Docker Implementation of a Vagrant/Vbox setup for CodePath
-
For Mac OSX
- Using the installer at this link installs all the components necessary for this exercise.
- Ensure python3 is installed if the usage of modifyCompose CLI app is desired.
-
For Windows
- The installer at this link includes all the necessary components.
- Ensure python3 is installed if the usage of modifyCompose CLI app is desired.
-
For Linux Distros
- Follow the distro specific instructions for the Docker Engine and for Docker Compose.
- There is no GUI included for Linux, and if needed install Portainer, an open source application which can help view and manage containers.
- Ensure python3 is installed if the usage of modifyCompose CLI app is desired.
Build the image for Kali and make a folder to bind to the Wordpress container
NOTE
- Windows has build kit enabled by default on newer installs, in such cases the env var
DOCKER_BUILDKIT=1can be skipped. - Install the latest python3 to use the wordpress version change CLI App.
git clone https://github.com/0xrutvij/wpVSkali.git
DOCKER_BUILDKIT=1 docker compose build
mkdir wpFolder-
docker compose up -d ID=$(docker ps -a | grep kaliCP | gawk '{print $1}') && docker exec -it $ID bash
On Windows the second command changes to
cmd.exe /c "for /F `"tokens=1`" %a in ('docker ps -a ^| findstr kaliCP') do docker exec -it %a bash" -
Second command opens a terminal with root privileges on Kali Linux and has the same network accessibility as the host machine.
-
Both on the host machine and on the Kali terminal, the WordPress website is accessible at http://localhost:8080
-
Note to self: xargs doesn't work with docker exec since it doesn't allocate a tty for the piped input, thus usage of a shell variable is necessary.
-
Type
exitto exit the Kali bash shell and to shutdown all running containers use,docker compose down
-
This command removes all the containers and the network created. All named volumes are retained and they provide persistence.
-
For changing WordPress versions, use the modifyCompose.py script, usage is as follows Install the requirements file for python3 before proceeding
pip3 install -r requirements.txtModify Compose File. Usage: modifyCompose.py [--wordpress=<ver>] [--wpPort=<port>] modifyCompose.py (-h | --help) modifyCompose.py (-v | --version) modifyCompose.py (--listWpVer) Options: -h --help Show this screen. -v --version Show version. --wordpress=<ver> Wordpress version to use [default: latest]. --wpPort=<port> Port at which the Wordpress website is served [default: 8080]. --listWpVer List Wordpress versions available.
- To change the version use (replace 4.1.0 with the version needed) and follow the prompts.
python3 modifyCompose.py --wordpress=4.1.0
- To change the port at which WP is served use and follow the prompts.
python3 modifyCompose.py --wpPort=8080
- To list the WP versions available on Docker Hub.
python3 modifyCompose.py --listWpVer
- To return the version to latest and port mapping to default and follow the prompts.
python3 modifyCompose.py
- To change the version use (replace 4.1.0 with the version needed) and follow the prompts.
-
When changing the version of WordPress, the db name volume needs to be removed and then the folder, 'wpFolder' should be emptied using -
WordPress version can be changed by editing the docker-compose.yml file, and the tag for WordPress image -
WordPress Time Machine - Recreating Image Upload Vuln. in WP 4.1
- Screenshot 1
- Screenshot 2
NOTE
For WordPress to create a correct bind-mount, ensure that the folder containing its compose file has a directory named 'wpFolder'
- Screenshot 1
- Link 1
- ... Add others ...
NOTE: Tick off as done [ ] -> [x]
-
Create a
MakefileCLI App to clean the wpFolder and remove the named volume whenever the user wishes (i.e. allowing easy change of WP versions) -
Cross-Platform compatibility ~ Testing on Windows
-
Testing Lab from Week 8 - Metasploit on Kali.
-
Push image to Docker Hub and reduce build times on user end. Specifically the Kali image since it is static once built.
-
Instructions for localhost:8080 to be mapped to a hostname, links for ideas (might require reverse-proxying with nginx?)
-
A more robust networking interface between Kali and WordPress (i.e. Kali doesn't need host networking as it does now) or use a docker dns proxy, links for ideas and caveats.