Bocksploitable Docker Container (Moved to https://gitlab.com/drakemp)
This is an exploitable Docker image for penetration testing. The exploit source code can be found in the ‘exploitables’ directory. The ‘start.sh’ is the main process for the container. If ‘start.sh’ terminates because of a crashed service then the container exits. To add a service to the container, you must add the source to the ‘exploitables’ directory and add to start.sh the appropriate initialization code. For compiling code, add to the Dockerfile the appropriate compile commands as well. Note that the bufferoverflow services are written in C so they will crash on faild attempts, ‘start.sh’ will spawn them back up after a minute.
The exploitable code provide in this container is thanks to Kevin Bock, George Hughey, and Srujan Thotapally (in no particular order). For another exploitable Docker image see peakkk/metasploitable.
- 80: webapp # not setup yet.
- 3285: BockServe2.0a
- 33333: compiler_server.py
- 4445: echoserver.c
- 12345: sponge.py
- 100X: bufferoverflow
- 1001: lab1.c
- 1002: lab2.c
- 1003: lab3.c
- 1004: lab4.c
docker build -t bocksploitable . # Build container
docker run -it bocksploitable # Run container
docker run -dit bocksploitable # Run container in background
docker run -p 8080:80 -dit bocksploitable # Run container in background
# with localhost:8080 access to webapp
docker run -it bocksploitable /bin/bash # Run container with shell for debugging