future-architect/vuls
Linux
Post on:Jul 26, 2019
Last edited: 2025-3-1
1Views
type
Post
status
Published
date
Jul 26, 2019
slug
2019/07/26/1564656214837.html
summary
future-architect/vuls
tags
工具
Linux
category
Linux
created days
new update day
icon
password
Created_time
Dec 5, 2022 08:04 AM
Last edited time
Mar 1, 2025 01:50 AM

future-architect/vuls

docker 部署

Tutorial - Scan using Docker

官方文档:https://vuls.io/docs/en/tutorial-docker.html#goval

install/update go-cve-dictionary

$ docker pull vuls/go-cve-dictionary
$ docker run  --rm  vuls/go-cve-dictionary -v

go-cve-dictionary v0.1.xxx xxxx
Bash

install/update goval-dictionary

$ docker pull vuls/goval-dictionary
$ docker run  --rm  vuls/goval-dictionary -v

goval-dictionary v0.1.xxx xxxx
Bash

install/update gost

$ docker pull vuls/gost
$ docker run  --rm  vuls/gost  -v

gost  v0.1.xxx xxxx
Bash

install/update go-exploitdb

install/update Vuls

$ docker pull vuls/vuls
$ docker run  --rm  vuls/vuls -v

vuls v0.1.xxx xxxx
Bash

Scan

Step0. Prepare Log Dir

$ cd /path/to/working/dir
$ mkdir go-cve-dictionary-log goval-dictionary-log gost-log
Bash

Step1. Fetch NVD

$ for i in `seq 2002 $(date +"%Y")`; do \\
    docker run --rm -it \\
    -v $PWD:/vuls \\
    -v $PWD/go-cve-dictionary-log:/var/log/vuls \\
    vuls/go-cve-dictionary fetchnvd -years $i; \\
  done
Bash

Step2. Fetch OVAL (e.g. redhat)

$ docker run --rm -it \\
    -v $PWD:/vuls \\
    -v $PWD/goval-dictionary-log:/var/log/vuls \\
    vuls/goval-dictionary fetch-redhat 5 6 7
Bash

Step3. Fetch gost(Go Security Tracker) (for RedHat/CentOS and Debian)

$ docker run --rm -i \\
    -v $PWD:/vuls \\
    -v $PWD/goval-log:/var/log/gost \\
    vuls/gost fetch redhat
Bash

Step4. Configuration

[servers]

[servers.c74]
host         = "54.249.93.16"
port        = "22"
user        = "vuls-user"
keyPath     = "/root/.ssh/id_rsa" # path to ssh private key in docker
Bash

Step5. Configtest

$ docker run --rm -it\\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    vuls/vuls configtest \\
    -config=./config.toml # path to config.toml in docker
Bash

Step6. Scan

$ docker run --rm -it \\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    -v /etc/localtime:/etc/localtime:ro \\
    -e "TZ=Asia/Tokyo" \\
    vuls/vuls scan \\
    -config=./config.toml # path to config.toml in docker

# If Docker Host is Debian or Ubuntu

$ docker run --rm -it \\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    -v /etc/localtime:/etc/localtime:ro \\
    -v /etc/timezone:/etc/timezone:ro \\
    vuls/vuls scan \\
    -config=./config.toml # path to config.toml in docker
Bash

Step7. Report

config.toml
[cveDict]
type = "sqlite3"
SQLite3Path = "/path/to/cve.sqlite3"

[ovalDict]
type = "sqlite3"
SQLite3Path = "/path/to/oval.sqlite3"

[gost]
type = "sqlite3"
SQLite3Path = "/path/to/gost.sqlite3"

[exploit]
type = "sqlite3"
SQLite3Path = "/path/to/go-exploitdb.sqlite3"
Bash
$ docker run --rm -it \\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    -v /etc/localtime:/etc/localtime:ro \\
    vuls/vuls report \\
    -format-short-text \\
    -config=./config.toml # path to config.toml in docker
Bash

Step8. vulsrepo

$docker run -dt \\
    -v $PWD:/vuls \\
    -p 5111:5111 \\
    vuls/vulsrepo
Bash

HTTP-Server mode

go-cve

$ docker run -dt \\
    --name go-cve-dictionary \\
    -v $PWD:/vuls \\
    -v $PWD/go-cve-dictionary-log:/var/log/vuls \\
    --expose 1323 \\
    -p 1323:1323 \\
    vuls/go-cve-dictionary server --bind=0.0.0.0
Bash

goval

$ docker run -dt \\
    --name goval-dictionary \\
    -v $PWD:/vuls \\
    -v $PWD/goval-dictionary-log:/var/log/vuls \\
    --expose 1324 \\
    -p 1324:1324 \\
    vuls/goval-dictionary server --bind=0.0.0.0
Bash

gost

$ docker run -dt \\
    --name gost \\
    -v $PWD:/vuls \\
    -v $PWD/gost-log:/var/log/gost \\
    --expose 1325 \\
    -p 1325:1325 \\
    vuls/gost server --bind=0.0.0.0
Bash

Report

[cveDict]
type = "http"
url = "<http://hostname:1323>"

[ovalDict]
type = "http"
url = "<http://hostname:1324>"

[gost]
type = "http"
url = "<http://hostname:1325>"

[exploit]
type = "http"
url = "<http://hostname:1326>"
Bash
$ docker run --rm -it \\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    vuls/vuls report  \\
    -config=./config.toml
Bash

下载文件

$ sudo yum -y install sqlite git gcc make wget
$ wget wget <https://dl.google.com/go/go1.12.7.linux-amd64.tar.gz>
$ sudo tar -C /usr/local -xzf go1.12.7.linux-amd64.tar.gz
$ mkdir $HOME/go
Bash

将下面几行导入到 /etc/profile.d/goenv.sh 文件中

export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
Bash

刷新一下配置文件

$ source /etc/profile.d/goenv.sh
Bash

部署 go-cve-dictionary

$ sudo mkdir /var/log/vuls
$ useradd centos
$ sudo chown centos /var/log/vuls
$ sudo chmod 700 /var/log/vuls
$ mkdir -p $GOPATH/src/github.com/kotakanbe
$ cd $GOPATH/src/github.com/kotakanbe
$ git clone <https://github.com/kotakanbe/go-cve-dictionary.git>
$ cd go-cve-dictionary
$ make install
``` -->
Bash
 
欢迎加入喵星计算机技术研究院,原创技术文章第一时间推送。
notion image
 
Relate Posts
2025-03-06
EtherCAT 主站 IgH 学习之 —— xenomai_posix 例程代码学习
2025-03-04
如何在Debian 11上手动编译安装AMD XGBE 10GB网卡驱动
2025-02-28
内核源码中为什么会存在同一个函数的多重定义?什么是符号的强弱性?
2025-02-28
SET_NETDEV_DEV 宏详解
2025-03-06
【转载】EtherCAT主站IgH解析(一)--主站初始化、状态机与EtherCAT报文 - 沐多 - 博客园
2025-02-24
Kernel configuration :: Xenomai 3
docker 批量删除无用容器与镜像命令Git 常用命令
Catalog
0%
tangcuyu
tangcuyu
一只尘世中努力争渡的🐠