mirror of https://github.com/lanjelot/patator
Add docker-compose and fix bugs
parent
902c650e04
commit
da3d9751d7
@ -0,0 +1,55 @@
|
||||
version: "3"
|
||||
services:
|
||||
unix:
|
||||
build: testing/unix
|
||||
image: patator-unix-testing
|
||||
# ports:
|
||||
# - "21:21"
|
||||
# - "22:22"
|
||||
# - "23:23"
|
||||
# - "25:25"
|
||||
# - "79:79"
|
||||
# - "80:80"
|
||||
# - "106:106"
|
||||
# - "110:110"
|
||||
# - "139:139"
|
||||
# - "143:143"
|
||||
# - "389:389"
|
||||
# - "445:445"
|
||||
# - "513:513"
|
||||
# - "636:636"
|
||||
# - "993:993"
|
||||
# - "995:995"
|
||||
# - "3306:3306"
|
||||
# - "4444:4444"
|
||||
# - "5432:5432"
|
||||
# - "5900:5900"
|
||||
# - "8009:8009"
|
||||
# - "8080:8080"
|
||||
volumes:
|
||||
- .:/opt/patator
|
||||
|
||||
oracle:
|
||||
image: oracleinanutshell/oracle-xe-11g
|
||||
environment:
|
||||
- ORACLE_ENABLE_XDB=true
|
||||
ports:
|
||||
- "1521:1521"
|
||||
|
||||
mssql:
|
||||
image: mcr.microsoft.com/mssql/server:2019-latest
|
||||
environment:
|
||||
- ACCEPT_EULA=Y
|
||||
- SA_PASSWORD=Password1
|
||||
ports:
|
||||
- "1433:1433"
|
||||
|
||||
patator:
|
||||
build: .
|
||||
image: patator
|
||||
depends_on:
|
||||
- unix
|
||||
- oracle
|
||||
- mssql
|
||||
volumes:
|
||||
- .:/opt/patator
|
@ -0,0 +1,108 @@
|
||||
#!/bin/bash
|
||||
|
||||
case "$1" in
|
||||
python2|python3)
|
||||
PYTHON=$1
|
||||
;;
|
||||
*)
|
||||
docker-compose up -d --build
|
||||
|
||||
$0 python3
|
||||
$0 python2
|
||||
|
||||
exit 0
|
||||
;;
|
||||
esac
|
||||
|
||||
UNIX='unix'
|
||||
ORACLE='oracle'
|
||||
MSSQL='mssql'
|
||||
|
||||
LOGS='-l ./asdf -y --hits ./hits.txt'
|
||||
|
||||
run()
|
||||
{
|
||||
echo
|
||||
echo "$ $@"
|
||||
docker-compose run --rm --entrypoint "$PYTHON patator.py" patator "$@"
|
||||
}
|
||||
|
||||
echo
|
||||
echo ">>> $PYTHON"
|
||||
|
||||
run ftp_login host=$UNIX
|
||||
run ftp_login host=$UNIX user=userRANGE0 password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run ssh_login host=$UNIX
|
||||
run ssh_login host=$UNIX user=userRANGE0 password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run telnet_login host=$UNIX
|
||||
run telnet_login host=$UNIX inputs='userRANGE0\nPasswordRANGE0' 0=int:0-9 prompt_re='login:|Password:' timeout=5
|
||||
|
||||
run smtp_vrfy host=$UNIX
|
||||
run smtp_vrfy host=$UNIX user=userRANGE0 0=int:1-500 -x ignore:fgrep='User unknown' -x ignore,reset,retry:code=421 --auto-progress 10
|
||||
|
||||
run smtp_rcpt host=$UNIX
|
||||
run smtp_rcpt host=$UNIX mail_from=root@localhost user=userRANGE0@localhost 0=int:1-200 -x ignore:fgrep='User unknown'
|
||||
|
||||
run smtp_login host=$UNIX
|
||||
run smtp_login host=$UNIX user=userRANGE0 password=PasswordRANGE0 0=int:0-30 starttls=1 #-x ignore,reset,retry:code=421
|
||||
|
||||
run finger_lookup host=$UNIX
|
||||
run finger_lookup host=$UNIX user=userRANGE0 0=int:0-20 -x ignore:fgrep='no such user'
|
||||
|
||||
run ldap_login host=$UNIX
|
||||
run ldap_login host=$UNIX binddn='cn=admin,dc=example,dc=com' bindpw=PasswordRANGE0 0=int:0-9 basedn='dc=example,dc=com'
|
||||
|
||||
run smb_login host=$UNIX
|
||||
run smb_login host=$UNIX user=userRANGE0 password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run pop_login host=$UNIX
|
||||
run pop_login host=$UNIX user=userRANGE0 password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run pop_passd host=$UNIX
|
||||
run pop_passd host=$UNIX user=userRANGE0 password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run imap_login host=$UNIX
|
||||
run imap_login host=$UNIX user=userRANGE0 password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run rlogin_login host=$UNIX user=userRANGE0 password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run mysql_login host=$UNIX
|
||||
run mysql_login host=$UNIX user=root password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run mysql_query host=$UNIX user=root password=Password1 query='select host, user from mysql.user'
|
||||
run mysql_query host=$UNIX user=root password=Password1 query='select load_file("/etc/hosts")'
|
||||
|
||||
run mssql_login host=$MSSQL user=sa password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run oracle_login host=$ORACLE sid=xRANGE0 0=lower:a-f -t 1
|
||||
run oracle_login host=$ORACLE sid=xe user=sys password=oraclRANGE0 0=lower:a-f
|
||||
|
||||
run pgsql_login host=$UNIX
|
||||
run pgsql_login host=$UNIX user=postgres password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run http_fuzz url="http://$UNIX/RANGE0" 0=lower:a-zzz -x ignore:code=404
|
||||
run http_fuzz url=http://$UNIX:8080/manager/html user_pass=tomcat:PasswordRANGE0 0=int:0-9
|
||||
|
||||
run ajp_fuzz url=ajp://$UNIX/manager/html user_pass=tomcat:PasswordRANGE0 0=int:0-9
|
||||
|
||||
run vnc_login host=$UNIX port=5900 password=PassworRANGE0 0=lower:a-f
|
||||
|
||||
run dns_reverse host=NET0 0=216.239.32.0-216.239.32.255,8.8.8.0/24 -x ignore:code=3 -x ignore:fgrep!=google.com -x ignore:fgrep=216-239-
|
||||
run dns_forward name=MOD0.microsoft.com 0=SRV qtype=SRV -x ignore:code=3 --auto-progress 15
|
||||
|
||||
run unzip_pass zipfile=enc.zip password=PasswordRANGE0 0=int:0-9
|
||||
run keystore_pass keystore=keystore.jks password=PasswordRANGE0 0=int:0-9
|
||||
run sqlcipher_pass database=enc.db password=PasswordRANGE0 0=int:0-9
|
||||
run umbraco_crack hashlist=@umbraco_users.pw password=PasswordRANGE0 0=int:0-9
|
||||
|
||||
run tcp_fuzz host=$UNIX port=4444 data=RANGE0 0=hex:0xf0-0xf9 # $LOGS
|
||||
|
||||
echo -e '\xde\xad\xbe\xef\nprintable ascii' > dummy.txt
|
||||
run dummy_test delay=0 data=FILE0 0=dummy.txt data2=RANGE1 1=lower:a-b
|
||||
|
||||
echo -e 'wrong pass\np\x1fssw\x09rd' > user9.pass
|
||||
run ssh_login host=unix user=user9 password=FILE0 0=user9.pass
|
||||
|
||||
rm -f dummy.txt user9.pass
|
@ -0,0 +1,118 @@
|
||||
FROM ubuntu:18.04
|
||||
|
||||
MAINTAINER Sebastien Macke <lanjelot@gmail.com>
|
||||
|
||||
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
|
||||
|
||||
RUN { for i in {3..5}; do useradd -m -s /bin/bash user$i; echo -e "Password$i\nPassword$i" | passwd user$i; done; } \
|
||||
&& useradd -m user9 && echo -e 'p\x1fssw\x09rd\np\x1fssw\x09rd' | passwd user9
|
||||
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
RUN apt-get update && apt-get install -y vsftpd openssh-server telnetd rsh-redone-server fingerd apache2 socat
|
||||
|
||||
RUN { echo "postfix postfix/mailname string ubuntu-bionic"; \
|
||||
echo "postfix postfix/main_mailer_type string 'Internet Site'"; \
|
||||
} | debconf-set-selections \
|
||||
&& apt-get update && apt-get install -y postfix mail-stack-delivery \
|
||||
&& postconf -e 'smtpd_sasl_exceptions_networks='
|
||||
|
||||
RUN echo 'ServerName localhost' >> /etc/apache2/apache2.conf \
|
||||
&& mkdir /var/www/html/{wp,pma,bak} && echo secret > /var/www/html/key
|
||||
|
||||
RUN LDAPPW=Password1; \
|
||||
{ \
|
||||
echo slapd slapd/internal/generated_adminpw password $LDAPPW; \
|
||||
echo slapd slapd/password2 password $LDAPPW; \
|
||||
echo slapd slapd/internal/adminpw password $LDAPPW; \
|
||||
echo slapd slapd/password1 password $LDAPPW; \
|
||||
echo slapd slapd/domain string example.com; \
|
||||
echo slapd shared/organization string example.com; \
|
||||
} | debconf-set-selections \
|
||||
&& apt-get update && apt-get install -y slapd ldap-utils
|
||||
|
||||
RUN MYSRP=Password1; \
|
||||
{ echo "mysql-server mysql-server/root_password password $MYSRP"; \
|
||||
echo "mysql-server mysql-server/root_password_again password $MYSRP"; \
|
||||
} | debconf-set-selections \
|
||||
&& apt-get update && apt-get install -y mysql-server \
|
||||
&& sed -i "s/bind-address.*/bind-address = 0.0.0.0/" /etc/mysql/mysql.conf.d/mysqld.cnf \
|
||||
&& echo secure_file_priv= >> /etc/mysql/mysql.conf.d/mysqld.cnf \
|
||||
&& Q1="GRANT ALL ON *.* TO 'root'@'%' IDENTIFIED BY '$MYSRP' WITH GRANT OPTION;" \
|
||||
&& Q2="FLUSH PRIVILEGES;" \
|
||||
&& SQL="${Q1}${Q2}" \
|
||||
&& rm -f /etc/apparmor.d/usr.sbin.mysqld \
|
||||
&& service mysql start \
|
||||
&& mysql -uroot -p"$MYSRP" -e "$SQL"
|
||||
|
||||
RUN PGPW=Password1 \
|
||||
&& apt-get update && apt-get install -y postgresql \
|
||||
&& sed -ie 's,127.0.0.1/32,0.0.0.0/0,' /etc/postgresql/10/main/pg_hba.conf \
|
||||
&& sed -ie "s,^#listen_addresses = 'localhost',listen_addresses = '*'," /etc/postgresql/10/main/postgresql.conf \
|
||||
&& service postgresql start \
|
||||
&& su - postgres -c "psql -c \"ALTER USER postgres WITH PASSWORD '$PGPW';\" -c '\\q'" \
|
||||
&& su - postgres -c "PGPASSWORD='$PGPW' psql -d postgres -w --no-password -h localhost -p 5432 -t -c 'SELECT version()'"
|
||||
|
||||
RUN apt-get update && apt-get install -y tomcat9 tomcat9-admin \
|
||||
&& TOMCATPW=Password1 \
|
||||
&& echo '<?xml version="1.0" encoding="UTF-8"?><tomcat-users xmlns="http://tomcat.apache.org/xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd" version="1.0"><user username="tomcat" password="Password1" roles="manager-gui"/></tomcat-users>' > /etc/tomcat9/tomcat-users.xml \
|
||||
&& sed -ie 's,^.*Define an AJP .* Connector on port.*$,<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />,' /etc/tomcat9/server.xml \
|
||||
&& sed -ie 's,catalina.realm.LockOutRealm",catalina.realm.LockOutRealm" lockOutTime="0",' /etc/tomcat9/server.xml \
|
||||
&& echo -e "#!/bin/bash\n\
|
||||
export CATALINA_HOME=/usr/share/tomcat9\n\
|
||||
export CATALINA_BASE=/var/lib/tomcat9\n\
|
||||
export CATALINA_TMPDIR=/tmp\n\
|
||||
export SECURITY_MANAGER=true\n\
|
||||
export JAVA_OPTS=-Djava.awt.headless=true\n\
|
||||
/usr/libexec/tomcat9/tomcat-update-policy.sh\n\
|
||||
/usr/libexec/tomcat9/tomcat-start.sh &\n" > /usr/local/sbin/start-tomcat.sh
|
||||
|
||||
RUN apt-get update && apt-get install -y dovecot-imapd dovecot-pop3d poppassd \
|
||||
&& sed -ie 's,^#login_trusted_networks = *$,login_trusted_networks = 0.0.0.0/0,' /etc/dovecot/dovecot.conf
|
||||
|
||||
RUN apt-get update && apt-get install -y p7zip-full \
|
||||
&& 7za a -pPassword1 /root/enc.zip /etc/passwd
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-11-jre-headless \
|
||||
&& keytool -genkey -alias test -storepass Password1 -keypass Password1 -keystore /root/keystore.jks -dname "CN=a,OU=b,O=c,L=d,ST=e,C=f"
|
||||
|
||||
RUN apt-get update && apt-get install -y sqlcipher \
|
||||
&& sqlcipher /root/enc.db "PRAGMA key = 'Password1';create table a(id int);"
|
||||
|
||||
RUN echo -e 'user1:kW+7AlKMnSZQIRluNxwJOMiohAw=\nuser2:oBk37hmkFgZdZ247+g6c0Ay6Vw8=\nuser3:kW+7AlKMnSZQIRluNxwJOMiohAw=' > /root/umbraco_users.pw
|
||||
|
||||
RUN apt-get update && apt-get install -y tightvncserver \
|
||||
&& useradd -m vncuser && mkdir ~vncuser/.vnc && echo Password | vncpasswd -f > ~vncuser/.vnc/passwd \
|
||||
&& chmod 400 ~vncuser/.vnc/passwd && chown -R vncuser:vncuser ~vncuser/.vnc
|
||||
|
||||
# utils
|
||||
RUN sed -i 's:^path-exclude=/usr/share/man:#path-exclude=/usr/share/man:' /etc/dpkg/dpkg.cfg.d/excludes \
|
||||
&& apt-get update && apt-get install -y man manpages-posix iproute2 mlocate lsof sudo vim less \
|
||||
telnet finger rsh-client smbclient \
|
||||
&& echo 'set bg=dark' > /root/.vimrc \
|
||||
&& usermod -aG sudo user3
|
||||
|
||||
RUN apt-get update && apt-get install -y samba \
|
||||
&& { for i in {3..5}; do echo -e "Password$i\nPassword$i" | smbpasswd -a "user$i"; done; } \
|
||||
&& sed -ie 's,map to guest =,#map to guest =,' /etc/samba/smb.conf
|
||||
|
||||
RUN echo -e "echo Starting services\n\
|
||||
service vsftpd start\n\
|
||||
service ssh start\n\
|
||||
/usr/sbin/inetd\n\
|
||||
service postfix start\n\
|
||||
service dovecot start\n\
|
||||
service apache2 start\n\
|
||||
service slapd start\n\
|
||||
service mysql start\n\
|
||||
service postgresql start\n\
|
||||
bash /usr/local/sbin/start-tomcat.sh\n\
|
||||
socat tcp-l:106,fork,reuseaddr exec:/usr/sbin/poppassd &\n\
|
||||
socat tcp-l:4444,fork,reuseaddr exec:\"echo -e 'W\xe1\xc0me'\" &\n\
|
||||
cp -v /root/enc.zip /root/keystore.jks /root/enc.db /root/umbraco_users.pw /opt/patator/\n\
|
||||
su - vncuser -c 'vncserver -rfbport 5900'\n\
|
||||
service smbd start\n\
|
||||
touch /opt/patator/.all-started\n\
|
||||
tail -f /dev/null\n" > /usr/local/sbin/start-all-services.sh
|
||||
|
||||
CMD ["bash", "/usr/local/sbin/start-all-services.sh"]
|
Loading…
Reference in New Issue