備忘録/にわかエンジニアが好きなように書く

個人的にとりあえず仕組みを知るためにとりあえず動くまで構築や動作をみただけの単なる操作ログです。個人用の備忘録となり、最新の導入手順は個別に確認してください。 ※変な内容や間違いを書いているなどありましたらコメントやご指摘いただけると幸いです。

Faraday@community versionの脆弱性管理ツールの起動(Docker版)

 

Faraday@community versionの導入

導入参考サイト

Installation Docker · infobyte/faraday Wiki · GitHub

Official Faraday Docker Images ~ Infobyte Security Research Labs

 

導入概要

Faradayで診断ツールのレポートの可視化を行いたいので、ホスト側ディレクトリをコンテナのディレクトリにマウントさせる。

(コマンドは参考サイト"Official Faraday Docker Images "より)

root@isrlab:~/dev# docker run -t -i -v /tmp/workspace/:/root/.faraday/report/workspace/ infobyte/faraday /root/run.sh

このコマンドを実行するとTracebackが表示されfaradayは起動しなかったが。

 

faradayの起動用スクリプト実行中に、対話形式の入力が必要となる個所があるため、Dockerをバックグラウンドで実行させていない。

 

Faradayをコンテナで起動@失敗

参考コマンドをベースに接続ポートを追加して、シェル実施中にTracebackが出力されて正常に動かなかった。

ほかの人の設定や起動事例を参考にするかぎり、特に何もせずに起動できているが、Dockerコンテナ起動後にコンテナ内にPythonライブラリ追加とパッケージ追加するとこによって正常に動いた。

#パッケージで入れた場合に依存関係やPythonのライブラリが不足していてエラー多発やTracebackが発生していたので同様の方法で実施してみた。

スクリプト実行

実施できない原因がシェルなのかdocker起動方法なのか、いろいろと調べたいが、取っ掛かりのシェルがよくわからないので後回し。

恐らくPythonのライブラリ不足なのかもしれない??

docker停止は、別セッションからプロセス停止/削除を行う。

[root@server02 ~]# docker run -v $(pwd):/root/.faraday/report/workspace/ -p 5985:5985 -t -i infobyte/faraday /root/run.sh
* Starting OpenBSD Secure Shell server sshd [ OK ]
* Couchdb started
Already up-to-date.
Requirement already satisfied: couchdbkit>=0.6.5 in /usr/local/lib/python2.7/dist-packages (from -r requirements.txt (line 1))
Requirement already satisfied: mockito>=1.0.12 in /usr/local/lib/python2.7/dist-packages (from -r requirements.txt (line 2))
Requirement already satisfied: whoosh>=2.7.4 in /usr/local/lib/python2.7/dist-packages (from -r requirements.txt (line 3))

~省略~

Requirement already satisfied: asn1crypto>=0.21.0 in /usr/local/lib/python2.7/dist-packages (from cryptography>=2.1.4->pyopenssl>=17.2.0->-r requirements_server.txt (line 7))
Requirement already satisfied: ipaddress; python_version < "3" in /root/.local/lib/python2.7/site-packages (from cryptography>=2.1.4->pyopenssl>=17.2.0->-r requirements_server.txt (line 7))
Requirement already satisfied: pycparser in /root/.local/lib/python2.7/site-packages (from cffi>=1.7; platform_python_implementation != "PyPy"->cryptography>=2.1.4->pyopenssl>=17.2.0->-r requirements_server.txt (line 7))
2018-02-02 12:18:15,255 - faraday-server.__main__ - INFO - Checking dependencies...
Do you want to install them? [y/N] Traceback (most recent call last):
File "./faraday-server.py", line 138, in <module>
main()
File "./faraday-server.py", line 121, in main
setup_environment(not args.nodeps)
File "./faraday-server.py", line 35, in setup_environment
install_deps = query_yes_no("Do you want to install them?", default="no")
File "/root/faraday/utils/user_input.py", line 33, in query_yes_no
choice = raw_input().lower()
EOFError: EOF when reading a line
Dockerプロセス確認

問題なくコンテナとしてはupとなっている

[root@server02 ~]# docker ps -a
CONTAINER ID IMAGE       COMMAND     CREATED     STATUS     PORTS     NAMES
94cf69f35a41 infobyte/faraday "/root/run.sh" 37 minutes ago Up 37 minutes 0.0.0.0:5985->5985/tcp hopeful_mclean

Faradayをコンテナで起動@成功

実行シェルを変更して実施するとWeb画面が確認できた。

スクリプト実行

実施中に入力[ y/N ]を求められる個所が出てくる。

"N" : faradayが起動する  ※yを入力した場合は下記参考

[root@server02 ~]# docker run -v $(pwd):/root/.faraday/report/workspace/ -p 5985:5985 -t -i infobyte/faraday /root/run_service.sh
* Starting OpenBSD Secure Shell server sshd [ OK ]
* Couchdb started
Already up-to-date.
Requirement already satisfied: couchdbkit>=0.6.5 in /usr/local/lib/python2.7/dist-packages (from -r requirements.txt (line 1))
Requirement already satisfied: mockito>=1.0.12 in /usr/local/lib/python2.7/dist-packages (from -r requirements.txt (line 2))
Requirement already satisfied: whoosh>=2.7.4 in /usr/local/lib/python2.7/dist-packages (from -r requirements.txt (line 3))
Requirement already satisfied: IPy>=0.83 in /usr/local/lib/python2.7/dist-packages (from -r requirements.txt (line 4))
Requirement already satisfied: restkit>=4.2.2 in /usr/local/lib/python2.7/dist-packages (from -r requirements.txt (line 5))

~省略~

Requirement already satisfied: asn1crypto>=0.21.0 in /usr/local/lib/python2.7/dist-packages (from cryptography>=2.1.4->pyopenssl>=17.2.0->-r requirements_server.txt (line 7))
Requirement already satisfied: ipaddress; python_version < "3" in /root/.local/lib/python2.7/site-packages (from cryptography>=2.1.4->pyopenssl>=17.2.0->-r requirements_server.txt (line 7))
Requirement already satisfied: pycparser in /root/.local/lib/python2.7/site-packages (from cffi>=1.7; platform_python_implementation != "PyPy"->cryptography>=2.1.4->pyopenssl>=17.2.0->-r requirements_server.txt (line 7))
2018-02-02 11:52:26,362 - faraday-server.__main__ - INFO - Checking dependencies...
Do you want to install them? [y/N] N
2018-02-02 11:52:28,784 - faraday-server.__main__ - ERROR - Dependencies not met. Please refer to the documentation in order to install them. [requests]
2018-02-02 11:52:28,784 - faraday-server.__main__ - INFO - Dependencies met
2018-02-02 11:52:29,099 - faraday-server.server.importer - INFO - Setting up workspace example
2018-02-02 11:52:29,194 - faraday-server.server.importer - INFO - Setting up workspace workspace
2018-02-02 11:52:29,445 - faraday-server.__main__ - INFO - Faraday Server is ready

 

Y : 何かをダウンロードして追加してシェルが終了する。

その後、もう一度"run_service.sh"を実行させ、Nを入力すると起動する。

Do you want to install them? [y/N] y
/usr/local/lib/python2.7/dist-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning.
SNIMissingWarning
/usr/local/lib/python2.7/dist-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Requirement already up-to-date: requests in /usr/local/lib/python2.7/dist-packages
Requirement already up-to-date: idna<2.7,>=2.5 in /usr/local/lib/python2.7/dist-packages (from requests)
Requirement already up-to-date: urllib3<1.23,>=1.21.1 in /usr/local/lib/python2.7/dist-packages (from requests)
Collecting certifi>=2017.4.17 (from requests)
Downloading certifi-2018.1.18-py2.py3-none-any.whl (151kB)
100% |################################| 153kB 1.0MB/s
Requirement already up-to-date: chardet<3.1.0,>=3.0.2 in /usr/local/lib/python2.7/dist-packages (from requests)
Installing collected packages: certifi
Successfully installed certifi-2018.1.18
2018-02-03 15:08:19,262 - faraday-server.__main__ - INFO - Dependencies installed. Please launch Faraday Server again.
[root@server02 ~]#

 

ブラウザからの接続確認

ブラウザからFaradayのダッシュボードにアクセスしてみる。

OWASP DefectDojoの画面と違って、レイアウトは崩れてはいなかった。

URL:http://アドレス>:5985/_ui/

f:id:pocket01:20180202215230p:plain

 

 ダッシュボートでのワークスペース選択画面

f:id:pocket01:20180202220748p:plain

※dockerバージョンでは、workspaceがすでに作られていることが分かる。

 

ワークスペースのダッシュボード画面(サンプル版)

f:id:pocket01:20180202220910p:plain