tweaking

docker/deprecated/glastopf/Dockerfile

@@ -0,0 +1,73 @@
+FROM alpine
+
+# Include dist
+ADD dist/ /root/dist/
+
+# Install packages
+RUN apk -U --no-cache add \
+               autoconf \
+               bind-tools \
+               build-base \
+#               cython \
+               git \
+               libffi \
+               libffi-dev \
+               libcap \
+               libxslt-dev \
+               make \
+               php7 \
+               php7-dev \
+               openssl-dev \
+               py-mysqldb \
+               py-openssl \
+               py-pip \
+               py-setuptools \
+               python \
+               python-dev && \
+    pip install --no-cache-dir --upgrade pip && \
+
+# Install php sandbox from git
+    git clone --depth=1 https://github.com/mushorg/BFR /opt/BFR && \
+    cd /opt/BFR && \
+    phpize7 && \
+    ./configure \
+      --with-php-config=/usr/bin/php-config7 \
+      --enable-bfr && \
+    make && \
+    make install && \
+    cd / && \
+    rm -rf /opt/BFR /tmp/* /var/tmp/* && \
+    echo "zend_extension = "$(find /usr -name bfr.so) >> /etc/php7/php.ini && \
+
+# Install glastopf from git
+    git clone --depth=1 https://github.com/mushorg/glastopf.git /opt/glastopf && \
+    cd /opt/glastopf && \
+    cp /root/dist/requirements.txt . && \
+    pip install --no-cache-dir . && \
+    cd / && \
+    rm -rf /opt/glastopf /tmp/* /var/tmp/* && \
+    setcap cap_net_bind_service=+ep /usr/bin/python2.7 && \
+
+# Setup user, groups and configs
+    addgroup -g 2000 glastopf && \
+    adduser -S -H -u 2000 -D -g 2000 glastopf && \
+    mkdir -p /etc/glastopf && \
+    mv /root/dist/glastopf.cfg /etc/glastopf/ && \
+
+# Clean up
+    apk del --purge autoconf \
+                    build-base \
+                    file \
+                    git \
+                    libffi-dev \
+                    php7-dev \
+                    python-dev \
+                    py-pip && \
+    rm -rf /root/* && \
+    rm -rf /var/cache/apk/*
+
+# Set workdir and start glastopf
+STOPSIGNAL SIGINT
+USER glastopf:glastopf
+WORKDIR /tmp/glastopf/
+CMD cp /etc/glastopf/glastopf.cfg /tmp/glastopf && exec glastopf-runner

docker/deprecated/glastopf/README.md

@@ -0,0 +1,15 @@
+[![](https://images.microbadger.com/badges/version/dtagdevsec/glastopf:1903.svg)](https://microbadger.com/images/dtagdevsec/glastopf:1903 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/glastopf:1903.svg)](https://microbadger.com/images/dtagdevsec/glastopf:1903 "Get your own image badge on microbadger.com")
+
+# glastopf (deprecated)
+
+[glastopf](https://github.com/mushorg/glastopf) is a python web application honeypot.
+
+This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
+
+The `Dockerfile` contains the blueprint for the dockerized glastopf and will be used to setup the docker image.
+
+The `docker-compose.yml` contains the necessary settings to test glastopf using `docker-compose`. This will ensure to start the docker container with the appropriate permissions and port mappings.  
+
+# Glastopf Dashboard
+
+![Glastopf Dashboard](doc/dashboard.png)

docker/deprecated/glastopf/dist/glastopf.cfg

@@ -0,0 +1,115 @@
+[webserver]
+host = 0.0.0.0
+port = 80
+uid = glastopf
+gid = glastopf
+proxy_enabled = False
+
+[ssl]
+enabled = False
+certfile = 
+keyfile = 
+
+#Generic logging for general monitoring
+[logging]
+consolelog_enabled = True
+filelog_enabled = True
+logfile = log/glastopf.log
+
+[dork-db]
+enabled = True
+pattern = rfi
+# Extracts dorks from a online dorks service operated by The Honeynet Project
+# This service is down until further notice!
+mnem_service = False
+
+[hpfeed]
+enabled = False
+host = hpfriends.honeycloud.net
+port = 20000
+secret = 3wis3l2u5l7r3cew
+# channels comma separated
+chan_events = glastopf.events
+chan_files = glastopf.files
+ident = x8yer@hp1
+
+[main-database]
+#If disabled a sqlite database will be created (db/glastopf.db)
+#to be used as dork storage.
+enabled = True
+#mongodb or sqlalchemy connection string, ex:
+#mongodb://localhost:27017/glastopf
+#mongodb://james:bond@localhost:27017/glastopf
+#mysql://james:bond@somehost.com/glastopf
+connection_string = sqlite:///db/glastopf.db
+
+[surfcertids]
+enabled = False
+host = localhost
+port = 5432
+user = 
+password = 
+database = idsserver
+
+[syslog]
+enabled = False
+socket = /dev/log
+
+[mail]
+enabled = False
+# an email notification will be sent only if a specified matched pattern is identified.
+# Use the wildcard char *, to be notified every time
+patterns = rfi,lfi
+user =
+pwd =
+mail_from =
+mail_to = 
+smtp_host = smtp.gmail.com
+smtp_port = 587
+
+[taxii]
+enabled = False
+host = taxiitest.mitre.org
+port = 80
+inbox_path = /services/inbox/default/
+use_https = False
+use_auth_basic = False
+auth_basic_username = your_username
+auth_basic_password = your_password
+use_auth_certificate = False
+auth_certificate_keyfile = full_path_to_keyfile
+auth_certificate_certfile = full_path_to_certfile
+include_contact_info = False
+contact_name = ...
+contact_email = ...
+
+[logstash]
+enabled = False
+host = localhost
+port = 5659
+handler = AMQP/TCP/UDP 
+
+[misc]
+# set webserver banner
+banner = Apache/2.0.48
+
+[surface]
+#https://www.google.com/webmasters/
+google_meta =
+#http://www.bing.com/toolbox/webmaster
+bing_meta =
+
+[sensor]
+sensorid = None
+
+[profiler]
+enabled = False
+
+[s3storage]
+enabled = False
+endpoint = http://localhost:8080/
+aws_access_key_id = YOUR_aws_access_key_id
+aws_secret_access_key = YOUR_aws_access_key_id
+bucket = glastopf
+region = eu-west-1
+signature_version = s3

docker/deprecated/glastopf/dist/requirements.txt

@@ -0,0 +1,35 @@
+asn1crypto==0.24.0
+BeautifulSoup==3.2.1
+beautifulsoup4==4.6.1
+botocore==1.11.6
+certifi==2018.4.16
+cffi==1.10.0
+chardet==3.0.4
+cryptography==2.1.4
+cssselect==1.0.0
+Cython==0.28.2
+docutils==0.14
+enum34==1.1.6
+gevent==1.2.2
+greenlet==0.4.13
+hpfeeds==1.0
+idna==2.6
+ipaddress==1.0.22
+Jinja2==2.9.6
+jmespath==0.9.3
+libtaxii==1.1.111
+lxml==4.2.4
+MarkupSafe==1.0
+MySQL-python==1.2.5
+pyasn1==0.4.2
+pycparser==2.18
+pylibinjection==0.2.4
+pymongo==3.2.2
+pyOpenSSL==17.2.0
+python-dateutil==2.6.1
+python-logstash==0.4.6
+requests==2.18.4
+six==1.11.0
+SQLAlchemy==1.2.7
+urllib3==1.22
+WebOb==1.2.3

docker/deprecated/glastopf/docker-compose.yml

@@ -0,0 +1,23 @@
+version: '2.3'
+
+networks:
+  glastopf_local:
+
+services:
+
+# Glastopf service
+  glastopf:
+    build: .
+    container_name: glastopf
+    tmpfs:
+      - /tmp/glastopf:uid=2000,gid=2000
+    restart: always
+    networks:
+     - glastopf_local
+    ports:
+     - "8081:80"
+    image: "dtagdevsec/glastopf:1903"
+    read_only: true
+    volumes:
+     - /data/glastopf/db:/tmp/glastopf/db
+     - /data/glastopf/log:/tmp/glastopf/log