
|
from pyftpdlib.handlers import FTPHandler
|
||||||
from pyftpdlib.servers import FTPServer
|
from pyftpdlib.servers import FTPServer
|
||||||
|
|
||||||
|
|
||||||
class Server:
|
class Server:
|
||||||
|
|
||||||
def __init__(self, cli_object):
|
def __init__(self, cli_object):
|
||||||
|
|
@ -23,6 +22,10 @@ class Server:
|
||||||
self.port = int(cli_object.server_port)
|
self.port = int(cli_object.server_port)
|
||||||
else:
|
else:
|
||||||
self.port = 21
|
self.port = 21
|
||||||
|
if cli_object.ip:
|
||||||
|
self.ip = cli_object.ip
|
||||||
|
else:
|
||||||
|
self.ip = None
|
||||||
|
|
||||||
def serve(self):
|
def serve(self):
|
||||||
# current directory
|
# current directory
|
||||||
|
|
@ -45,6 +48,9 @@ class Server:
|
||||||
|
|
||||||
# Define a customized banner (string returned when client connects)
|
# Define a customized banner (string returned when client connects)
|
||||||
handler.banner = "Connecting to Egress-Assess's FTP server!"
|
handler.banner = "Connecting to Egress-Assess's FTP server!"
|
||||||
|
#Define public address and passive ports making NAT configurations more predictable
|
||||||
|
handler.masquerade_address = self.ip
|
||||||
|
handler.passive_ports = range(60000, 60100)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
server = FTPServer(('', self.port), handler)
|
server = FTPServer(('', self.port), handler)
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,26 @@
|
||||||
|
#All client protocols work with Docker Image. Server Protocols FTP and ICMP are not currently functional.
|
||||||
|
#Build this docker file with the following command
|
||||||
|
#$cd ./setup
|
||||||
|
#$docker build -t egressassess .
|
||||||
|
#You can also just pull it from Docker hub
|
||||||
|
#docker pull piesecurity/egress-assess
|
||||||
|
FROM ubuntu
|
||||||
|
MAINTAINER piesecurity <admin@pie-secure.org>
|
||||||
|
RUN apt-get update && \
|
||||||
|
#python-pip is just too big, but I don't think it is required right now
|
||||||
|
apt-get install tcpdump git wget -y && \
|
||||||
|
git clone https://github.com/ChrisTruncer/Egress-Assess.git
|
||||||
|
ADD setup-docker.sh /Egress-Assess/setup/setup-docker.sh
|
||||||
|
RUN chmod +x /Egress-Assess/setup/setup-docker.sh
|
||||||
|
RUN bash -c "cd /Egress-Assess && ./setup/setup-docker.sh"
|
||||||
|
EXPOSE 80 443 53/udp 25 21 20 445
|
||||||
|
ENTRYPOINT bash -c "cd /Egress-Assess && ./Egress-Assess.py --list-servers && ./Egress-Assess.py -h && bash"
|
||||||
|
#Example Client Execution
|
||||||
|
#docker run -it piesecurity/egress-assess
|
||||||
|
#Example Server Execution- This requires all of the port mappings and location of your loots folder
|
||||||
|
#Slight changes in port incase these are already in use
|
||||||
|
#loots can be any local folder you want
|
||||||
|
#docker run -it -p 25:25 -p 20-21:20-21 -p 60000-60100:60000-60100 -p 80:80 -p 445:445 -p 53:53/udp -p 444:443 -p 23:22 -v /home/ubuntu/loots:/Egress-Assess/data/ piesecurity/egress-assess
|
||||||
|
#Special note for running the ICMP Server in Docker: Add the below iptables rule after the docker container is running
|
||||||
|
#iptables -t nat -A PREROUTING -p ICMP -i <internet_interface> -j DNAT --to-destination <dockerContainerIP>
|
||||||
|
#You can find the <dockerContainerIP> through the docker inpsect command, or just look at the rest of your iptables rules under the DOCKER chain
|
||||||
|
|
@ -0,0 +1,39 @@
|
||||||
|
#Customize the certificate below if you wish. Otherwise this file is good to go.
|
||||||
|
#See ./setup/Dockerfile for instructions to build a docker image
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
clear
|
||||||
|
echo "[*] Installing Egress-Assess Dependencies..."
|
||||||
|
apt-get install -y smbclient
|
||||||
|
echo "[*] Installing scapy"
|
||||||
|
apt-get install -y python-scapy
|
||||||
|
echo "[*] Installing paramiko"
|
||||||
|
apt-get install -y python-paramiko python-crypto
|
||||||
|
echo "[*] Installing ecdsa"
|
||||||
|
pip install ecdsa
|
||||||
|
echo "[*] Installing pyasn1"
|
||||||
|
apt-get install -y python-pyasn1
|
||||||
|
echo "[*] Installing dnspython"
|
||||||
|
apt-get install -y python-dnspython
|
||||||
|
echo "[*] Installing impacket"
|
||||||
|
wget https://pypi.python.org/packages/source/i/impacket/impacket-0.9.13.tar.gz
|
||||||
|
tar -xvf impacket-0.9.13.tar.gz
|
||||||
|
cd impacket-0.9.13
|
||||||
|
python setup.py install
|
||||||
|
cd ..
|
||||||
|
rm -rf impacket-0.9.13
|
||||||
|
echo "[*] Installing pyftpdlib..."
|
||||||
|
git clone https://github.com/giampaolo/pyftpdlib.git
|
||||||
|
cd pyftpdlib
|
||||||
|
python setup.py install
|
||||||
|
cd ..
|
||||||
|
rm -rf pyftpdlib
|
||||||
|
cd /Egress-Assess/protocols/servers/serverlibs/web
|
||||||
|
clear
|
||||||
|
echo "[*] Generating SSL Certificate"
|
||||||
|
#Change the certificate information in the below line if you wish
|
||||||
|
openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes -subj "/C=US/ST=Texas/L=Huston/O=Another Network/OU=IT Department/CN=www.change.org"
|
||||||
|
echo
|
||||||
|
echo
|
||||||
|
echo "[*] Install complete!"
|
||||||
|
echo "[*] Enjoy Egress-Assess!"
|
||||||
Loading…
Reference in New Issue