Skip to content
/ malicious-onbuild-image-demo Public

Demo resources to show how ONBUILD instruction could be used to build malicious docker images.

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

andoniaf/malicious-onbuild-image-demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
containers
containers
 
 
demo_files
demo_files
 
 
pkg
pkg
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
malicious-onbuild-demo
malicious-onbuild-demo
 
 

Repository files navigation

Malicious ONBUILD demo

Demo resources to show how ONBUILD instruction could be used to build malicious Docker images.

Go demo binary build with saschagrunert/demo framkework.

Demo info

  • Malicious docker image:

    • containers/malicious

  • SFTP:

    • Uses mayth/simple-upload-server docker image

  • Innocent docker images:

    • containers/inno, containers/inno-2, containers/inno-3

  • Go binary:

    • Files: main.go, go.mod, go.sum and pkg/*.go
    • Binary already build: malicious-onbuild-demo 
      ➜ ./malicious-onbuild-demo --h
NAME:
  Malicious ONBUILD demo - Malicious ONBUILD instruction demo

USAGE:
  malicious-onbuild-demo [global options] command [command options] [arguments...]

AUTHOR:
  Andoni Alonso <andonialonsof@gmail.com>

COMMANDS:
  help, h  Shows a list of commands or help for one command

GLOBAL OPTIONS:
  --all, -l                     run all demos (default: false)
  --auto, -a                    run the demo in automatic mode, where every step gets executed automatically (default: false)
  --auto-timeout auto, -t auto  the timeout to be waited when auto is enabled (default: 3s)
  --continuously, -c            run the demos continuously without any end (default: false)
  --hide-descriptions, -d       hide descriptions between the steps (default: false)
  --immediate, -i               immediately output without the typewriter animation (default: false)
  --skip-steps value, -s value  skip the amount of initial steps within the demo (default: 0)
  -0, --onbuild_basic           Explain what is ONBUILD instruction (default: false)
  -1, --show_malicious          Show onbuild_malicious container (default: false)
  -2, --use_malicious_1         Use onbuild_malicious container I (default: false)
  -3, --what_happened           What happened using onbuild_malicious container (default: false)
  -4, --use_malicious_2         Use onbuild_malicious container II (default: false)
  -5, --conclusions             Conclusions about ONBUILD instruction (default: false)
  --help, -h                    show help (default: false)

If you want to play without the demo binary you can use check the Makefile:

➜ make
Available rules:

build-go            Build go binary
build-innocent      Build client image from local malicious image
build-innocent-2    Build client from local malicious image + use.dockerignore
build-innocent-3    Build client from Dockerhub malicious image + use.dockerignore
build-malicious     Build local malicious image
open-upload         Shows SFTP content
run                 Run all demo steps
run-fast            Run all demo steps (without typewritter animation)
server-up           Start SFTP local server

More info

About

Demo resources to show how ONBUILD instruction could be used to build malicious docker images.

Topics

docker security demo containers onbuild

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Languages