Remove recursion

README.md

@@ -1,3 +1,5 @@
 # GNS3 Docker appliances
 
 Appliances used to build GNS3 labs.
+
+This images are freely inspired from [Chewie's](https://github.com/Chewie/gns3-docker-appliances) ones

basic_server/Dockerfile

@@ -0,0 +1,5 @@
+FROM python:3-slim
+COPY server.py /server.py
+COPY start.sh /start.sh
+EXPOSE 80
+CMD ["/bin/sh", "/start.sh"]

basic_server/build.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+sudo docker build -t pierre42100/gns3-appliance-basic-server .

basic_server/server.py

@@ -0,0 +1,25 @@
+from http.server import BaseHTTPRequestHandler, HTTPServer
+import os
+
+message = "Hello, World! Here is simple HTTP response..."
+
+if "MESSAGE" in os.environ:
+    message = os.environ["MESSAGE"]
+
+PORT = 80
+
+print(f"Will listen on port {PORT}")
+
+class handler(BaseHTTPRequestHandler):
+    def do_GET(self):
+        global message
+
+        self.send_response(200)
+        self.send_header('Content-type','text/html')
+        self.end_headers()
+
+        message = f"{message}\n"
+        self.wfile.write(bytes(message, "utf8"))
+
+with HTTPServer(('', PORT), handler) as server:
+    server.serve_forever()

basic_server/start.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+nohup python3 /server.py > /var/log/server.log 2>&1 &
+
+while true; do /bin/bash; done

dns/Dockerfile

@@ -0,0 +1,26 @@
+FROM ubuntu:24.04
+
+RUN apt-get update && \
+    apt-get install -y \
+        bind9 \
+        vim \
+        nano \
+        dnsutils \
+        tcpdump \
+        traceroute \
+        && rm -rf /var/lib/apt/lists/*
+
+RUN sed 's/include "\/etc\/bind\/named.conf.default-zones";//g' /etc/bind/named.conf
+COPY named.conf.local /etc/bind/named.conf.local
+COPY named.conf.options /etc/bind/named.conf.options
+
+COPY start.sh /start.sh
+COPY restart-bind /usr/bin
+
+RUN mkdir /etc/dns
+RUN touch /etc/dns/master.conf
+
+VOLUME /etc/dns
+
+EXPOSE 53
+CMD ["/bin/sh", "/start.sh"]

dns/README.md

@@ -0,0 +1,5 @@
+# DNS server container
+
+## Useful commands
+* `named-checkconf`: Check Bind9 configuration
+* `restart-bind`: Restart Bind9

dns/build.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+sudo docker build -t pierre42100/gns3-appliance-dns .

dns/named.conf.local

@@ -0,0 +1 @@
+include "/etc/dns/master.conf";

dns/named.conf.options

@@ -0,0 +1,32 @@
+acl "everybody" {
+        0.0.0.0/0;
+};
+
+options {
+        directory "/var/cache/bind";
+
+        // If there is a firewall between you and nameservers you want
+        // to talk to, you may need to fix the firewall to allow multiple
+        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+        // If your ISP provided one or more IP addresses for stable
+        // nameservers, you probably want to use them as forwarders.
+        // Uncomment the following block, and insert the addresses replacing
+        // the all-0's placeholder.
+
+        // forwarders {
+        //      0.0.0.0;
+        // };
+
+        //======================================================================                                                                                            ==
+        // If BIND logs error messages about the root key being expired,
+        // you will need to update your keys.  See https://www.isc.org/bind-keys
+        //======================================================================                                                                                            ==
+        dnssec-validation auto;
+
+        listen-on-v6 { any; };
+
+        //recursion yes;
+        //allow-recursion { everybody; };
+        //allow-transfer { none; };
+};

dns/restart-bind

@@ -0,0 +1,3 @@
+#!/bin/sh
+pkill named
+/usr/sbin/named -L /var/log/bind.log

dns/start.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+
+/usr/sbin/named -L /var/log/bind.log
+while true; do /bin/bash; done

host/Dockerfile

@@ -11,7 +11,11 @@ RUN apt-get update && \
         iperf3 \
         socat \
         iputils-ping \
+        dnsutils \
         tcpdump \
+        traceroute \
         && rm -rf /var/lib/apt/lists/*
 
-    CMD [ "sh", "-c", "cd; exec bash -i" ]
+COPY start.sh /start.sh
+EXPOSE 80
+CMD ["/bin/sh", "/start.sh"]

host/start.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+while true; do /bin/bash; done

renovate.json

@@ -1,3 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json"
-}

router/Dockerfile

@@ -0,0 +1,9 @@
+# As CentOS reached EOL we cannot build the image anymore
+# So we reuse the work of Chewie for our own images
+FROM chewiebeardy/gns3-router:2023
+
+RUN mv /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.orig && ln -s /etc/sysconfig/dhcpd.conf /etc/dhcp/dhcpd.conf
+
+RUN systemctl enable dhcpd
+
+CMD ["/usr/sbin/init"]

router/build.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+sudo docker build -t pierre42100/gns3-appliance-router .

vuln_rfi/Dockerfile

@@ -0,0 +1,3 @@
+FROM php:8-apache-bullseye
+COPY src /var/www/html
+EXPOSE 80

vuln_rfi/build.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+sudo docker build -t pierre42100/gns3-appliance-vuln-rfi .

vuln_rfi/src/about.txt

@@ -0,0 +1 @@
+I am an old and accustomed developer who wrote too much source code in my life...

vuln_rfi/src/home.txt

@@ -0,0 +1,3 @@
+Welcome to this strong and almost secure website!
+
+Please use the menu below to access the different parts of the application...

vuln_rfi/src/index.php

@@ -0,0 +1,22 @@
+<?php
+/**
+ * My home page
+ */
+
+$page = __DIR__."/home.txt";
+
+if(isset($_GET["page"]))
+    $page = $_GET["page"];
+
+?>
+
+<pre>
+<?php echo file_get_contents($page); ?>
+</pre>
+
+Browse my website:
+<ul>
+    <li><a href="index.php?page=home.txt">home</a></li>
+    <li><a href="index.php?page=about.txt">about</a></li>
+    <li><a href="index.php?page=privacy.txt">privacy</a></li>
+</ul>

vuln_rfi/src/privacy.txt

@@ -0,0 +1 @@
+Privacy policy: TODO