Merge pull request #46 from piesecurity/master

Dockerfile Creation

protocols/servers/ftp_server.py

@@ -11,7 +11,6 @@ from pyftpdlib.authorizers import DummyAuthorizer
 from pyftpdlib.handlers import FTPHandler
 from pyftpdlib.servers import FTPServer
 
-
 class Server:
 
     def __init__(self, cli_object):
@@ -23,6 +22,10 @@ class Server:
             self.port = int(cli_object.server_port)
         else:
             self.port = 21
+	if cli_object.ip:
+	    self.ip = cli_object.ip
+	else:
+	    self.ip = None
 
     def serve(self):
         # current directory
@@ -45,6 +48,9 @@ class Server:
 
             # Define a customized banner (string returned when client connects)
             handler.banner = "Connecting to Egress-Assess's FTP server!"
+            #Define public address and  passive ports making NAT configurations more predictable
+            handler.masquerade_address = self.ip
+            handler.passive_ports = range(60000, 60100)
 
             try:
                 server = FTPServer(('', self.port), handler)

setup/Dockerfile

@@ -0,0 +1,26 @@
+#All client protocols work with Docker Image. Server Protocols FTP and ICMP are not currently functional.
+#Build this docker file with the following command
+#$cd ./setup
+#$docker build -t egressassess .
+#You can also just pull it from Docker hub
+#docker pull piesecurity/egress-assess
+FROM ubuntu
+MAINTAINER piesecurity <admin@pie-secure.org>
+RUN apt-get update && \
+#python-pip is just too big, but I don't think it is required right now
+apt-get install tcpdump git wget -y  && \
+git clone https://github.com/ChrisTruncer/Egress-Assess.git
+ADD setup-docker.sh /Egress-Assess/setup/setup-docker.sh
+RUN chmod +x /Egress-Assess/setup/setup-docker.sh
+RUN bash -c "cd /Egress-Assess && ./setup/setup-docker.sh"
+EXPOSE 80 443 53/udp 25 21 20 445
+ENTRYPOINT bash -c "cd /Egress-Assess && ./Egress-Assess.py --list-servers && ./Egress-Assess.py -h && bash" 
+#Example Client Execution
+#docker run -it piesecurity/egress-assess
+#Example Server Execution- This requires all of the port mappings and location of your loots folder
+#Slight changes in port incase these are already in use
+#loots can be any local folder you want
+#docker run -it -p 25:25 -p 20-21:20-21 -p 60000-60100:60000-60100 -p 80:80 -p 445:445 -p 53:53/udp -p 444:443 -p 23:22 -v /home/ubuntu/loots:/Egress-Assess/data/ piesecurity/egress-assess
+#Special note for running the ICMP Server in Docker: Add the below iptables rule after the docker container is running
+#iptables -t nat -A PREROUTING -p ICMP -i <internet_interface> -j DNAT --to-destination <dockerContainerIP>
+#You can find the <dockerContainerIP> through the docker inpsect command, or just look at the rest of your iptables rules under the DOCKER chain

setup/setup-docker.sh

@@ -0,0 +1,39 @@
+#Customize the certificate below if you wish. Otherwise this file is good to go.
+#See ./setup/Dockerfile for instructions to build a docker image
+#!/bin/bash
+
+clear
+echo "[*] Installing Egress-Assess Dependencies..."
+apt-get install -y smbclient
+echo "[*] Installing scapy"
+apt-get install -y python-scapy
+echo "[*] Installing paramiko"
+apt-get install -y python-paramiko python-crypto
+echo "[*] Installing ecdsa"
+pip install ecdsa
+echo "[*] Installing pyasn1"
+apt-get install -y python-pyasn1
+echo "[*] Installing dnspython"
+apt-get install -y python-dnspython
+echo "[*] Installing impacket"
+wget https://pypi.python.org/packages/source/i/impacket/impacket-0.9.13.tar.gz
+tar -xvf impacket-0.9.13.tar.gz
+cd impacket-0.9.13
+python setup.py install
+cd ..
+rm -rf impacket-0.9.13
+echo "[*] Installing pyftpdlib..."
+git clone https://github.com/giampaolo/pyftpdlib.git
+cd pyftpdlib
+python setup.py install
+cd ..
+rm -rf pyftpdlib
+cd /Egress-Assess/protocols/servers/serverlibs/web
+clear
+echo "[*] Generating SSL Certificate"
+#Change the certificate information in the below line if you wish
+openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes -subj "/C=US/ST=Texas/L=Huston/O=Another Network/OU=IT Department/CN=www.change.org"
+echo
+echo
+echo "[*] Install complete!"
+echo "[*] Enjoy Egress-Assess!"