Skip to content

Commit 23f486d

Browse files
msutovsky-r7msutovsky-r7
committed
Updates docs
1 parent 7196786 commit 23f486d

File tree

2 files changed

+120
-0
lines changed

2 files changed

+120
-0
lines changed

documentation/modules/auxiliary/scanner/http/pretalx_file_read_cve_2023_28459.md

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,66 @@ Pretalx is a web-based conference planning tool, used to manage call for paper s
55
Installation steps:
66

77
1. `git clone https://github.com/pretalx/pretalx-docker.git`
8+
1. Change content of `Dockerfile`:
9+
```
10+
FROM python:3.10-bookworm
11+
12+
RUN apt-get update && \
13+
apt-get install -y git gettext libmariadb-dev libpq-dev locales libmemcached-dev build-essential \
14+
supervisor \
15+
sudo \
16+
locales \
17+
--no-install-recommends && \
18+
apt-get clean && \
19+
rm -rf /var/lib/apt/lists/* && \
20+
dpkg-reconfigure locales && \
21+
locale-gen C.UTF-8 && \
22+
/usr/sbin/update-locale LANG=C.UTF-8 && \
23+
mkdir /etc/pretalx && \
24+
mkdir /data && \
25+
mkdir /public && \
26+
groupadd -g 999 pretalxuser && \
27+
useradd -r -u 999 -g pretalxuser -d /pretalx -ms /bin/bash pretalxuser && \
28+
echo 'pretalxuser ALL=(ALL) NOPASSWD:SETENV: /usr/bin/supervisord' >> /etc/sudoers
29+
30+
ENV LC_ALL=C.UTF-8
31+
32+
33+
COPY pretalx/pyproject.toml /pretalx
34+
COPY pretalx/src /pretalx/src
35+
COPY deployment/docker/pretalx.bash /usr/local/bin/pretalx
36+
COPY deployment/docker/supervisord.conf /etc/supervisord.conf
37+
38+
RUN pip3 install -U pip setuptools wheel typing && \
39+
pip3 install -e /pretalx/[mysql,postgres,redis] && \
40+
pip3 install pylibmc && \
41+
pip3 install gunicorn && \
42+
chmod -R 777 /public
43+
44+
45+
RUN python3 -m pretalx makemigrations
46+
RUN python3 -m pretalx migrate
47+
48+
RUN apt-get update && \
49+
apt-get install -y curl && \
50+
curl -fsSL https://deb.nodesource.com/setup_20.x | bash - && \
51+
apt install nodejs npm && \
52+
apt-get clean && \
53+
rm -rf /var/lib/apt/lists/* && \
54+
python3 -m pretalx rebuild
55+
56+
RUN chmod +x /usr/local/bin/pretalx && \
57+
cd /pretalx/src && \
58+
rm -f pretalx.cfg && \
59+
chown -R pretalxuser:pretalxuser /pretalx /data /public && \
60+
rm -f /pretalx/src/data/.secret
61+
62+
USER pretalxuser
63+
VOLUME ["/etc/pretalx", "/data", "/public"]
64+
EXPOSE 80
65+
ENTRYPOINT ["pretalx"]
66+
CMD ["all"]
67+
```
868
1. Change content of `docker-compose.yml` to following:
969
```
1070
services:

documentation/modules/exploit/linux/http/pretalx_rce_cve_2023_28458.md

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,66 @@ Pretalx is a web-based conference planning tool, used to manage call for paper s
55
Installation steps:
66

77
1. `git clone https://github.com/pretalx/pretalx-docker.git`
8+
1. Change content of `Dockerfile`:
9+
```
10+
FROM python:3.10-bookworm
11+
12+
RUN apt-get update && \
13+
apt-get install -y git gettext libmariadb-dev libpq-dev locales libmemcached-dev build-essential \
14+
supervisor \
15+
sudo \
16+
locales \
17+
--no-install-recommends && \
18+
apt-get clean && \
19+
rm -rf /var/lib/apt/lists/* && \
20+
dpkg-reconfigure locales && \
21+
locale-gen C.UTF-8 && \
22+
/usr/sbin/update-locale LANG=C.UTF-8 && \
23+
mkdir /etc/pretalx && \
24+
mkdir /data && \
25+
mkdir /public && \
26+
groupadd -g 999 pretalxuser && \
27+
useradd -r -u 999 -g pretalxuser -d /pretalx -ms /bin/bash pretalxuser && \
28+
echo 'pretalxuser ALL=(ALL) NOPASSWD:SETENV: /usr/bin/supervisord' >> /etc/sudoers
29+
30+
ENV LC_ALL=C.UTF-8
31+
32+
33+
COPY pretalx/pyproject.toml /pretalx
34+
COPY pretalx/src /pretalx/src
35+
COPY deployment/docker/pretalx.bash /usr/local/bin/pretalx
36+
COPY deployment/docker/supervisord.conf /etc/supervisord.conf
37+
38+
RUN pip3 install -U pip setuptools wheel typing && \
39+
pip3 install -e /pretalx/[mysql,postgres,redis] && \
40+
pip3 install pylibmc && \
41+
pip3 install gunicorn && \
42+
chmod -R 777 /public
43+
44+
45+
RUN python3 -m pretalx makemigrations
46+
RUN python3 -m pretalx migrate
47+
48+
RUN apt-get update && \
49+
apt-get install -y curl && \
50+
curl -fsSL https://deb.nodesource.com/setup_20.x | bash - && \
51+
apt install nodejs npm && \
52+
apt-get clean && \
53+
rm -rf /var/lib/apt/lists/* && \
54+
python3 -m pretalx rebuild
55+
56+
RUN chmod +x /usr/local/bin/pretalx && \
57+
cd /pretalx/src && \
58+
rm -f pretalx.cfg && \
59+
chown -R pretalxuser:pretalxuser /pretalx /data /public && \
60+
rm -f /pretalx/src/data/.secret
61+
62+
USER pretalxuser
63+
VOLUME ["/etc/pretalx", "/data", "/public"]
64+
EXPOSE 80
65+
ENTRYPOINT ["pretalx"]
66+
CMD ["all"]
67+
```
868
1. Change content of `docker-compose.yml` to following:
969
```
1070
services:

0 commit comments

Comments
 (0)