From be75fbda30acd591327965642e0536d3dec58e0f Mon Sep 17 00:00:00 2001 From: webpwnized Date: Fri, 17 May 2024 18:59:26 -0400 Subject: [PATCH] 1.0.65 Update build and tool scripts --- .build/www/Dockerfile | 8 +- .tools/git.sh | 63 +++++++-- .tools/list-container-installed-packages.sh | 83 +++++++++-- .tools/push-development-branch.sh | 87 +++++++++--- .tools/remove-all-images.sh | 72 +++++++++- .tools/start-containers.sh | 146 +++++++++++++++++--- .tools/stop-containers.sh | 47 ++++++- .tools/update-mutillidae-application.sh | 114 ++++++++++++--- version | 2 +- 9 files changed, 536 insertions(+), 86 deletions(-) diff --git a/.build/www/Dockerfile b/.build/www/Dockerfile index e3b2e95..e3be97d 100644 --- a/.build/www/Dockerfile +++ b/.build/www/Dockerfile @@ -79,8 +79,9 @@ RUN rm /var/www/mutillidae/.htaccess && \ sed -i "s/define('DB_USERNAME', 'root');/define('DB_USERNAME', '$DATABASE_USERNAME');/" /var/www/mutillidae/includes/database-config.inc && \ sed -i "s/define('DB_PASSWORD', 'mutillidae');/define('DB_PASSWORD', '$DATABASE_PASSWORD');/" /var/www/mutillidae/includes/database-config.inc && \ sed -i "s/define('DB_NAME', 'mutillidae');/define('DB_NAME', '$DATABASE_NAME');/" /var/www/mutillidae/includes/database-config.inc && \ - sed -i "s/define('DB_PORT', 3306);/define('DB_PORT', $DATABASE_PORT);/" /var/www/mutillidae/includes/database-config.inc - + sed -i "s/define('DB_PORT', 3306);/define('DB_PORT', $DATABASE_PORT);/" /var/www/mutillidae/includes/database-config.inc && \ + sed -i 's/127.0.0.1/directory/' /var/www/mutillidae/includes/ldap-config.inc + # ######################## # # Configure the web server # # ######################## # @@ -95,8 +96,7 @@ RUN rm /var/www/mutillidae/.htaccess && \ # Enable Apache TLS modules # Disable the default site because it intercepts calls to Mutillidae made by IP address # Enable the mutillidae site -RUN sed -i 's/127.0.0.1/directory/' /var/www/mutillidae/includes/ldap-config.inc && \ - cp /var/www/mutillidae/configuration/https-certificate/mutillidae-selfsigned.crt /etc/ssl/certs/mutillidae-selfsigned.crt && \ +RUN cp /var/www/mutillidae/configuration/https-certificate/mutillidae-selfsigned.crt /etc/ssl/certs/mutillidae-selfsigned.crt && \ cp /var/www/mutillidae/configuration/https-certificate/mutillidae-selfsigned.key /etc/ssl/private/mutillidae-selfsigned.key && \ mkdir /etc/apache2/conf/ && \ cp /var/www/mutillidae/configuration/apache-configuration/conf/error-pages.conf /etc/apache2/conf/error-pages.conf && \ diff --git a/.tools/git.sh b/.tools/git.sh index af25950..7608ed1 100755 --- a/.tools/git.sh +++ b/.tools/git.sh @@ -1,23 +1,62 @@ #!/bin/bash +# Purpose: Tag a Git commit with version and annotation, commit locally, and push to remote +# Usage: ./git.sh +# Description: This script tags a Git commit with the specified version and annotation, +# commits locally, and pushes both the tag and commit to the remote repository. -if (( $# != 2 )) -then - printf "%b" "Usage: git.sh \n" >&2 - exit 1 +# Function to print messages with a timestamp +print_message() { + echo "" + echo "$(date +"%Y-%m-%d %H:%M:%S") - $1" +} + +# Function to display help message +show_help() { + echo "Usage: $0 " + echo "" + echo "Options:" + echo " -h, --help Display this help message." + echo "" + echo "Description:" + echo "This script tags a Git commit with the specified version and annotation," + echo "commits locally, and pushes both the tag and commit to the remote repository." + exit 0 +} + +# Function to handle errors +handle_error() { + print_message "Error: $1" +} + +# Parse options +while [[ "$#" -gt 0 ]]; do + case $1 in + -h|--help) show_help ;; + *) break ;; + esac + shift +done + +# Check if exactly two arguments are passed +if (( $# != 2 )); then + handle_error "Incorrect number of arguments. Usage: $0 " fi +# Assign arguments to variables VERSION=$1 ANNOTATION=$2 -echo "Creating tag $VERSION with annotation \"$ANNOTATION\"" -git tag -a $VERSION -m "$ANNOTATION" +# Tagging, committing, and pushing operations +print_message "Creating tag $VERSION with annotation \"$ANNOTATION\"" +git tag -a "$VERSION" -m "$ANNOTATION" || handle_error "Failed to create tag" -echo "Commiting version $VERSION to local branch" -git commit -a -m "$VERSION $ANNOTATION" +print_message "Committing version $VERSION to local branch" +git commit -a -m "$VERSION $ANNOTATION" || handle_error "Failed to commit changes" -echo "Pushing tag $VERSION" -git push --tag +print_message "Pushing tag $VERSION to upstream" +git push --tag || handle_error "Failed to push tag to upstream" -echo "Pushing version $VERSION to upstream" -git push +print_message "Pushing version $VERSION to upstream" +git push || handle_error "Failed to push changes to upstream" +print_message "Script completed successfully" diff --git a/.tools/list-container-installed-packages.sh b/.tools/list-container-installed-packages.sh index 0a14702..ce4dee2 100755 --- a/.tools/list-container-installed-packages.sh +++ b/.tools/list-container-installed-packages.sh @@ -1,10 +1,77 @@ #!/bin/bash -for i in $(docker ps --quiet); do - echo ""; - echo "--------------"; - echo $i; - echo "--------------"; - echo ""; - docker exec $i dpkg -l; -done; +# Function to log messages with timestamps +log() { + echo "$(date +'%Y-%m-%d %H:%M:%S') - $1" +} + +# Function to list packages in a container +list_packages() { + local container_id=$1 + local package_filter_cmd=$2 + + echo "" + echo "------------------------------" + echo "Container ID: $container_id" + echo "------------------------------" + echo "" + + docker exec "$container_id" bash -c "$package_filter_cmd" +} + +# Display usage instructions +display_help() { + echo "Usage: $0 [options]" + echo "Options:" + echo " -a, --all List all installed packages (default)" + echo " -u, --user List only user-installed packages" + echo " -h, --help Display this help message" + exit 0 +} + +# Default behavior +list_user_packages=false + +# Parse command-line arguments +while [[ "$#" -gt 0 ]]; do + case $1 in + -a|--all) list_user_packages=false;; + -u|--user) list_user_packages=true;; + -h|--help) display_help;; + *) log "Unknown parameter passed: $1"; display_help;; + esac + shift +done + +# Check if Docker is running +if ! command -v docker &> /dev/null; then + log "Docker is not installed or not running." + exit 1 +fi + +# Get the list of running containers +containers=$(docker ps --quiet) + +if [ -z "$containers" ]; then + log "No running Docker containers found." + exit 0 +fi + +# Determine the package filter command based on the option selected +if [ "$list_user_packages" = true ]; then + package_filter_cmd='comm -23 <(apt-mark showmanual | sort) <(apt list --installed 2>/dev/null | awk -F/ '\''{print $1}'\'' | sort)' +else + package_filter_cmd='dpkg -l' +fi + +# Loop through each container and list packages based on the option selected +for container_id in $containers; do + if ! docker exec "$container_id" bash -c "$package_filter_cmd" &> /dev/null; then + log "Failed to execute command in container $container_id. Skipping." + continue + fi + + list_packages "$container_id" "$package_filter_cmd" +done + +log "Package listing completed." diff --git a/.tools/push-development-branch.sh b/.tools/push-development-branch.sh index e0871c1..dbbf2c3 100755 --- a/.tools/push-development-branch.sh +++ b/.tools/push-development-branch.sh @@ -1,27 +1,78 @@ #!/bin/bash +# Purpose: Merge development branch into main branch and tag with version +# Usage: ./push-development-branch.sh +# Description: This script merges the development branch into the main branch, +# tags the main branch with the specified version, and +# calls another script 'git.sh' with the version and annotation. -if (( $# != 2 )) -then - printf "%b" "Usage: git.sh \n" >&2; - exit 1; -fi; +# Function to print messages with a timestamp +print_message() { + echo "" + echo "$(date +"%Y-%m-%d %H:%M:%S") - $1" +} -VERSION=$1; -ANNOTATION=$2; +# Function to display help message +show_help() { + echo "Usage: $0 " + echo "" + echo "Options:" + echo " -h, --help Display this help message." + echo "" + echo "Description:" + echo "This script merges the development branch into the main branch," + echo "tags the main branch with the specified version, and" + echo "calls another script 'git.sh' with the version and annotation." + exit 0 +} -echo "Calling git.sh with tag $VERSION with annotation \"$ANNOTATION\""; -./git.sh "$VERSION" "$ANNOTATION"; +# Function to handle errors +handle_error() { + print_message "Error: $1" + exit 1 +} -echo "Checking out main branch"; -git checkout main; +# Parse options +while [[ "$#" -gt 0 ]]; do + case $1 in + -h|--help) show_help ;; + *) break ;; + esac + shift +done -echo "Merging development branch"; -git merge development; +# Check if exactly two arguments are passed +if (( $# != 2 )); then + handle_error "Incorrect number of arguments. Usage: $0 " +fi -echo "Calling git.sh with tag $VERSION with annotation \"$ANNOTATION\""; -./git.sh "$VERSION" "$ANNOTATION"; +# Assign arguments to variables +VERSION=$1 +ANNOTATION=$2 -echo "Checking out development branch"; -git checkout development; +# Verify 'git.sh' script exists and is executable +GIT_SCRIPT="./git.sh" +if [[ ! -x "$GIT_SCRIPT" ]]; then + handle_error "'git.sh' script not found or not executable" +fi -git status; \ No newline at end of file +# Tag and merge operations +print_message "Calling git.sh with tag $VERSION with annotation \"$ANNOTATION\"" +"$GIT_SCRIPT" "$VERSION" "$ANNOTATION" || handle_error "Failed to call git.sh" + +print_message "Checking out main branch" +git checkout main || handle_error "Failed to checkout main branch" + +print_message "Merging development branch" +git merge development || handle_error "Failed to merge development branch" + +print_message "Calling git.sh with tag $VERSION with annotation \"$ANNOTATION\"" +"$GIT_SCRIPT" "$VERSION" "$ANNOTATION" || handle_error "Failed to call git.sh" + +print_message "Checking out development branch" +git checkout development || handle_error "Failed to checkout development branch" + +# Show git status +print_message "Git status" +git status || handle_error "Failed to show git status" + +print_message "Script completed successfully" diff --git a/.tools/remove-all-images.sh b/.tools/remove-all-images.sh index fec3abe..ddbb849 100755 --- a/.tools/remove-all-images.sh +++ b/.tools/remove-all-images.sh @@ -1,9 +1,67 @@ #!/bin/bash +# Purpose: Clean up Docker resources for Mutillidae application +# Usage: ./remove-all-images.sh [options] -docker stop $(docker ps -a -q); -docker rm $(docker ps -a -q); -docker rmi $(docker images -a -q); -docker container prune -f; -docker image prune --all -f; -docker volume prune -f; -docker system prune --all --volumes -f; +# Function to print messages with a timestamp +print_message() { + echo "" + echo "$(date +"%Y-%m-%d %H:%M:%S") - $1" +} + +# Function to display help message +show_help() { + echo "Usage: $0 [options]" + echo "" + echo "Options:" + echo " -h, --help Display this help message." + echo "" + echo "Description:" + echo "This script is used to clean up Docker resources for the Mutillidae application." + echo "It stops and removes all containers, removes all images, and prunes all volumes and networks." + exit 0 +} + +# Function to handle errors +handle_error() { + print_message "Error: $1" +} + +# Parse options +while [[ "$#" -gt 0 ]]; do + case $1 in + -h|--help) show_help ;; + *) handle_error "Unknown parameter passed: $1" ;; + esac + shift +done + +# Check if Docker is installed and running +if ! command -v docker &> /dev/null; then + handle_error "Docker is not installed or not in PATH. Please install Docker." +fi + +# Clean up Docker resources +print_message "Cleaning up Docker resources for Mutillidae" + +# Stop and remove all containers +print_message "Stopping and removing all containers" +docker stop $(docker ps -a -q) || handle_error "Failed to stop containers" +docker rm $(docker ps -a -q) || handle_error "Failed to remove containers" + +# Remove all images +print_message "Removing all images" +docker rmi $(docker images -a -q) || handle_error "Failed to remove images" + +# Prune containers, images, volumes, networks +print_message "Pruning containers, images, volumes, networks" +docker container prune -f || handle_error "Failed to prune containers" +docker image prune --all -f || handle_error "Failed to prune images" +docker volume prune -f || handle_error "Failed to prune volumes" +docker network prune -f || handle_error "Failed to prune networks" + +# System-wide prune +print_message "Pruning system" +docker system prune --all --volumes -f || handle_error "Failed to prune system" + +# Success message +print_message "Docker resources for Mutillidae cleaned up successfully" diff --git a/.tools/start-containers.sh b/.tools/start-containers.sh index 62661ff..33ba410 100755 --- a/.tools/start-containers.sh +++ b/.tools/start-containers.sh @@ -1,26 +1,134 @@ #!/bin/bash -# Script must be run from the mutillidae-docker directory +# Purpose: Start Docker containers defined in docker-compose.yml +# Usage: ./start-containers.sh [options] +# Description: This script is used to start and optionally initialize the containers. +# The script must be run from the mutillidae-docker directory. -echo ""; -echo "Starting containers"; -docker-compose -f docker-compose.yml up -d; +# Function to print messages with a timestamp +print_message() { + echo "" + echo "$(date +"%Y-%m-%d %H:%M:%S") - $1" +} -echo ""; -echo "Waiting for database to start"; -sleep 10; +# Function to handle errors +handle_error() { + print_message "Error: $1" + exit 1 +} -echo ""; -echo "Requesting Mutillidae database be built"; -curl http://mutillidae.localhost/set-up-database.php; +# Function to display help message +show_help() { + echo "Usage: $0 [options]" + echo "" + echo "Options:" + echo " -i, --initialize Initialize the containers after starting them." + echo " -u, --unattended Run the script unattended without waiting for user input." + echo " -l, --ldif-file Specify the path to the LDIF file (required with --initialize)." + echo " -h, --help Display this help message." + echo "" + echo "Description:" + echo "This script is used to start and optionally initialize the containers." + echo "The script must be run from the mutillidae-docker directory." + echo "" + echo "When run without options, the script starts the Docker containers defined in" + echo "docker-compose.yml and waits for user input before clearing the screen." + echo "" + echo "When the --initialize option is provided, the script will:" + echo " 1. Start the Docker containers." + echo " 2. Wait for the database to start." + echo " 3. Request the database to be built." + echo " 4. Upload the specified LDIF file to the LDAP directory server." + echo "" + echo "When the --unattended option is provided, the script will not wait for user" + echo "input and will not clear the screen after execution." + echo "" + echo "Examples:" + echo " Start containers without initialization:" + echo " $0" + echo "" + echo " Start containers and initialize them:" + echo " $0 --initialize --ldif-file /path/to/ldif" + echo "" + echo " Run script unattended:" + echo " $0 --unattended" + echo "" + echo " Run script with initialization and unattended:" + echo " $0 --initialize --ldif-file /path/to/ldif --unattended" + exit 0 +} -echo ""; -echo "Uploading Mutillidae LDIF file to LDAP directory server"; -CURRENT_DIRECTORY=$(pwd); -ldapadd -c -x -D "cn=admin,dc=mutillidae,dc=localhost" -w mutillidae -H ldap:// -f $CURRENT_DIRECTORY/ldap/ldif/mutillidae.ldif; +# Parse options +INITIALIZE_CONTAINERS=false +UNATTENDED=false +LDIF_FILE="" -# Wait for the user to press Enter key -read -p "Press Enter to continue or -C to stop" -C to stop" /dev/null; then + handle_error "Docker is not installed or not in PATH. Please install Docker." +fi + +# Stop Docker containers +print_message "Stopping and removing containers" +docker-compose down || handle_error "Failed to stop containers" + +# Success message +print_message "Docker containers stopped successfully" diff --git a/.tools/update-mutillidae-application.sh b/.tools/update-mutillidae-application.sh index 6c9829d..bad19ca 100755 --- a/.tools/update-mutillidae-application.sh +++ b/.tools/update-mutillidae-application.sh @@ -2,19 +2,101 @@ # This is a Bash script for updating the Mutillidae web application. # It must be run from the 'mutillidae-docker' directory. -# Check if the 'www' container is running -if [ ! "$(docker ps -q -f name=www)" ]; then - echo ""; - echo "The 'www' container is not running so the application cannot be updated on the container."; - exit 1; -fi; - -# Print a newline for better readability. -echo ""; - -# Inform the user about the update process. -echo "Updating the Mutillidae application installed in the running 'www' container."; - -# Use 'docker exec' to execute commands inside the 'www' container. -# First, ensure Git is installed by running 'apt install git -y' within the container. -docker exec -it www sh -c "apt update; apt install git -y; cd /var/www/mutillidae; git pull" +# Function to log messages to the console +log() { + echo "$(date +'%Y-%m-%d %H:%M:%S') - $1" +} + +# Function to check if the 'www' container is running +is_container_running() { + local container_name="www" + if [ "$(docker ps -q -f name=$container_name)" ]; then + return 0 # Container is running + else + return 1 # Container is not running + fi +} + +# Function to check the exit code and return 1 if not 0 +check_exit_code() { + local exit_code=$? + if [ $exit_code -ne 0 ]; then + return 1 + fi + return 0 +} + +# Function to run a command inside the container with logging +run_command_in_container() { + local container_name=$1 + local command=$2 + local step_description=$3 + + log "Executing step: $step_description" + docker exec -it $container_name sh -c "$command" + check_exit_code || { log "Step failed: $step_description"; exit 1; } + log "Step succeeded: $step_description" +} + +# Function to update Mutillidae application inside the container +update_mutillidae() { + local container_name="www" + local temp_dir="/tmp/mutillidae" + local mutillidae_src="/var/www/mutillidae" + local database_host="database" + local database_username="root" + local database_password="mutillidae" + local database_name="mutillidae" + local database_port="3306" + local ldap_server_hostname="directory" + + log "Updating Mutillidae application in the running '$container_name' container." + + # Install Git and clone the Mutillidae repository + run_command_in_container $container_name "apt update && apt install --no-install-recommends -y git" "Install Git and update APT" + + # Remove existing Mutillidae source directory and clone new code + run_command_in_container $container_name "rm -rf $mutillidae_src; cd /tmp; git clone https://github.com/webpwnized/mutillidae.git $temp_dir" "Clone Mutillidae repository" + + # Copy new source code to Mutillidae directory + run_command_in_container $container_name "cp -r $temp_dir/src $mutillidae_src" "Copy Mutillidae source code" + + # Clean up temporary directory + run_command_in_container $container_name "rm -rf $temp_dir" "Clean up temporary directory" + + # Remove the .htaccess file + run_command_in_container $container_name "rm /var/www/mutillidae/.htaccess" "Remove the .htaccess file" + + # Update the database hostname + run_command_in_container $container_name "sed -i \"s/define('DB_HOST', '127.0.0.1');/define('DB_HOST', '$database_host');/\" /var/www/mutillidae/includes/database-config.inc" "Update the database hostname" + + # Update the database username + run_command_in_container $container_name "sed -i \"s/define('DB_USERNAME', 'root');/define('DB_USERNAME', '$database_username');/\" /var/www/mutillidae/includes/database-config.inc" "Update the database username" + + # Update the database password + run_command_in_container $container_name "sed -i \"s/define('DB_PASSWORD', 'mutillidae');/define('DB_PASSWORD', '$database_password');/\" /var/www/mutillidae/includes/database-config.inc" "Update the database password" + + # Update the database name + run_command_in_container $container_name "sed -i \"s/define('DB_NAME', 'mutillidae');/define('DB_NAME', '$database_name');/\" /var/www/mutillidae/includes/database-config.inc" "Update the database name" + + # Update the database port + run_command_in_container $container_name "sed -i \"s/define('DB_PORT', 3306);/define('DB_PORT', $database_port);/\" /var/www/mutillidae/includes/database-config.inc" "Update the database port" + + # Update the LDAP server hostname + run_command_in_container $container_name "sed -i 's/127.0.0.1/$ldap_server_hostname/' /var/www/mutillidae/includes/ldap-config.inc" "Update the LDAP server hostname" + + log "Mutillidae application update completed successfully." +} + +# Main script logic +main() { + if ! is_container_running; then + log "The 'www' container is not running, so the application cannot be updated." + exit 1 + fi + + update_mutillidae +} + +# Call the main function +main diff --git a/version b/version index e1d2f8b..7b8d6b7 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.0.64 +1.0.65