Checkpoint 10.5.1.
What’s for lunch?
Dockerfile
to see just how easy it is to slip something malicious into the image:
FROM php:apache COPY shell.php /var/www/html/shell.php COPY index.php /var/www/html/index.php
shell.php
is a shell written in PHP that will execute with the permissions of the web server. This means it will be able to read and write (but not overwrite) in the /var/www/html directory.
github.com/pearcej/security-malicious
github.com/rxt1077/it230/raw/main/labs/malicious.zip
malicious
by running docker build -t malicious .
, but don’t forget the .
at the end!
PS C:\Users\rxt1077\it230\labs\malicious> docker build -t malicious . (1) [+] Building 32.4s (8/8) FINISHED => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 134B 0.0s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [internal] load metadata for docker.io/library/php:apache 32.2s => [1/3] FROM docker.io/library/php:apache@sha256:f1c5dba2a2981f91ec31b9596d4165acd0b46e58382e47622487e130a21e420d 0.0s => [internal] load build context 0.0s => => transferring context: 61B 0.0s => CACHED [2/3] COPY shell.php /var/www/html/shell.php 0.0s => CACHED [3/3] COPY index.php /var/www/html/index.php 0.0s => exporting to image 0.1s => => exporting layers 0.0s => => writing image sha256:e1dc75a91b2e269091069b1e3406a496b4bbfd95b066f970062ea8b3a74d8368 0.0s => => naming to docker.io/library/malicious
malicious
image and forward local port 8080 to port 80 in the container by running docker run -p 8080:80 malicious
.
0.0s PS C:\Users\rxt1077\it230\labs\malicious> docker run -p 8080:80 malicious (2) AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message [Wed Jul 13 02:25:57.082000 2022] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.54 (Debian) PHP/8.1.8 configured -- resuming normal operations [Wed Jul 13 02:25:57.082089 2022] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
https://silly-name-jjxwj676vgc5j75-8080.app.github.dev/
to open a new tab in your browser to see see the default web page. Note that may get a warning from Github that "You are about to access a development port served by someone else’s codespace." If you do, you will need to click "Continue" to proceed to the page.
localhost:8080