From 93fb5541bae4d0193e5c9b4cccd8a5f043acb364 Mon Sep 17 00:00:00 2001 From: magichk Date: Tue, 23 Jan 2024 17:18:42 +0100 Subject: [PATCH 1/3] Fix some errors in Dockerfile.full and persistence in docker-compose-full.yml --- Dockerfile.full | 271 ++++++++++++++++++++-------------------- docker-compose-full.yml | 23 ++-- 2 files changed, 153 insertions(+), 141 deletions(-) diff --git a/Dockerfile.full b/Dockerfile.full index 1c9bfa162d..4bfc5466d7 100644 --- a/Dockerfile.full +++ b/Dockerfile.full @@ -1,134 +1,137 @@ -# -# Spiderfoot Dockerfile (Full - includes all CLI tools, etc.) -# -# http://www.spiderfoot.net -# -# Written by: TheTechromancer -# - -FROM python:3 - -# Install tools/dependencies from apt -RUN apt-get -y update && apt-get -y install nbtscan onesixtyone nmap - -# Compile other tools from source -RUN mkdir /tools || true -WORKDIR /tools - -# Install Golang tools -RUN apt-get -y update && apt-get -y install golang -ENV GOPATH="/go" -ENV PATH="$GOPATH/bin:$PATH" -RUN mkdir -p "$GOPATH/src" "$GOPATH/bin" - -# Install Ruby tools for WhatWeb -RUN apt-get -y update && apt-get -y install ruby ruby-dev bundler -# Install WhatWeb -RUN git clone https://github.com/urbanadventurer/WhatWeb \ - && gem install rchardet mongo json && cd /tools/WhatWeb \ - && bundle install && cd /tools - -RUN groupadd spiderfoot \ - && useradd -m -g spiderfoot -d /home/spiderfoot -s /sbin/nologin \ - -c "SpiderFoot User" spiderfoot - -# Install RetireJS -RUN apt remove -y cmdtest \ - && apt remove -y yarn \ - && curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \ - && echo 'deb https://dl.yarnpkg.com/debian/ stable main' |tee /etc/apt/sources.list.d/yarn.list \ - && apt-get update \ - && apt-get install yarn -y \ - && yarn install \ - && curl -fsSL https://deb.nodesource.com/setup_17.x | bash - \ - && apt-get install -y nodejs \ - && npm install -g retire - -# Install Google Chrome the New Way (Not via apt-key) -RUN wget -qO - https://dl.google.com/linux/linux_signing_key.pub | gpg --dearmor -o /usr/share/keyrings/googlechrome-linux-keyring.gpg \ - && echo "deb [arch=amd64 signed-by=/usr/share/keyrings/googlechrome-linux-keyring.gpg] http://dl.google.com/linux/chrome/deb/ stable main" | tee /etc/apt/sources.list.d/google-chrome.list \ - && apt -y update && apt install --allow-unauthenticated -y google-chrome-stable - -# Install Wappalyzer -RUN git clone https://github.com/AliasIO/wappalyzer.git \ - && cd wappalyzer \ - && yarn install && yarn run link - -# Install Nuclei -RUN wget https://github.com/projectdiscovery/nuclei/releases/download/v2.6.5/nuclei_2.6.5_linux_amd64.zip \ - && unzip nuclei_2.6.5_linux_amd64.zip \ - && git clone https://github.com/projectdiscovery/nuclei-templates.git - -# Install testssl.sh -RUN apt-get install -y bsdmainutils dnsutils coreutils -RUN git clone https://github.com/drwetter/testssl.sh.git - -# Install Snallygaster and TruffleHog -RUN pip3 install snallygaster trufflehog - -# Place database and logs outside installation directory -ENV SPIDERFOOT_DATA /var/lib/spiderfoot -ENV SPIDERFOOT_LOGS /var/lib/spiderfoot/log -ENV SPIDERFOOT_CACHE /var/lib/spiderfoot/cache - -RUN mkdir -p $SPIDERFOOT_DATA || true \ - && mkdir -p $SPIDERFOOT_LOGS || true \ - && mkdir -p $SPIDERFOOT_CACHE || true \ - && chown spiderfoot:spiderfoot $SPIDERFOOT_DATA \ - && chown spiderfoot:spiderfoot $SPIDERFOOT_LOGS \ - && chown spiderfoot:spiderfoot $SPIDERFOOT_CACHE - -WORKDIR /home/spiderfoot -COPY . . - -ENV VIRTUAL_ENV=/opt/venv -RUN mkdir -p "$VIRTUAL_ENV" || true -ENV PATH="$VIRTUAL_ENV/bin:$PATH" -RUN python -m venv "$VIRTUAL_ENV" - -ARG REQUIREMENTS=requirements.txt -COPY "$REQUIREMENTS" requirements.txt - -RUN chown -R spiderfoot:spiderfoot /tools -RUN chown -R spiderfoot:spiderfoot "$VIRTUAL_ENV" -RUN chown -R spiderfoot:spiderfoot "/home/spiderfoot" - -USER spiderfoot - -RUN pip install -U pip -RUN pip install -r "$REQUIREMENTS" - -# Install Python tools -RUN pip install dnstwist -# CMSeeK -WORKDIR /tools -RUN git clone https://github.com/Tuhinshubhra/CMSeeK && cd CMSeeK \ - && pip install -r requirements.txt && mkdir Results - -# Install wafw00f -RUN git clone https://github.com/EnableSecurity/wafw00f \ - && cd wafw00f \ - && python3 setup.py install -WORKDIR /home/spiderfoot - -EXPOSE 5001 - -# Run the application -CMD python -c 'from spiderfoot import SpiderFootDb; \ -db = SpiderFootDb({"__database": "/var/lib/spiderfoot/spiderfoot.db"}); \ -db.configSet({ \ - "sfp_tool_dnstwist:dnstwistpath": "/opt/venv/bin/dnstwist", \ - "sfp_tool_cmseek:cmseekpath": "/tools/CMSeeK/cmseek.py", \ - "sfp_tool_whatweb:whatweb_path": "/tools/WhatWeb/whatweb", \ - "sfp_tool_wafw00f:wafw00f_path": "/opt/venv/bin/wafw00f", \ - "sfp_tool_onesixtyone:onesixtyone_path": "/usr/bin/onesixtyone", \ - "sfp_tool_retirejs:retirejs_path": "/usr/bin/retire", \ - "sfp_tool_testsslsh:testsslsh_path": "/tools/testssl.sh/testssl.sh", \ - "sfp_tool_snallygaster:snallygaster_path": "/usr/local/bin/snallygaster", \ - "sfp_tool_trufflehog:trufflehog_path": "/usr/local/bin/trufflehog", \ - "sfp_tool_nuclei:nuclei_path": "/tools/nuclei", \ - "sfp_tool_nuclei:template_path": "/tools/nuclei-templates", \ - "sfp_tool_wappalyzer:wappalyzer_path": "/tools/wappalyzer/src/drivers/npm/cli.js", \ - "sfp_tool_nbtscan:nbtscan_path": "/usr/bin/nbtscan", \ - "sfp_tool_nmap:nmappath": "DISABLED_BECAUSE_NMAP_REQUIRES_ROOT_TO_WORK" \ -})' || true && ./sf.py -l 0.0.0.0:5001 +# +# Spiderfoot Dockerfile (Full - includes all CLI tools, etc.) +# +# http://www.spiderfoot.net +# +# Written by: TheTechromancer +# + +FROM python:3.11 + +# Install tools/dependencies from apt +RUN apt-get -y update && apt-get -y install nbtscan onesixtyone nmap + +# Compile other tools from source +RUN mkdir /tools || true +WORKDIR /tools + +# Install Golang tools +RUN apt-get -y update && apt-get -y install golang npm +ENV GOPATH="/go" +ENV PATH="$GOPATH/bin:$PATH" +RUN mkdir -p "$GOPATH/src" "$GOPATH/bin" + +# Install Ruby tools for WhatWeb +RUN apt-get -y update && apt-get -y install ruby ruby-dev bundler +# Install WhatWeb +RUN git clone https://github.com/urbanadventurer/WhatWeb \ + && gem install rchardet mongo json && cd /tools/WhatWeb \ + && bundle install && cd /tools + +RUN groupadd spiderfoot \ + && useradd -m -g spiderfoot -d /home/spiderfoot -s /sbin/nologin \ + -c "SpiderFoot User" spiderfoot + +# Install RetireJS +RUN apt remove -y cmdtest \ + && apt remove -y yarn \ + && curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \ + && echo 'deb https://dl.yarnpkg.com/debian/ stable main' |tee /etc/apt/sources.list.d/yarn.list \ + && apt-get update \ + && apt-get install yarn -y \ + && yarn install \ + && curl -fsSL https://deb.nodesource.com/setup_17.x | bash - \ + && apt-get install -y nodejs npm \ + && npm install -g retire + +# Install Google Chrome the New Way (Not via apt-key) +RUN wget -qO - https://dl.google.com/linux/linux_signing_key.pub | gpg --dearmor -o /usr/share/keyrings/googlechrome-linux-keyring.gpg \ + && echo "deb [arch=amd64 signed-by=/usr/share/keyrings/googlechrome-linux-keyring.gpg] http://dl.google.com/linux/chrome/deb/ stable main" | tee /etc/apt/sources.list.d/google-chrome.list \ + && apt -y update && apt install --allow-unauthenticated -y google-chrome-stable + +# Install Wappalyzer +RUN git clone https://github.com/Lissy93/wapalyzer \ + && cd wapalyzer \ + && yarn install && yarn run lint + +# Install Nuclei +RUN wget https://github.com/projectdiscovery/nuclei/releases/download/v2.6.5/nuclei_2.6.5_linux_amd64.zip \ + && unzip nuclei_2.6.5_linux_amd64.zip \ + && git clone https://github.com/projectdiscovery/nuclei-templates.git + +# Install testssl.sh +RUN apt-get install -y bsdmainutils dnsutils coreutils +RUN git clone https://github.com/drwetter/testssl.sh.git + +# Install Snallygaster and TruffleHog +RUN pip3 install snallygaster trufflehog + +# Place database and logs outside installation directory +ENV SPIDERFOOT_DATA /var/lib/spiderfoot +ENV SPIDERFOOT_LOGS /var/lib/spiderfoot/log +ENV SPIDERFOOT_CACHE /var/lib/spiderfoot/cache + +RUN mkdir -p $SPIDERFOOT_DATA || true \ + && mkdir -p $SPIDERFOOT_LOGS || true \ + && mkdir -p $SPIDERFOOT_CACHE || true \ + && chown spiderfoot:spiderfoot $SPIDERFOOT_DATA \ + && chown spiderfoot:spiderfoot $SPIDERFOOT_LOGS \ + && chown spiderfoot:spiderfoot $SPIDERFOOT_CACHE + +WORKDIR /home/spiderfoot +COPY . . + +ENV VIRTUAL_ENV=/opt/venv +RUN mkdir -p "$VIRTUAL_ENV" || true +ENV PATH="$VIRTUAL_ENV/bin:$PATH" +RUN python -m venv "$VIRTUAL_ENV" + +ARG REQUIREMENTS=requirements.txt +COPY "$REQUIREMENTS" requirements.txt + +RUN chown -R spiderfoot:spiderfoot /tools +RUN chown -R spiderfoot:spiderfoot "$VIRTUAL_ENV" +RUN chown -R spiderfoot:spiderfoot "/home/spiderfoot" + +USER spiderfoot + +RUN pip install -U pip +RUN pip install -r "$REQUIREMENTS" + +# Install Python tools +RUN pip install dnstwist +# CMSeeK +WORKDIR /tools +RUN git clone https://github.com/Tuhinshubhra/CMSeeK && cd CMSeeK \ + && pip install -r requirements.txt && mkdir Results + +# Install wafw00f +RUN git clone https://github.com/EnableSecurity/wafw00f \ + && cd wafw00f \ + && python3 setup.py install +WORKDIR /home/spiderfoot + +EXPOSE 5001 + +USER root +#RUN sed -i 's/import lib/import importlib/' /opt/venv/lib/python3.12/site-packages/future/standard_library/__init__.py + +# Run the application +CMD python -c 'from spiderfoot import SpiderFootDb; \ +db = SpiderFootDb({"__database": "/var/lib/spiderfoot/spiderfoot.db"}); \ +db.configSet({ \ + "sfp_tool_dnstwist:dnstwistpath": "/opt/venv/bin/dnstwist", \ + "sfp_tool_cmseek:cmseekpath": "/tools/CMSeeK/cmseek.py", \ + "sfp_tool_whatweb:whatweb_path": "/tools/WhatWeb/whatweb", \ + "sfp_tool_wafw00f:wafw00f_path": "/opt/venv/bin/wafw00f", \ + "sfp_tool_onesixtyone:onesixtyone_path": "/usr/bin/onesixtyone", \ + "sfp_tool_retirejs:retirejs_path": "/usr/bin/retire", \ + "sfp_tool_testsslsh:testsslsh_path": "/tools/testssl.sh/testssl.sh", \ + "sfp_tool_snallygaster:snallygaster_path": "/usr/local/bin/snallygaster", \ + "sfp_tool_trufflehog:trufflehog_path": "/usr/local/bin/trufflehog", \ + "sfp_tool_nuclei:nuclei_path": "/tools/nuclei", \ + "sfp_tool_nuclei:template_path": "/tools/nuclei-templates", \ + "sfp_tool_wappalyzer:wappalyzer_path": "/tools/wappalyzer/src/drivers/npm/cli.js", \ + "sfp_tool_nbtscan:nbtscan_path": "/usr/bin/nbtscan", \ + "sfp_tool_nmap:nmappath": "DISABLED_BECAUSE_NMAP_REQUIRES_ROOT_TO_WORK" \ +})' || true && chmod +x sf.py && ./sf.py -l 0.0.0.0:5001 diff --git a/docker-compose-full.yml b/docker-compose-full.yml index dd4c6c111a..341244e513 100644 --- a/docker-compose-full.yml +++ b/docker-compose-full.yml @@ -1,7 +1,16 @@ -version: "3" - -services: - spiderfoot: - build: - context: ./ - dockerfile: ./Dockerfile.full +version: "3" + +services: + spiderfoot: + build: + context: ./ + dockerfile: ./Dockerfile.full + volumes: + - spiderfoot-data:/var/lib/spiderfoot + container_name: spiderfoot + ports: + - "5002:5001" + restart: unless-stopped + +volumes: + spiderfoot-data: From ef6788d4f46f5c5eb6830c6067378b370da31ab4 Mon Sep 17 00:00:00 2001 From: magichk Date: Tue, 23 Jan 2024 17:25:22 +0100 Subject: [PATCH 2/3] Fix some errors in Dockerfile.full and persistence in docker-compose-full.yml --- Dockerfile.full | 3 --- 1 file changed, 3 deletions(-) diff --git a/Dockerfile.full b/Dockerfile.full index 4bfc5466d7..bbc34a4259 100644 --- a/Dockerfile.full +++ b/Dockerfile.full @@ -113,9 +113,6 @@ WORKDIR /home/spiderfoot EXPOSE 5001 -USER root -#RUN sed -i 's/import lib/import importlib/' /opt/venv/lib/python3.12/site-packages/future/standard_library/__init__.py - # Run the application CMD python -c 'from spiderfoot import SpiderFootDb; \ db = SpiderFootDb({"__database": "/var/lib/spiderfoot/spiderfoot.db"}); \ From af28cc327bea02d445065624223a2bdcd8358e3d Mon Sep 17 00:00:00 2001 From: magichk Date: Tue, 23 Jan 2024 17:51:59 +0100 Subject: [PATCH 3/3] Fix some errors in Dockerfile.full and persistence in docker-compose-full.yml --- Dockerfile.full | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile.full b/Dockerfile.full index bbc34a4259..ab3f906b61 100644 --- a/Dockerfile.full +++ b/Dockerfile.full @@ -113,6 +113,8 @@ WORKDIR /home/spiderfoot EXPOSE 5001 +USER root + # Run the application CMD python -c 'from spiderfoot import SpiderFootDb; \ db = SpiderFootDb({"__database": "/var/lib/spiderfoot/spiderfoot.db"}); \