0%

docker部署xunfeng(巡风)

安装系统后基本设置

xunfeng(巡风)用作内网漏洞扫描实乃良心之作,项目地址:https://github.com/ysrc/xunfeng

下面内容使用ubuntu纯粹是为了让不太熟悉Linux命令的人方便更改ip。接下来一些列操作是在虚拟机中安装完ubuntu18.04之后进行的。

配置国内更新源

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# 判断ubuntu版本,如下是18.04
redcat8850@neusoft-xunfeng-machine:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.5 LTS
Release: 18.04
Codename: bionic
# 修改Ubuntu源
redcat8850@neusoft-xunfeng-machine:~$ cp /etc/apt/sources.list ~
redcat8850@neusoft-xunfeng-machine:~$ sudo vi /etc/apt/sources.list
# 添加如下内容
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
1
2
3
# 更新系统
redcat8850@neusoft-xunfeng-machine:~$ sudo apt-get update
redcat8850@neusoft-xunfeng-machine:~$ sudo apt-get upgrade

安装好Ubuntu18.04之后开启ssh服务。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
redcat8850@neusoft-xunfeng-machine:~$ sudo apt-get install net-tools openssh-server
redcat8850@neusoft-xunfeng-machine:~$ sudo netstat -nlutp
激活Internet连接 (仅服务器)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 442/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 862/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 771/cupsd
tcp6 0 0 :::22 :::* LISTEN 862/sshd
tcp6 0 0 ::1:631 :::* LISTEN 771/cupsd
udp 0 0 127.0.0.53:53 0.0.0.0:* 442/systemd-resolve
udp 0 0 0.0.0.0:68 0.0.0.0:* 871/dhclient
udp 0 0 0.0.0.0:631 0.0.0.0:* 810/cups-browsed
udp 0 0 0.0.0.0:5353 0.0.0.0:* 773/avahi-daemon: r
udp 0 0 0.0.0.0:38124 0.0.0.0:* 773/avahi-daemon: r
udp6 0 0 :::47385 :::* 773/avahi-daemon: r
udp6 0 0 :::5353 :::* 773/avahi-daemon: r
1
2
3
# 如果没有看到SSH用的22号端口打开,请使用如下命令启动ssh服务
redcat8850@neusoft-xunfeng-machine:~$ sudo systemctl restart ssh
[ ok ] Restarting ssh (via systemctl): ssh.service.

安装Docker和配置

安装Docker和Docker-compose

1
2
3
4
5
6
7
8
9
10
# 使apt-get允许使用https源
redcat8850@neusoft-xunfeng-machine:~$ sudo apt install apt-transport-https ca-certificates curl software-properties-common
# 添加阿里GPG秘钥
redcat8850@neusoft-xunfeng-machine:~$ curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
# 添加阿里Docker源
redcat8850@neusoft-xunfeng-machine:~$ sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
# 安装Docker和Docker-compose
redcat8850@neusoft-xunfeng-machine:~$ sudo apt install -y docker-ce docker-compose
# 查看Docker版本
redcat8850@neusoft-xunfeng-machine:~$ docker --version

配置国内Docker加速

1
2
3
4
5
6
7
8
9
# 其实还是推荐使用阿里的Docker加速
redcat8850@neusoft-xunfeng-machine:~$ sudo vi /etc/docker/daemon.json
{
"registry-mirrors": ["http://hub-mirror.c.163.com"]
}
# 必须重启服务后才能生效
redcat8850@neusoft-xunfeng-machine:~$ sudo systemctl daemon-reload
redcat8850@neusoft-xunfeng-machine:~$ sudo systemctl restart docker
redcat8850@neusoft-xunfeng-machine:~$ sudo systemctl status docker

安装巡风

克隆巡风源码

我为了让速度快点,事先把xunfeng克隆到了码云上。

1
redcat8850@neusoft-xunfeng-machine:~$ git clone https://gitee.com/redcat8850/xunfeng.git

克隆完成之后需要修改本地代码否则报错

使用docker build将xunfeng(巡风)docker镜像化的时候各种pip更新安装报错做了如下修改和调整。

其实更改也就集中在前几行,可以解决报错的问题,请大家自行比对更改。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
redcat8850@neusoft-xunfeng-machine:~$ cd xunfeng/
redcat8850@neusoft-xunfeng-machine:~/xunfeng$ vi Dockerfile
FROM ubuntu:16.04 # 更改为ubuntu1604基础镜像
MAINTAINER Medici.Yan@Gmail.com
ENV LC_ALL C.UTF-8
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

# apt and pip mirrors

COPY ./sources.list /etc/apt/sources.list # 需要在xunfeng目录里事先创建sources.list文件
RUN mkdir -p ~/.pip \ # 并且在其中复制阿里ubuntu1604源配置
&& echo "[global]" > ~/.pip/pip.conf \ # 这里我就不演示创建sources.list文件了
&& echo "timeout=60" >> ~/.pip/pip.conf \
&& echo "index-url = https://pypi.tuna.tsinghua.edu.cn/simple" >> ~/.pip/pip.conf

# RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \

生成镜像和创建容器

1
2
redcat8850@neusoft-xunfeng-machine:~/xunfeng$ sudo docker build -t xunfeng:20200807 .
redcat8850@neusoft-xunfeng-machine:~/xunfeng$ sudo docker run -d -p 8000:80 -v /opt/data:/data xunfeng:20200807

设置容器跟随系统自启动

1
2
3
4
5
6
7
# 查看容器ID
redcat8850@neusoft-xunfeng-machine:~$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
86072d786467 xunfeng:20200807 "/opt/xunfeng/docker…" 36 minutes ago Up 36 minutes 0.0.0.0:8000->80/tcp suspicious_hugle
# 指定容器ID跟随系统启动
redcat8850@neusoft-xunfeng-machine:~$ sudo docker update --restart=always 86072d786467
86072d786467

尝试登陆巡风

使用浏览器打开:http://UbuntuIP:8000

username:admin

password:xunfeng321

后记

补上创建sources.list

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
redcat8850@neusoft-xunfeng-machine:~$ cd xunfeng
redcat8850@neusoft-xunfeng-machine:~/xunfeng$ vi sources.list
deb http://mirrors.aliyun.com/ubuntu/ xenial main
deb-src http://mirrors.aliyun.com/ubuntu/ xenial main

deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main

deb http://mirrors.aliyun.com/ubuntu/ xenial universe
deb-src http://mirrors.aliyun.com/ubuntu/ xenial universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates universe

deb http://mirrors.aliyun.com/ubuntu/ xenial-security main
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main
deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security universe

如果我把容器搞的乱七八糟怎么办?

1
2
3
4
5
6
7
8
9
# 停止容器
docker stop <容器 ID>
# 查看要删除的容器ID
docker ps -a
# 删除容器
docker rm -f <容器 ID>
# 重新创建容器,所有设置都将丢失。
sudo docker image ls
sudo docker run -d -p 8000:80 -v /opt/data:/data xunfeng:20200807