future-architect/vuls
Linux
发布于:2019-7-26
最后更新: 2023-10-22
次查看
type
Post
status
Published
slug
2019/07/26/1564656214837.html
summary
future-architect/vuls
tags
工具
Linux
category
Linux
icon
password
new update day
Property
Oct 22, 2023 01:31 PM
created days
Last edited time
Oct 22, 2023 01:31 PM

future-architect/vuls

docker 部署

Tutorial - Scan using Docker

官方文档:https://vuls.io/docs/en/tutorial-docker.html#goval

install/update go-cve-dictionary

$ docker pull vuls/go-cve-dictionary
$ docker run  --rm  vuls/go-cve-dictionary -v

go-cve-dictionary v0.1.xxx xxxx

install/update goval-dictionary

$ docker pull vuls/goval-dictionary
$ docker run  --rm  vuls/goval-dictionary -v

goval-dictionary v0.1.xxx xxxx

install/update gost

$ docker pull vuls/gost
$ docker run  --rm  vuls/gost  -v

gost  v0.1.xxx xxxx

install/update go-exploitdb

install/update Vuls

$ docker pull vuls/vuls
$ docker run  --rm  vuls/vuls -v

vuls v0.1.xxx xxxx

Scan

Step0. Prepare Log Dir

$ cd /path/to/working/dir
$ mkdir go-cve-dictionary-log goval-dictionary-log gost-log

Step1. Fetch NVD

$ for i in `seq 2002 $(date +"%Y")`; do \\
    docker run --rm -it \\
    -v $PWD:/vuls \\
    -v $PWD/go-cve-dictionary-log:/var/log/vuls \\
    vuls/go-cve-dictionary fetchnvd -years $i; \\
  done

Step2. Fetch OVAL (e.g. redhat)

$ docker run --rm -it \\
    -v $PWD:/vuls \\
    -v $PWD/goval-dictionary-log:/var/log/vuls \\
    vuls/goval-dictionary fetch-redhat 5 6 7

Step3. Fetch gost(Go Security Tracker) (for RedHat/CentOS and Debian)

$ docker run --rm -i \\
    -v $PWD:/vuls \\
    -v $PWD/goval-log:/var/log/gost \\
    vuls/gost fetch redhat

Step4. Configuration

[servers]

[servers.c74]
host         = "54.249.93.16"
port        = "22"
user        = "vuls-user"
keyPath     = "/root/.ssh/id_rsa" # path to ssh private key in docker

Step5. Configtest

$ docker run --rm -it\\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    vuls/vuls configtest \\
    -config=./config.toml # path to config.toml in docker

Step6. Scan

$ docker run --rm -it \\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    -v /etc/localtime:/etc/localtime:ro \\
    -e "TZ=Asia/Tokyo" \\
    vuls/vuls scan \\
    -config=./config.toml # path to config.toml in docker

# If Docker Host is Debian or Ubuntu

$ docker run --rm -it \\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    -v /etc/localtime:/etc/localtime:ro \\
    -v /etc/timezone:/etc/timezone:ro \\
    vuls/vuls scan \\
    -config=./config.toml # path to config.toml in docker

Step7. Report

config.toml
[cveDict]
type = "sqlite3"
SQLite3Path = "/path/to/cve.sqlite3"

[ovalDict]
type = "sqlite3"
SQLite3Path = "/path/to/oval.sqlite3"

[gost]
type = "sqlite3"
SQLite3Path = "/path/to/gost.sqlite3"

[exploit]
type = "sqlite3"
SQLite3Path = "/path/to/go-exploitdb.sqlite3"

$ docker run --rm -it \\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    -v /etc/localtime:/etc/localtime:ro \\
    vuls/vuls report \\
    -format-short-text \\
    -config=./config.toml # path to config.toml in docker

Step8. vulsrepo

$docker run -dt \\
    -v $PWD:/vuls \\
    -p 5111:5111 \\
    vuls/vulsrepo

HTTP-Server mode

go-cve

$ docker run -dt \\
    --name go-cve-dictionary \\
    -v $PWD:/vuls \\
    -v $PWD/go-cve-dictionary-log:/var/log/vuls \\
    --expose 1323 \\
    -p 1323:1323 \\
    vuls/go-cve-dictionary server --bind=0.0.0.0

goval

$ docker run -dt \\
    --name goval-dictionary \\
    -v $PWD:/vuls \\
    -v $PWD/goval-dictionary-log:/var/log/vuls \\
    --expose 1324 \\
    -p 1324:1324 \\
    vuls/goval-dictionary server --bind=0.0.0.0

gost

$ docker run -dt \\
    --name gost \\
    -v $PWD:/vuls \\
    -v $PWD/gost-log:/var/log/gost \\
    --expose 1325 \\
    -p 1325:1325 \\
    vuls/gost server --bind=0.0.0.0

Report

[cveDict]
type = "http"
url = "<http://hostname:1323>"

[ovalDict]
type = "http"
url = "<http://hostname:1324>"

[gost]
type = "http"
url = "<http://hostname:1325>"

[exploit]
type = "http"
url = "<http://hostname:1326>"
$ docker run --rm -it \\
    -v ~/.ssh:/root/.ssh:ro \\
    -v $PWD:/vuls \\
    -v $PWD/vuls-log:/var/log/vuls \\
    vuls/vuls report  \\
    -config=./config.toml

下载文件

$ sudo yum -y install sqlite git gcc make wget
$ wget wget <https://dl.google.com/go/go1.12.7.linux-amd64.tar.gz>
$ sudo tar -C /usr/local -xzf go1.12.7.linux-amd64.tar.gz
$ mkdir $HOME/go

将下面几行导入到 /etc/profile.d/goenv.sh 文件中

export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin

刷新一下配置文件

$ source /etc/profile.d/goenv.sh

部署 go-cve-dictionary

$ sudo mkdir /var/log/vuls
$ useradd centos
$ sudo chown centos /var/log/vuls
$ sudo chmod 700 /var/log/vuls
$ mkdir -p $GOPATH/src/github.com/kotakanbe
$ cd $GOPATH/src/github.com/kotakanbe
$ git clone <https://github.com/kotakanbe/go-cve-dictionary.git>
$ cd go-cve-dictionary
$ make install
``` -->
 
欢迎加入喵星计算机技术研究院,原创技术文章第一时间推送。
notion image
 
相关文章
2024-11-09
自建 tailscaler derper 中继服务
2024-10-31
在 CentOS 9 上编译 DPDK 与 pktgen 24.07
2024-10-17
CentOS 9 DPDK 源码编译
2024-10-16
在 CentOS 9 上启用 CRB 源
2024-04-20
在 Arch Linux 上通过 OneDrive 进行 rime 的用户词库同步
2023-12-29
使用 gdb + qemu 进行驱动程序调试
Docker 的安装简介总结之——CentOS7 yum 安装 PHP 7.0, 7.1 & 7.2
tangcuyu
tangcuyu
一只尘世中努力争渡的🐠