From fbcd180b62d5b794d90bafe235afd066013de589 Mon Sep 17 00:00:00 2001 From: Pete Stenger Date: Fri, 19 Jul 2024 00:10:43 -0400 Subject: [PATCH 1/2] begin 22.04 dockerfile test --- .gitignore | 2 ++ core/Dockerfile | 80 ++++++++++++++++++++++-------------------------- docker-helper.py | 9 +++--- host-init.sh | 12 ++++++++ 4 files changed, 55 insertions(+), 48 deletions(-) create mode 100755 host-init.sh diff --git a/.gitignore b/.gitignore index 07a0d93..31c2e06 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,5 @@ binaries/ images/ scratch/ +binwalk-*/ +__pycache__ \ No newline at end of file diff --git a/core/Dockerfile b/core/Dockerfile index 886fa23..30cf479 100644 --- a/core/Dockerfile +++ b/core/Dockerfile @@ -1,53 +1,45 @@ -FROM ubuntu:18.04 -MAINTAINER Mingeun Kim , Minkyo Seo <0xsaika@gmail.com> - -RUN apt-get update -RUN apt-get install -y apt-utils -RUN apt-get install -y wget tar bc psmisc ruby telnet -RUN apt-get install -y socat net-tools iputils-ping iptables iproute2 curl -RUN apt-get install -yy python python3 python3-pip -RUN python3 -m pip install --upgrade pip - -RUN apt-get install -y libpq-dev -RUN python3 -m pip install psycopg2 psycopg2-binary - -RUN apt-get install -y busybox-static bash-static fakeroot git kpartx netcat-openbsd nmap python3-psycopg2 snmp uml-utilities util-linux vlan - -# for binwalk -# bypass tzdata interaction +FROM --platform=amd64 ubuntu:22.04 +LABEL AUTHOR Mingeun Kim , Minkyo Seo <0xsaika@gmail.com> ENV DEBIAN_FRONTEND=noninteractive -RUN wget https://github.com/ReFirmLabs/binwalk/archive/refs/tags/v2.3.4.tar.gz && \ - tar -xf v2.3.4.tar.gz && \ - cd binwalk-2.3.4 && \ - sed -i 's/^install_ubireader//g' deps.sh && \ - echo y | ./deps.sh && \ - python3 setup.py install -RUN apt-get install -y mtd-utils gzip bzip2 tar arj lhasa p7zip p7zip-full cabextract fusecram cramfsswap squashfs-tools sleuthkit default-jdk cpio lzop lzma srecord zlib1g-dev liblzma-dev liblzo2-dev - -RUN python3 -m pip install python-lzo cstruct ubi_reader -RUN apt-get install -y python3-magic unrar -RUN apt-get install -y openjdk-8-jdk +RUN apt-get update && apt-get install -y wget gnupg2 && \ + wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \ + echo 'deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main' | tee /etc/apt/sources.list.d/google-chrome.list + +RUN apt-get update && apt-get install -y apt-utils wget tar bc psmisc ruby telnet \ + socat net-tools iputils-ping iptables iproute2 curl \ + python3 python3-pip python-is-python3 libpq-dev \ + busybox-static bash-static fakeroot git kpartx netcat-openbsd \ + nmap python3-psycopg2 snmp uml-utilities util-linux vlan \ + python3-magic unrar openjdk-8-jdk \ + mtd-utils gzip bzip2 tar arj lhasa p7zip p7zip-full cabextract \ + fusecram cramfsswap squashfs-tools sleuthkit default-jdk cpio \ + lzop lzma srecord zlib1g-dev liblzma-dev liblzo2-dev \ + qemu-system-arm qemu-system-mips qemu-system-x86 qemu-utils \ + google-chrome-stable ntfs-3g postgresql + +RUN python3 -m pip install --upgrade pip && \ + python3 -m pip install psycopg2 psycopg2-binary python-lzo cstruct ubi_reader \ + selenium bs4 requests future paramiko pysnmp==4.4.6 pycryptodome -# for qemu -RUN apt-get install -y qemu-system-arm qemu-system-mips qemu-system-x86 qemu-utils - -# for analyzer -RUN python3 -m pip install selenium bs4 requests future paramiko pysnmp==4.4.6 pycryptodome -# google chrome -RUN wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - -RUN echo 'deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main' | tee /etc/apt/sources.list.d/google-chrome.list -RUN apt-get update -RUN apt-get install -y google-chrome-stable -RUN apt-get install -y ntfs-3g -RUN ln -s /bin/ntfs-3g /bin/mount.ntfs-3g +RUN wget https://github.com/ReFirmLabs/binwalk/archive/refs/tags/v2.3.4.tar.gz && \ + tar -xf v2.3.4.tar.gz && \ + cd binwalk-2.3.4 && \ + sed -i 's/^install_ubireader//g;s/^install_sasquatch//g' deps.sh && \ + git clone --quiet --depth 1 --branch "master" https://github.com/devttys0/sasquatch && \ + cd sasquatch && \ + wget https://github.com/devttys0/sasquatch/pull/51.patch && patch -p1 <51.patch && \ + ./build.sh && cd .. && \ + echo y | ./deps.sh && \ + python3 setup.py install COPY ./sudo /usr/bin/sudo -RUN chmod 777 /usr/bin/sudo -RUN mkdir -p /work/FirmAE -RUN mkdir -p /work/firmwares -COPY unstuff /usr/local/bin/ +RUN ln -s /bin/ntfs-3g /bin/mount.ntfs-3g && \ + chmod 777 /usr/bin/sudo && \ + mkdir -p /work/FirmAE && \ + mkdir -p /work/firmwares && \ + unstuff /usr/local/bin/ ENV USER=root ENV FIRMAE_DOCKER=true diff --git a/docker-helper.py b/docker-helper.py index 8aae2d2..2d7726b 100755 --- a/docker-helper.py +++ b/docker-helper.py @@ -49,15 +49,15 @@ def run_core(self, idx, mode, brand, firmware_path): -v /dev:/dev \\ -v {0}:/work/FirmAE \\ -v {1}:/work/firmwares \\ - --privileged=true \\ + --privileged \\ --name {2} \\ + -p '5432:5432' \\ fcore""".format(self.firmae_root, firmware_root, docker_name) - + print(cmd) sp.check_output(cmd, shell=True) logging.info("[*] {} emulation start!".format(docker_name)) - time.sleep(5) docker_mode = "-it" if mode == "-d" else "-id" cmd = "docker exec {0} \"{1}\" ".format(docker_mode, docker_name) @@ -72,6 +72,7 @@ def run_core(self, idx, mode, brand, firmware_path): t0 = time.time() iid = -1 + print(cmd) if mode == "-d": os.system(cmd) else: @@ -93,7 +94,7 @@ def run_core(self, idx, mode, brand, firmware_path): f.readline() last_line = f.readline() if last_line.find("container failed") != -1: - logging.error("[-] %s container failed to connect to the hosts' postgresql".format(docker_name)) + logging.error("[-] {} container failed to connect to the hosts' postgresql".format(docker_name)) return docker_name if not iid: diff --git a/host-init.sh b/host-init.sh new file mode 100755 index 0000000..e58c81d --- /dev/null +++ b/host-init.sh @@ -0,0 +1,12 @@ +# Tested on MacOS under `brew install postgresql@14` +createdb -U firmadyne +psql -c "CREATE USER firmadyne WITH PASSWORD 'firmadyne';" +createdb -O firmadyne firmware +psql -d firmware < ./database/schema +CONFIG_LOCATION=$(psql -c 'SHOW config_file;' -t -A) +HBA_LOCATION=$(psql -c 'SHOW hba_file;' -t -A) +echo "$CONFIG_LOCATION, $HBA_LOCATION" +echo "listen_addresses = '172.17.0.1,127.0.0.1,localhost'" | tee -a $CONFIG_LOCATION +echo "host all all 172.17.0.1/24 trust" | tee -a $HBA_LOCATION + +echo "[*] Completed initializing database for docker to connect to" \ No newline at end of file From 0ddd968cb9a10c8a50ff64b58e04ebf6318fcf5e Mon Sep 17 00:00:00 2001 From: Pete Stenger Date: Fri, 19 Jul 2024 09:50:41 -0400 Subject: [PATCH 2/2] Make FirmAE portable to docker-for-mac & docker-for-linux --- core/Dockerfile | 6 +++--- docker-helper.py | 4 ++-- firmae.config | 2 +- scripts/makeImage.sh | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/core/Dockerfile b/core/Dockerfile index 30cf479..125da65 100644 --- a/core/Dockerfile +++ b/core/Dockerfile @@ -16,7 +16,7 @@ RUN apt-get update && apt-get install -y apt-utils wget tar bc psmisc ruby telne fusecram cramfsswap squashfs-tools sleuthkit default-jdk cpio \ lzop lzma srecord zlib1g-dev liblzma-dev liblzo2-dev \ qemu-system-arm qemu-system-mips qemu-system-x86 qemu-utils \ - google-chrome-stable ntfs-3g postgresql + google-chrome-stable ntfs-3g postgresql fdisk RUN python3 -m pip install --upgrade pip && \ python3 -m pip install psycopg2 psycopg2-binary python-lzo cstruct ubi_reader \ @@ -34,12 +34,12 @@ RUN wget https://github.com/ReFirmLabs/binwalk/archive/refs/tags/v2.3.4.tar.gz & python3 setup.py install COPY ./sudo /usr/bin/sudo +COPY ./unstuff /usr/local/bin/unstuff RUN ln -s /bin/ntfs-3g /bin/mount.ntfs-3g && \ chmod 777 /usr/bin/sudo && \ mkdir -p /work/FirmAE && \ - mkdir -p /work/firmwares && \ - unstuff /usr/local/bin/ + mkdir -p /work/firmwares ENV USER=root ENV FIRMAE_DOCKER=true diff --git a/docker-helper.py b/docker-helper.py index 2d7726b..4afae55 100755 --- a/docker-helper.py +++ b/docker-helper.py @@ -52,6 +52,7 @@ def run_core(self, idx, mode, brand, firmware_path): --privileged \\ --name {2} \\ -p '5432:5432' \\ + --add-host=host.docker.internal:host-gateway \\ fcore""".format(self.firmae_root, firmware_root, docker_name) @@ -86,10 +87,9 @@ def run_core(self, idx, mode, brand, firmware_path): if mode in ["-r", "-d"]: return docker_name - time.sleep(10) while iid == -1: time.sleep(1) - iid = util.get_iid(firmware_path, "127.0.0.1") + iid = util.get_iid(firmware_path, "host.docker.internal") with open(firmware_log) as f: f.readline() last_line = f.readline() diff --git a/firmae.config b/firmae.config index d264d07..9d54bc4 100644 --- a/firmae.config +++ b/firmae.config @@ -16,7 +16,7 @@ fi if [ -n "${FIRMAE_DOCKER-}" ]; then FIRMAE_DIR=/work/FirmAE - PSQL_IP=172.17.0.1 + PSQL_IP=host.docker.internal else FIRMAE_DIR=$(pwd) PSQL_IP=127.0.0.1 diff --git a/scripts/makeImage.sh b/scripts/makeImage.sh index e114c94..09b3957 100755 --- a/scripts/makeImage.sh +++ b/scripts/makeImage.sh @@ -50,7 +50,7 @@ qemu-img create -f raw "${IMAGE}" 1G chmod a+rw "${IMAGE}" echo "----Creating Partition Table----" -echo -e "o\nn\np\n1\n\n\nw" | /sbin/fdisk "${IMAGE}" +echo -e "o\nn\np\n1\n\n\nw" | fdisk "${IMAGE}" echo "----Mounting QEMU Image----" DEVICE=`add_partition ${IMAGE}`