Immunity Canvas docker搭建

前言:docker 容器来自 gotoeasy 的docker-ubuntu:18.04-vnc版 进行的二开
感谢 飞蓬 转载提供的 Immunity Canvas压缩包 2emu / hacker1961
感谢 NorahC_IV 潇湘信安 WgpSec 提供的技术支持 (排名不分先后)

生成容器 🚀

屏幕参数等 请参考 :docker-ubuntu-desktop

Inter x86

docker run -d \
-p 55900:5900 \
-p 55022:22 \
-p 4445:4445 \
-p 4446:4446 \
-e PASSWD=123456 \
--name canvas \
--hostname canvas \
registry.cn-hangzhou.aliyuncs.com/xrsec/canvas:latest
docker run -d \
-p 55900:5900 \
-p 55022:22 \
-p 4445:4445 \
-p 4446:4446 \
-e PASSWD=123456 \
--name canvas \
--hostname canvas \
xrsec/canvas:latest

Arm

docker run -d \
-p 55900:5900 \
-p 55022:22 \
-p 4445:4445 \
-p 4446:4446 \
-e PASSWD=123456 \
--name canvas \
--hostname canvas \
registry.cn-hangzhou.aliyuncs.com/xrsec/canvas:Arm

启动

echo -e '#!/bin/sh
python /canvas/runcanvas.py
' > ~/Desktop/canvas
chmod 755 ~/Desktop/canvas

IP数据库

暂时未收集,需要单独下载

Dockerfile 💻

Inter x86

# 基础镜像
FROM gotoeasy/ubuntu-desktop:latest
# 维护者信息
MAINTAINER xrsec <www.zygd.site> by gotoeasy <gotoeasy@163.com>

COPY canvas /canvas

COPY sources.list /etc/apt/sources.list
RUN mkdir /root/.pip
COPY pip.conf /root/.pip/

RUN apt-get update \
&& apt install -y python-pip \
&& apt install -y gtk2.0 \
&& apt install -y python-glade2 \
&& apt install -y python-nacl python-bcrypt \
&& pip install pycrypto \
&& pip install pyasn1 \
&& pip install diskcache==4.1.0 \
&& pip install asn1tools \
&& apt install -y python-pycurl \
&& apt install -y libcanberra-gtk-module \
&& pip install pycurl \
&& pip install requests \
&& pip install pygame==1.9.2 \
&& /bin/chmod 777 /canvas/installer/linux_installer.sh \
&& /bin/echo -e "\n\n\n\n" | /canvas/installer/linux_installer.sh

# 导出特定端口
EXPOSE 22 5900 3389

# 启动脚本
CMD ["/root/startup.sh"]

Arm

# 基础镜像
FROM ubuntu:18.04
# 维护者信息
MAINTAINER xrsec <www.zygd.site> by gotoeasy <gotoeasy@163.com>

# 环境变量
ENV DEBIAN_FRONTEND=noninteractive \
SIZE=1600x840 \
PASSWD=123456 \
TZ=Asia/Shanghai \
LANG=zh_CN.UTF-8 \
LC_ALL=${LANG} \
LANGUAGE=${LANG}

USER root
WORKDIR /root

# 设定密码
RUN echo "root:$PASSWD" | chpasswd

RUN apt update && apt install -y apt-transport-https ca-certificates

# canvas
COPY canvas /canvas

COPY sources.list /etc/apt/sources.list
RUN mkdir /root/.pip
COPY pip.conf /root/.pip/

# 安装
RUN apt-get -y update && \
# tools
apt-get install -y wget curl net-tools locales bzip2 unzip iputils-ping traceroute firefox firefox-locale-zh-hans ttf-wqy-microhei gedit ibus-pinyin && \
locale-gen zh_CN.UTF-8 && \
# ssh
apt-get install -y openssh-server && \
mkdir -p /var/run/sshd && \
sed -ri 's/^#?PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config && \
sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config && \
mkdir -p /root/.ssh && \
# TigerVNC
apt install tigervnc-common && \
mkdir -p /root/.vnc && \
echo $PASSWD | vncpasswd -f > /root/.vnc/passwd && \
chmod 600 /root/.vnc/passwd && \
# xfce
apt-get install -y xfce4 xfce4-terminal && \
apt-get purge -y pm-utils xscreensaver* && \
# xrdp
apt-get install -y xrdp && \
echo "xfce4-session" > ~/.xsession && \
# clean
apt-get -y clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# 配置xfce图形界面
ADD ./xfce/ /root/

# 创建脚本文件
RUN echo "#!/bin/bash\n" > /root/startup.sh && \
# 修改密码
echo 'if [ $PASSWD ] ; then' >> /root/startup.sh && \
echo ' echo "root:$PASSWD" | chpasswd' >> /root/startup.sh && \
echo ' echo $PASSWD | vncpasswd -f > /root/.vnc/passwd' >> /root/startup.sh && \
echo 'fi' >> /root/startup.sh && \
# SSH
echo "/usr/sbin/sshd -D & source /root/.bashrc" >> /root/startup.sh && \
# VNC
echo 'vncserver -kill :0' >> /root/startup.sh && \
echo "rm -rfv /tmp/.X*-lock /tmp/.X11-unix" >> /root/startup.sh && \
echo 'vncserver :0 -geometry $SIZE' >> /root/startup.sh && \
echo 'tail -f /root/.vnc/*:0.log' >> /root/startup.sh && \
# 可执行脚本
chmod +x /root/startup.sh

# 用户目录不使用中文
RUN LANG=C xdg-user-dirs-update --force

# canvas
RUN apt-get update \
&& apt install -y python-pip \
&& apt install -y gtk2.0 \
&& apt install -y python-glade2 \
&& apt install -y python-nacl python-bcrypt \
&& pip install pycrypto \
&& pip install pyasn1 \
&& pip install diskcache==4.1.0 \
&& pip install asn1tools \
&& apt install -y python-pycurl \
&& apt install -y libcanberra-gtk-module \
&& pip install pycurl \
&& pip install requests \
&& pipinstall pygame==1.9.2 \
&& /bin/chmod 777 /canvas/installer/linux_installer.sh \
&& /bin/echo -e "\n\n\n\n" | /canvas/installer/linux_installer.sh

# 导出特定端口
EXPOSE 22 5900 3389

# 启动脚本
CMD ["/root/startup.sh"]

Bugs ❌

  • 可能会遇见奇怪的bugs 重新下载在解压即可

  • docker 没有 root-->/canvas/canvas/installer/linux_installer.sh

    AS_USER="sudo -u $SUDO_USER" >> AS_USER=""
    AS_USER="sudo" >> AS_USER=""
    $AS_USER "PATH=$VIRTUAL_ENV/bin:$PATH" libtoolize --force >>
    PATH="$VIRTUAL_ENV/bin:$PATH" libtoolize --force
  • pygame==1.9.2

  • 注意端口开放问题

  • Email : [troy@zygd.site](mailto:troy@zygd.site?Subject=%5BImmunity Canvas搭建问题%5D&)