Official Faraday Docker Images
Docker
A couple weeks ago we did another post where we talked a bit about Docker.
As we had said before, we are already using Docker as a platform for testing our installation process for our product Faraday
We thought it might be useful for everyone to put together an official image of Docker. For that we are going to base our image in Ubuntu 14.10 which by default comes with Faraday, CoudbDB, and SSH all pre-configured. The username is root and the password toor.
Starting-up Faraday
root@isrlab:~/dev# docker run -t -i infobyte/faraday /root/run.sh
With this command, we start by running the container with Faraday connecting it to couchdb with a test workspace, with the name “workspace”.
Faraday is started with ./faraday.py -gui=no-gui — update without a graphic environment, it is going to start trying to update Faraday to the newest version in the github repository.
To obtain the IP direction of the container:
root@isrlab:~/dev# docker inspect $(docker ps -lq) | grep "IPAddress
"IPAddress": "172.17.0.62",Interface Web-UI:
Directing the browser to http://172.17.0.62/reports/_design/reports/index.html you will be able to access Faraday’s Web-UI.
Interface ZSH:
To start to execute commands, we can utilize the ZSH interface, to do this everyone should connect to the SSH with the username root and the password toor.
root@isrlab:~/dev# ssh root@172.17.0.62
root@172.17.0.62's password:
root@250f83a02a3a:~# cd faraday/
root@250f83a02a3a:~/faraday# ./faraday-terminal.zsh
>>> WELCOME TO FARADAY
[+] Current Workspace: workspace
[+] API: OK
[faraday](workspace) 250f83a02a3a# ping 127.0.0.1
[faraday](workspace) 250f83a02a3a# ping 127.0.0.1 >&1 > /root/.faraday/zsh/output/09cfbbb7-ab8a-44ca-9a64-9128029d8f41.output && python2 /root/.faraday/zsh/plugin_controller_client.py send_output cGluZyAxMjcuMC4wLjE= "/root/.faraday/zsh/output/09cfbbb7-ab8a-44ca-9a64-9128029d8f41.output"
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.059 ms
[faraday](workspace) 250f83a02a3a#Interface QT GUI:
To work with the QT GUI we should start running docker another way:
root@isrlab:~/dev# docker run infobyte/faraday /root/run_service.sh
In another console we should run:
To get the IP direction of the container:
root@isrlab:~/dev# docker inspect $(docker ps -lq) | grep "IPAddress
"IPAddress": "172.17.0.62",
root@isrlab:~/dev# ssh -X root@172.17.0.62
root@172.17.0.62's password:
root@250f83a02a3a:~# cd faraday/
root@250f83a02a3a:~/faraday# ./faraday.py* To execute commands, it is important to keep in mind that the tools should be installed inside of the Docker.
Importing reports:
Additionally when executing the commands, one way to incorporate information to the Faraday platform is copying the tools’ output reports.
To go about this, we need to copy, for example, output_nmap.xml to $HOME/.faraday/report/[workspace_name]
Once this has been interpreted and incorporated to the data base, the report is copied to $HOME/.faraday/report/[workspace_name]/process
This we can do by copying the reports to the containers via sftp or we can use a file sharing function between the host server and containers.
Let’s check out an example:
root@isrlab:~/dev# mkdir -p /tmp/workspace/process #We need to create a structure of the valid directoriesWe start running a container sharing the directory of the host server /tmp/workspace in /root/.faraday/report/workspace/
/root/.faraday/report/workspace/
root@isrlab:~/dev# docker run -t -i -v /tmp/workspace/:/root/.faraday/report/workspace/ infobyte/faraday /root/run.shNow we can start using the tools inside the host server and this is going to be interpreted as if it were inside the container for Faraday in the workspace called “workspace”
root@isrlab:~/dev# nmap localhost -xO /tmp/workspace/output_nmap.xmlWe are able to copy all types of reports supported by Faraday (+ 40 plugins supported) root@isrlab:~/dev# cp /root/reports/nessusscan.nessus /tmp/workspace/
We hope you thought this was helpful!
Best!
