-
Notifications
You must be signed in to change notification settings - Fork 17
Expand file tree
/
Copy pathDockerfile
More file actions
executable file
·205 lines (205 loc) · 10.2 KB
/
Dockerfile
File metadata and controls
executable file
·205 lines (205 loc) · 10.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
# +--------------------------------------------------------------------------------------------------------------------+
# | CREATE THE BOX BASED ON UBUNTU |
# +--------------------------------------------------------------------------------------------------------------------+
# define global arguments
ARG USER=user
ARG HOME=/home/$USER
ARG UOPT=$HOME/.opt
ARG UBIN=$HOME/.local/bin \
PBWS=$HOME/.packing-box \
PBOX=$UOPT/tools/packing-box \
FILES=src/files \
VENV=$UOPT/venv
# start creating the box
FROM ubuntu:latest AS base
LABEL org.opencontainers.image.authors="alexandre.dhondt@gmail.com" \
org.opencontainers.image.created="Feb 5, 2021" \
org.opencontainers.image.licenses="GPL-3.0" \
org.opencontainers.image.source="https://github.com/orgs/packing-box/repositories" \
org.opencontainers.image.title="Packing-Box: Experimental toolkit for static detection of executable packing" \
org.opencontainers.image.url="https://github.com/packing-box/docker-packing-box" \
org.opencontainers.image.version="2.1.0"
ARG USER HOME VENV
ENV DEBCONF_NOWARNINGS=yes \
DEBIAN_FRONTEND=noninteractive \
TERM=xterm-256color \
PIP_ROOT_USER_ACTION=ignore
# configure locale
RUN apt-get update \
&& apt-get -y install locales \
&& locale-gen en_US.UTF-8
# apply upgrade
RUN echo "debconf debconf/frontend select Noninteractive" | debconf-set-selections \
&& apt-get -y install dialog apt-utils \
&& apt-get update \
&& apt-get -y upgrade \
&& apt-get -y autoremove \
&& apt-get autoclean
# add a non-privileged account
RUN usermod -l $USER ubuntu \
&& groupmod -n $USER ubuntu \
&& usermod -d $HOME -m $USER \
&& apt-get install -y sudo \
&& echo $USER ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USER \
&& chmod 0440 /etc/sudoers.d/$USER
# install common dependencies and libraries
RUN apt-get -y install apt-transport-https apt-utils \
&& apt-get -y install bash-completion build-essential clang cmake software-properties-common \
&& apt-get -y install libavcodec-dev libavformat-dev libavutil-dev libbsd-dev libboost-regex-dev libcapstone-dev \
libgirepository1.0-dev libelf-dev libffi-dev libfontconfig1-dev libgif-dev libjpeg-dev \
&& apt-get -y install libboost-program-options-dev libboost-system-dev libboost-filesystem-dev libc6-dev-i386 \
libdwarf-dev libcairo2-dev libdbus-1-dev libegl1-mesa-dev libfreetype6-dev libfuse-dev \
libgl1-mesa-dev libglib2.0-dev libglu1-mesa-dev libpulse-dev libssl-dev libsvm-dev libsvm-java \
libtiff5-dev libudev-dev libxcursor-dev libxkbfile-dev libxml2-dev libxrandr-dev libfuzzy-dev
# install useful tools
RUN apt-get update \
&& apt-get -y install colordiff colortail cython3 dos2unix dosbox git golang kmod less ltrace meson nasm tree strace \
&& apt-get -y install gcab genisoimage iproute2 jlha-utils jq nftables nodejs npm rubygems ssdeep swig unar yarnpkg \
&& apt-get -y install python3-pip python3-pygraphviz python3-setuptools python3-venv vim visidata yq \
&& apt-get -y install bc curl ffmpeg imagemagick pev psmisc tesseract-ocr unrar unzip wget wimtools x11-apps zstd \
&& apt-get -y install bats binutils-dev binwalk dwarfdump ent foremost rpm2cpio tmate tmux weka xdotool xterm xvfb \
&& wget -qO /tmp/b.deb https://github.com/sharkdp/bat/releases/download/v0.25.0/bat_0.25.0_amd64.deb \
&& dpkg -i /tmp/b.deb \
&& rm -f /tmp/b.deb
# install .NET runtime (necessary for ilspycmd)
RUN apt-get -y install dotnet-sdk-10.0 dotnet-runtime-10.0
# install wine (for running Windows software on Linux)
RUN dpkg --add-architecture i386 \
&& . /etc/os-release \
&& wget -O /etc/apt/keyrings/winehq-archive.key https://dl.winehq.org/wine-builds/winehq.key \
&& wget -NP /etc/apt/sources.list.d/ \
https://dl.winehq.org/wine-builds/ubuntu/dists/$VERSION_CODENAME/winehq-$VERSION_CODENAME.sources \
&& apt-get update \
&& apt-get -y install --install-recommends winehq-stable wine32 winetricks \
&& mkdir -p /opt/wine-stable/share/wine/gecko \
&& wget -O /opt/wine-stable/share/wine/gecko/wine-gecko-2.47.1-x86.msi \
https://dl.winehq.org/wine/wine-gecko/2.47.1/wine-gecko-2.47.1-x86.msi \
&& wget -O /opt/wine-stable/share/wine/gecko/wine-gecko-2.47.1-x86_64.msi \
https://dl.winehq.org/wine/wine-gecko/2.47.1/wine-gecko-2.47.1-x86_64.msi
# install mono (for running .NET apps on Linux)
RUN apt-get install ca-certificates gnupg \
&& gpg --homedir /tmp --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/mono.gpg \
--keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF \
&& chmod +r /usr/share/keyrings/mono.gpg \
&& echo "deb [signed-by=/usr/share/keyrings/mono.gpg] https://download.mono-project.com/repo/ubuntu stable-focal main" \
| sudo tee /etc/apt/sources.list.d/mono-official-stable.list \
&& apt-get update \
&& apt-get -y install mono-complete mono-vbnc
# install MingW
RUN apt-get -y install --install-recommends clang mingw-w64 \
&& git clone https://github.com/tpoechtrager/wclang \
&& cd wclang \
&& cmake -DCMAKE_INSTALL_PREFIX=_prefix_ . \
&& make \
&& make install \
&& mv _prefix_/bin/* /usr/local/bin/ \
&& cd /tmp \
&& rm -rf wclang
# install darling (for running MacOS software on Linux)
#RUN apt-get -y install cmake clang bison flex pkg-config linux-headers-generic gcc-multilib \
# && cd /tmp/ \
# && git clone --recursive https://github.com/darlinghq/darling.git \
# && cd darling \
# && mkdir build \
# && cd build \
# && cmake .. \
# && make \
# && make install \
# && make lkm \
# && make lkm_install
# ensure $HOME is completely owned by user
RUN chown -R user:user $HOME
USER $USER
# install uv, the fast Python package and project manager written in Rust
RUN curl -LsSf https://astral.sh/uv/install.sh | sh
ENV PATH="$VENV/bin:$HOME/.local/bin:$PATH"
# setup a virtual environment for the Python packages
RUN uv venv $VENV
ENV VIRTUAL_ENV=$VENV
# install/update Python packages (install dl8.5 with root separately to avoid wheel's build failure)
RUN uv pip install capstone jinja2 meson poetry pythonnet pwntools thefuck tinyscript tldr vt-py \
&& uv pip install angr capa lightgbm lmstudio pandas pydl8.5 scikit-learn scikit-learn-extra weka
# install ILSpyCmd
RUN dotnet tool install --global ilspycmd
# install Rust (user-level)
RUN curl https://sh.rustup.rs -sSf | bash -s -- -y
# initialize Go
RUN go mod init pbox &
# install user-level tools
RUN go install github.com/antonmedv/fx@latest
# +--------------------------------------------------------------------------------------------------------------------+
# | CUSTOMIZE THE BOX (refine the terminal) |
# +--------------------------------------------------------------------------------------------------------------------+
FROM base AS customized
ARG USER VENV
ENV TERM=xterm-256color \
VIRTUAL_ENV=$VENV \
PATH="$VENV/bin:$PATH"
# copy customized files for root
USER root
COPY src/term/[^profile]* /tmp/term/
RUN for f in `ls /tmp/term/`; do cp -r "/tmp/term/$f" "/root/.${f##*/}"; done \
&& rm -rf /tmp/term
# switch to the unprivileged account
USER $USER
# copy customized files
COPY --chown=$USER src/term /tmp/term
RUN for f in `ls /tmp/term/`; do cp "/tmp/term/$f" "/home/$USER/.${f##*/}"; done \
&& rm -rf /tmp/term
# +--------------------------------------------------------------------------------------------------------------------+
# | ADD FRAMEWORK ITEMS |
# +--------------------------------------------------------------------------------------------------------------------+
FROM customized AS framework
ARG USER HOME UOPT PBWS PBOX FILES VENV
USER $USER
ENV TERM=xterm-256color \
VIRTUAL_ENV=$VENV \
PATH="$VENV/bin:$PATH"
# set the base files and folders for further setup (explicitly create ~/.cache/pip to avoid it not being owned by user)
COPY --chown=$USER src/conf/*.yml $PBWS/conf/
RUN sudo mkdir -p /mnt/share \
&& sudo chown $USER /mnt/share \
&& mkdir -p $UOPT/bin $UOPT/tools $UOPT/analyzers $UOPT/detectors $UOPT/packers $UOPT/unpackers \
/tmp/analyzers /tmp/detectors /tmp/packers /tmp/unpackers
# copy executable format related data
COPY --chown=$USER src/data $PBWS/data
# copy and install pbox (main library for tools) and pboxtools (lightweight library for items)
COPY --chown=$USER src/lib /tmp/lib
RUN uv pip install /tmp/lib/ \
&& rm -rf /tmp/lib
COPY --chown=$USER $FILES/tools/packing-box $PBOX
# install analyzers
COPY --chown=$USER $FILES/analyzers/* /tmp/analyzers/
RUN find /tmp/analyzers -type f -executable -exec mv {} $UOPT/bin/ \; \
&& $PBOX setup analyzer
# install detectors (including wrapper scripts)
COPY --chown=$USER $FILES/detectors/* /tmp/detectors/
RUN find /tmp/detectors -type f -executable -exec mv {} $UOPT/bin/ \; \
&& find /tmp/detectors -type f -iname '*.txt' -exec mv {} $UOPT/detectors/ \; \
&& $PBOX setup detector
# install packers
COPY --chown=$USER $FILES/packers/* /tmp/packers/
RUN $PBOX setup packer
# install unpackers
#COPY ${FILES}/unpackers/* /tmp/unpackers/ # leave this commented as long as $FILES/unpackers has no file
RUN $PBOX setup unpacker
# copy pre-built utils and tools
# note: libgtk is required for bytehist, even though it can be used in no-GUI mode
COPY --chown=$USER $FILES/utils/* $UOPT/utils/
COPY --chown=$USER $FILES/tools/* $UOPT/tools/
RUN mv $UOPT/tools/help $UOPT/tools/?
RUN wget https://github.com/packing-box/packer-masking-tool/raw/main/notpacked%2b%2b -O $UOPT/utils/notpacked++ \
&& chmod +x $UOPT/utils/notpacked++
# generate Bash completions
COPY --chown=$USER $FILES/utils/_pbox-compgen $UOPT/utils/
COPY --chown=$USER $FILES/utils/pbox-completions.json $UOPT/utils/
RUN $UOPT/utils/_pbox-compgen $UOPT/utils/pbox-completions.json -f $HOME/.bash_completion
# dirty fix to a version issue with 'unicorn'
RUN rm -rf $HOME/.local/lib/python3.*/site-packages/unicorn* \
&& uv pip uninstall unicorn \
&& uv pip install unicorn
# ----------------------------------------------------------------------------------------------------------------------
RUN find $UOPT/bin -type f -exec chmod +x {} \;
ENV UOPT=$UOPT
ENTRYPOINT $UOPT/tools/startup
WORKDIR /mnt/share