From 3f5efeb516fcb6e096b894772711fb3678076122 Mon Sep 17 00:00:00 2001
From: Alexander Rymdeko-Harvey <alexander.rymdeko-harvey@am.sony>
Date: Tue, 19 Dec 2017 23:03:16 -0500
Subject: [PATCH] docker

---
 .build.sh      |  5 ++++-
 Dockerfile     | 54 ++++++++++++++++++++++++++------------------------
 empire         | 23 ++++++++++++---------
 setup/reset.sh |  9 ++++++---
 4 files changed, 52 insertions(+), 39 deletions(-)
 mode change 100644 => 100755 .build.sh

diff --git a/.build.sh b/.build.sh
old mode 100644
new mode 100755
index 4eccd12..2520f30
--- a/.build.sh
+++ b/.build.sh
@@ -5,4 +5,7 @@ set -ex
 USERNAME=empireproject
 # image name
 IMAGE=empire
-docker build -t $USERNAME/$IMAGE:latest .
+# version
+VERSION="$(curl -s https://raw.githubusercontent.com/EmpireProject/Empire/master/lib/common/empire.py | grep "VERSION =" | cut -d '"' -f2)"
+
+docker build --build-arg empireversion="$VERSION" -t $USERNAME/$IMAGE:latest .
diff --git a/Dockerfile b/Dockerfile
index a68300b..1b5a0e5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -21,40 +21,42 @@
 # image base
 FROM ubuntu:16.04
 
-# author
-MAINTAINER Killswitch-GUI
+# pull from BUILD
+ARG empirversion
 
 # extra metadata
-LABEL version="1.0"
+LABEL maintainer="EmpireProject"
 LABEL description="Dockerfile base for Empire server."
+LABEL version=${empirversion}
 
-# expose ports for Empire C2 listerners
-# EXPOSE 80,443
+# env setup
+ENV STAGING_KEY=RANDOM
+ENV DEBIAN_FRONTEND=noninteractive
 
-# update repo sources
-RUN apt-get clean
-RUN apt-get update
+# set the def shell for ENV
+SHELL ["/bin/bash", "-c"]
 
-# build depends
-RUN apt-get install -qy apt-utils
-RUN apt-get install -qy git
-RUN apt-get install -qy wget
-RUN apt-get install -qy curl
-RUN apt-get install -qy sudo
-RUN apt-get install -qy lsb-core
-RUN apt-get install -qy python2.7
-RUN apt-get install -qy python-pip
+# install basic build items
+RUN apt-get update && apt-get install -qy \
+    wget \
+    curl \
+    git \
+    sudo \
+    apt-utils \
+    lsb-core \
+    python2.7 \
+    python-pip
 
 # cleanup image
-RUN apt-get -qy autoremove
+RUN apt-get -qy clean \
+    autoremove
 
-# build empire
-RUN git clone https://github.com/EmpireProject/Empire.git /opt/Empire
-ENV STAGING_KEY=RANDOM
-RUN cd /opt/Empire/setup/ && ./install.sh
+# build empire from source
+RUN git clone https://github.com/EmpireProject/Empire.git /opt/Empire && \
+    cd /opt/Empire/setup/ && \
+    ./install.sh && \
+    rm -rf /opt/Empire/data/empire*
 
+WORKDIR "/opt/Empire"
+ENTRYPOINT ["./empire"]
 # -----END OF BUILD-----
-
-
-
-
diff --git a/empire b/empire
index 93b0ce9..9e166df 100755
--- a/empire
+++ b/empire
@@ -1,6 +1,6 @@
 #!/usr/bin/env python
 
-import sqlite3, argparse, sys, argparse, logging, json, string
+import sqlite3, argparse, sys, argparse, logging, json, string, subprocess
 import os, re, time, signal, copy, base64, pickle, random
 from flask import Flask, request, jsonify, make_response, abort, url_for
 from time import localtime, strftime, sleep
@@ -640,7 +640,7 @@ def start_restful_api(empireMenu, suppress=False, username=None, password=None,
 
         for activeListener in activeListenersRaw:
             [ID, name, module, listener_type, listener_category, options] = activeListener
-            listeners.append({'ID':ID, 'name':name, 'module':module, 'listener_type':listener_type, 'listener_category':listener_category, 'options':pickle.loads(activeListener[5]) })  
+            listeners.append({'ID':ID, 'name':name, 'module':module, 'listener_type':listener_type, 'listener_category':listener_category, 'options':pickle.loads(activeListener[5]) })
 
 
         return jsonify({'listeners' : listeners})
@@ -715,7 +715,7 @@ def start_restful_api(empireMenu, suppress=False, username=None, password=None,
             returnVal = main.listeners.set_listener_option(listener_type, option, values)
             if not returnVal:
                  return make_response(jsonify({'error': 'error setting listener value %s with option %s' %(option, values)}), 400)
-        
+
         main.listeners.start_listener(listener_type, listenerObject)
 
         #check to see if the listener was created
@@ -848,7 +848,7 @@ def start_restful_api(empireMenu, suppress=False, username=None, password=None,
             agentNameIDs = execute_db_query(conn, "SELECT name, session_id FROM agents WHERE name like '%' OR session_id like '%'")
         else:
             agentNameIDs = execute_db_query(conn, 'SELECT name, session_id FROM agents WHERE name like ? OR session_id like ?', [agent_name, agent_name])
-        
+
         for agentNameID in agentNameIDs:
             [agentName, agentSessionID] = agentNameID
 
@@ -856,7 +856,7 @@ def start_restful_api(empireMenu, suppress=False, username=None, password=None,
 
             if agentResults and agentResults[0] and agentResults[0] != '':
                 agentTaskResults.append({"AgentName":agentSessionID, "AgentResults":agentResults[0]})
-              
+
         return jsonify({'results': agentTaskResults})
 
 
@@ -877,7 +877,7 @@ def start_restful_api(empireMenu, suppress=False, username=None, password=None,
         for agentNameID in agentNameIDs:
             (agentName, agentSessionID) = agentNameID
 
-            
+
             execute_db_query(conn, 'UPDATE agents SET results=? WHERE session_id=?', ['', agentSessionID])
 
         return jsonify({'success': True})
@@ -1326,6 +1326,11 @@ if __name__ == '__main__':
 
     args = parser.parse_args()
 
+    if os.path.exists('/.dockerenv')
+        if not os.path.exists('data/empire.db')
+            print '[*] Fresh start in docker, running reset.sh for you'
+            subprocess.call(['./setup/reset.sh']
+
     if not args.restport:
         args.restport = '1337'
     else:
@@ -1338,7 +1343,7 @@ if __name__ == '__main__':
          # start an Empire instance and RESTful API
         main = empire.MainMenu(args=args)
         def thread_api(empireMenu):
-            
+
             try:
                 start_restful_api(empireMenu=empireMenu, suppress=False, username=args.username, password=args.password, port=args.restport)
             except SystemExit as e:
@@ -1353,12 +1358,12 @@ if __name__ == '__main__':
     elif args.headless:
         # start an Empire instance and RESTful API and suppress output
         main = empire.MainMenu(args=args)
-        
+
         try:
             start_restful_api(empireMenu=main, suppress=True, username=args.username, password=args.password, port=args.restport)
         except SystemExit as e:
             pass
-                
+
     else:
         # normal execution
         main = empire.MainMenu(args=args)
diff --git a/setup/reset.sh b/setup/reset.sh
index cc1e936..5032e15 100755
--- a/setup/reset.sh
+++ b/setup/reset.sh
@@ -33,6 +33,9 @@ then
 	rm -rf ./downloads/
 fi
 
-# start up Empire
-# ./empire --debug 2
-./empire
+# start up Empire if not in docker otherwise return
+if [ -f /.dockerenv ]; then
+    echo " [*] Empire reset complete returning back to Docker"
+else
+    ./empire
+fi