diff --git a/Dockerfile b/Dockerfile index 4286f9a..78861b9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,134 +1,88 @@ -FROM kalilinux/kali-rolling +FROM remnux/remnux-distro:latest LABEL maintainer="tabledevil" USER root ARG DEBIAN_FRONTEND=noninteractive ENV TZ=Europe/Berlin -RUN apt-get update && apt-get install -y git && rm -rf /var/lib/apt/lists/* -RUN apt-get update && apt-get install -y \ - autoconf \ - busybox \ - catdoc \ - docx2txt \ - exiftool \ - fd-find \ - fish \ - git \ - imagemagick \ - libboost-python-dev \ - libboost-thread-dev \ - libjpeg-dev \ - libreoffice \ - libssl-dev \ - libtool \ - mc \ - mpack \ - npm \ - osslsigncode \ - p7zip-full \ - pdftk \ - pev \ - pkg-config \ - pipx \ - powershell \ - python3 \ - python3-lxml \ - python3-pip \ - ripgrep \ - ruby \ - unrtf \ - unzip \ - wget \ - zsh \ - zsh-autosuggestions \ - zsh-syntax-highlighting \ - ; \ - rm -rf /var/lib/apt/lists/* -# Configure PIPยดy +# Install additional system packages that REMnux doesn't include +RUN apt-get update && apt-get install -y \ + busybox \ + catdoc \ + docx2txt \ + fd-find \ + fish \ + fzf \ + mc \ + pipx \ + ripgrep \ + unrtf \ + zsh \ + zsh-autosuggestions \ + zsh-syntax-highlighting \ + && rm -rf /var/lib/apt/lists/* + +# Configure pip ENV PYTHONDONTWRITEBYTECODE=1 ADD pip.conf /etc/pip.conf -# OLETOOLS & DIDIERSTEVENS -RUN git clone https://github.com/DidierStevens/DidierStevensSuite /opt/didierstevenssuite -RUN chmod +x /opt/didierstevenssuite/*py -RUN python3 -m pip install --break-system-packages --upgrade pip ; true -RUN python3 -m pip install --break-system-packages psutil oletools ; true +# Install unfurl & dependencies via pipx (for URL analysis) +RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps dfir-unfurl \ + && PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx inject dfir-unfurl requests six maclookup -# PDF -RUN gem install origami +# Install visidata via pipx (for data exploration) +RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps visidata -RUN sed -i '/PDF/s/"none"/"read|write"/' /etc/ImageMagick-6/policy.xml +# Install offline help and cheat sheet tools +RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps cheat \ + && PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps tldr -# PowerShell: Install PSScriptAnalyzer module -RUN pwsh -NoProfile -Command "Install-Module -Name PSScriptAnalyzer -Force" +# Removed navi - focus on tldr and cheat for reliable help system -ENV PATH="${PATH}:/opt/didierstevenssuite/:/opt/pypy2.7-v7.3.5-linux64/bin" +# Create data directory and set permissions +RUN mkdir -p /data \ + && chown remnux:remnux /data + +# Add documentation and streamlined help system ADD files/README /opt/README ADD files/command_help /opt/command_help -RUN echo 'cat /opt/README' >> /etc/bash.bashrc - -# Add shell configurations ADD files/zshrc /etc/zsh/zshrc ADD files/fish_config.fish /etc/fish/conf.d/remnux.fish +ADD scripts/create-offline-help-system.sh /usr/local/bin/create-offline-help-system.sh +ADD scripts/find-tool /usr/local/bin/find-tool +ADD scripts/fhelp /usr/local/bin/fhelp +ADD scripts/import-remnux-cheatsheets.sh /usr/local/bin/import-remnux-cheatsheets.sh +ADD scripts/convert-remnux-cheats.py /usr/local/bin/convert-remnux-cheats.py +ADD scripts/add-tool-cheats.sh /usr/local/bin/add-tool-cheats.sh -# Add helper scripts for cheat sheet management -ADD scripts/add-tool-cheats.sh /tmp/add-tool-cheats.sh -RUN chmod +x /tmp/add-tool-cheats.sh && /tmp/add-tool-cheats.sh && rm /tmp/add-tool-cheats.sh +# Create streamlined offline help system (tldr + cheat) +RUN chmod +x /usr/local/bin/create-offline-help-system.sh /usr/local/bin/find-tool /usr/local/bin/fhelp /usr/local/bin/import-remnux-cheatsheets.sh \ + && chmod +x /usr/local/bin/convert-remnux-cheats.py /usr/local/bin/add-tool-cheats.sh \ + && /usr/local/bin/create-offline-help-system.sh \ + && /usr/local/bin/add-tool-cheats.sh +# Install Oh My Zsh for remnux user +RUN su - remnux -c 'sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended' || true -### VIPERMONKEY -## install pypy -RUN wget -O- https://downloads.python.org/pypy/pypy2.7-v7.3.5-linux64.tar.bz2 | tar -C /opt/ -xvj -RUN ln -s $(which pypy) /usr/local/bin/python -## install and upgrade pip -RUN pypy -m ensurepip -RUN pypy -m pip install -U pip -#RUN pypy -m pip install -U peepdf -#RUN pypy -m pip install -U https://github.com/decalage2/ViperMonkey/archive/master.zip -#RUN ln -s /opt/pypy2.7-v7.3.5-linux64/site-packages/vipermonkey/vmonkey.py /usr/local/bin/vmonkey -#RUN chmod +x /usr/local/bin/vmonkey -RUN wget -O- https://github.com/mandiant/capa/releases/download/v7.4.0/capa-v7.4.0-linux.zip | busybox unzip -d /usr/bin - -RUN chmod +x /usr/bin/capa +# Update bashrc with welcome message and comprehensive help info +RUN echo 'cat /opt/README' >> /etc/bash.bashrc \ + && echo 'echo ""' >> /etc/bash.bashrc \ + && echo 'echo "๐Ÿ“š Comprehensive Help System:"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp - Complete file analysis help"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp tools pdf - Find PDF analysis tools"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp cheat pdfid.py - Show command examples"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp examples - Browse all examples"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp pdf - PDF analysis workflow"' >> /etc/bash.bashrc \ + && echo 'echo ""' >> /etc/bash.bashrc \ + && echo 'echo " Shells: bash (default), zsh (with Oh My Zsh), fish"' >> /etc/bash.bashrc \ + && echo 'echo ""' >> /etc/bash.bashrc \ + && echo 'alias analyse="fhelp"' >> /etc/bash.bashrc \ + && echo 'alias ?="fhelp"' >> /etc/bash.bashrc -### JS Sandbox -RUN npm install box-js --global --production - -### Update flask -RUN pip uninstall -y --break-system-packages flask-restx && pip install --break-system-packages flask-restx - -### LATER TODO -#RUN git clone https://github.com/buffer/pyv8.git ; cd pyv8 ; python setup.py build && python setup.py install && cd .. && rm -rf pyv8 -#RUN git clone https://github.com/buffer/libemu.git ; cd libemu ; autoreconf -v -i && ./configure --prefix=/opt/libemu && make install && cd .. && rm -rf libemu2 - -### Create User -RUN groupadd -g 1000 -r user && \ -useradd -u 1000 -r -g user -d /home/user -s /sbin/nologin -c "Nonroot User" user && \ -mkdir /home/user && \ -cp /root/.bashrc /home/user/ && \ -chown -R user:user /home/user - -### Create nonroot -RUN groupadd -g 1001 -r nonroot && \ -useradd -u 1001 -r -g nonroot -d /home/nonroot -s /sbin/nologin -c "Nonroot User" nonroot && \ -mkdir /home/nonroot && \ -cp /root/.bashrc /home/nonroot/ && \ -chown -R nonroot:nonroot /home/nonroot - -### Set UP Environment -USER nonroot -ENV LANG de_DE.UTF-8 -ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/didierstevenssuite/:/opt/pypy2.7-v7.3.5-linux64/bin:/home/nonroot/.local/bin +# Switch to remnux user (REMnux default user) +USER remnux +ENV LANG=en_US.UTF-8 +ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/remnux/.local/bin WORKDIR /data -### Install unfurl & dependencies -RUN pipx install --include-deps dfir-unfurl -RUN pipx inject dfir-unfurl requests six maclookup - -### Install visidata -RUN pipx install --include-deps visidata - -### Install oletools -RUN pipx install --include-deps oletools - -CMD /bin/bash +CMD ["/bin/bash"] diff --git a/Dockerfile.remnux b/Dockerfile.remnux deleted file mode 100644 index 2ad9640..0000000 --- a/Dockerfile.remnux +++ /dev/null @@ -1,90 +0,0 @@ -FROM remnux/remnux-distro:latest -LABEL maintainer="tabledevil" - -USER root -ARG DEBIAN_FRONTEND=noninteractive -ENV TZ=Europe/Berlin - -# Install additional system packages that REMnux doesn't include -RUN apt-get update && apt-get install -y \ - busybox \ - catdoc \ - docx2txt \ - fd-find \ - fish \ - fzf \ - mc \ - pipx \ - ripgrep \ - unrtf \ - zsh \ - zsh-autosuggestions \ - zsh-syntax-highlighting \ - && rm -rf /var/lib/apt/lists/* - -# Configure pip -ENV PYTHONDONTWRITEBYTECODE=1 -ADD pip.conf /etc/pip.conf - -# Install Mandiant CAPA for malware analysis -RUN wget -O- https://github.com/mandiant/capa/releases/download/v7.4.0/capa-v7.4.0-linux.zip | busybox unzip -d /usr/bin - \ - && chmod +x /usr/bin/capa - -# Install JavaScript sandbox -RUN npm install box-js --global --production - -# Install unfurl & dependencies via pipx (for URL analysis) -RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps dfir-unfurl \ - && PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx inject dfir-unfurl requests six maclookup - -# Install visidata via pipx (for data exploration) -RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps visidata - -# Install offline help and cheat sheet tools -RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps cheat \ - && PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps tldr - -# Removed navi - focus on tldr and cheat for reliable help system - -# Create data directory and set permissions -RUN mkdir -p /data \ - && chown remnux:remnux /data - -# Add documentation and streamlined help system -ADD files/README /opt/README -ADD files/command_help /opt/command_help -ADD files/zshrc /etc/zsh/zshrc -ADD files/fish_config.fish /etc/fish/conf.d/remnux.fish -ADD scripts/create-offline-help-system.sh /usr/local/bin/create-offline-help-system.sh -ADD scripts/find-tool /usr/local/bin/find-tool -ADD scripts/fhelp /usr/local/bin/fhelp -ADD scripts/import-remnux-cheatsheets.sh /usr/local/bin/import-remnux-cheatsheets.sh -ADD scripts/convert-remnux-cheats.py /usr/local/bin/convert-remnux-cheats.py -ADD scripts/add-tool-cheats.sh /usr/local/bin/add-tool-cheats.sh - -# Create streamlined offline help system (tldr + cheat) -RUN chmod +x /usr/local/bin/create-offline-help-system.sh /usr/local/bin/find-tool /usr/local/bin/fhelp /usr/local/bin/import-remnux-cheatsheets.sh \ - && chmod +x /usr/local/bin/convert-remnux-cheats.py /usr/local/bin/add-tool-cheats.sh \ - && /usr/local/bin/create-offline-help-system.sh \ - && /usr/local/bin/add-tool-cheats.sh - -# Update bashrc with welcome message and comprehensive help info -RUN echo 'cat /opt/README' >> /etc/bash.bashrc \ - && echo 'echo ""' >> /etc/bash.bashrc \ - && echo 'echo "๐Ÿ“š Comprehensive Help System:"' >> /etc/bash.bashrc \ - && echo 'echo " fhelp - Complete file analysis help"' >> /etc/bash.bashrc \ - && echo 'echo " fhelp tools pdf - Find PDF analysis tools"' >> /etc/bash.bashrc \ - && echo 'echo " fhelp cheat pdfid.py - Show command examples"' >> /etc/bash.bashrc \ - && echo 'echo " fhelp examples - Browse all examples"' >> /etc/bash.bashrc \ - && echo 'echo " fhelp pdf - PDF analysis workflow"' >> /etc/bash.bashrc \ - && echo 'echo ""' >> /etc/bash.bashrc \ - && echo 'alias analyse="fhelp"' >> /etc/bash.bashrc \ - && echo 'alias ?="fhelp"' >> /etc/bash.bashrc - -# Switch to remnux user (REMnux default user) -USER remnux -ENV LANG=en_US.UTF-8 -ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/remnux/.local/bin -WORKDIR /data - -CMD ["/bin/bash"] diff --git a/Dockerfile.scratch b/Dockerfile.scratch index ea3b620..3bc8dd9 100644 --- a/Dockerfile.scratch +++ b/Dockerfile.scratch @@ -1,212 +1,111 @@ -# Build File Analysis Container from scratch using Ubuntu 20.04 -# This provides full control over package selection and configuration FROM ubuntu:20.04 + +ARG CAST_VER=0.16.22 + +USER root + +WORKDIR /tmp +RUN export DEBIAN_FRONTEND=noninteractive && \ + apt-get update && \ + apt-get install -y wget gnupg git && \ + wget https://github.com/ekristen/cast/releases/download/v${CAST_VER}/cast-v${CAST_VER}-linux-amd64.deb && \ + dpkg -i /tmp/cast-v${CAST_VER}-linux-amd64.deb && \ + cast install --mode cloud --user remnux remnux && \ + rm -rf /root/.cache/* && \ + unset DEBIAN_FRONTEND && \ + rm /tmp/cast-v${CAST_VER}-linux-amd64.deb + +ENV TERM=linux +WORKDIR /home/remnux + +RUN mkdir /var/run/sshd + + LABEL maintainer="tabledevil" -LABEL description="File Analysis toolkit built from Ubuntu 20.04 base" USER root ARG DEBIAN_FRONTEND=noninteractive ENV TZ=Europe/Berlin -# Install essential system utilities +# Install additional system packages that REMnux doesn't include RUN apt-get update && apt-get install -y \ - apt-transport-https \ - build-essential \ - ca-certificates \ - curl \ - git \ - gnupg \ - software-properties-common \ - sudo \ - tzdata \ - wget \ - && rm -rf /var/lib/apt/lists/* - -# Install Python and Node.js repositories -RUN apt-get update && apt-get install -y \ - python3 \ - python3-pip \ - python3-dev \ - python3-setuptools \ - python3-wheel \ - python3-lxml \ - npm \ - && rm -rf /var/lib/apt/lists/* - -# Install Ruby -RUN apt-get update && apt-get install -y \ - ruby \ - ruby-dev \ - && rm -rf /var/lib/apt/lists/* - -# Install PowerShell -RUN wget -q https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb \ - && dpkg -i packages-microsoft-prod.deb \ - && rm packages-microsoft-prod.deb \ - && apt-get update \ - && apt-get install -y powershell \ - && rm -rf /var/lib/apt/lists/* - -# Install core analysis tools -RUN apt-get update && apt-get install -y \ - autoconf \ - binutils \ - binwalk \ busybox \ catdoc \ docx2txt \ - exiftool \ fd-find \ - file \ fish \ - foremost \ fzf \ - hexedit \ - imagemagick \ - jq \ - libboost-python-dev \ - libboost-thread-dev \ - libjpeg-dev \ - libreoffice \ - libssl-dev \ - libtool \ mc \ - mpack \ - osslsigncode \ - p7zip-full \ - pdftk \ - pev \ pipx \ - pkg-config \ ripgrep \ - sqlite3 \ - ssdeep \ - tesseract-ocr \ unrtf \ - unzip \ - upx-ucl \ - xxd \ - yara \ zsh \ zsh-autosuggestions \ zsh-syntax-highlighting \ && rm -rf /var/lib/apt/lists/* -# Configure pip +# Configure pip ENV PYTHONDONTWRITEBYTECODE=1 ADD pip.conf /etc/pip.conf -# Upgrade pip -RUN python3 -m pip install --upgrade pip - -# Install PowerShell PSScriptAnalyzer module -RUN pwsh -NoProfile -Command "Install-Module -Name PSScriptAnalyzer -Force" - -# Install Didier Stevens Suite (PDF analysis tools) -RUN git clone https://github.com/DidierStevens/DidierStevensSuite /opt/didierstevenssuite \ - && chmod +x /opt/didierstevenssuite/*py \ - && ln -s /opt/didierstevenssuite/pdfid.py /usr/local/bin/pdfid.py \ - && ln -s /opt/didierstevenssuite/pdf-parser.py /usr/local/bin/pdf-parser.py \ - && ln -s /opt/didierstevenssuite/oledump.py /usr/local/bin/oledump.py \ - && ln -s /opt/didierstevenssuite/rtfdump.py /usr/local/bin/rtfdump.py - -# Install Python analysis tools -RUN python3 -m pip install --break-system-packages \ - psutil \ - oletools \ - pefile \ - python-magic \ - pytz \ - requests \ - six - -# Install PDF tools via Ruby -RUN gem install origami - -# Configure ImageMagick for PDF processing -RUN sed -i '/PDF/s/"none"/"read|write"/' /etc/ImageMagick-6/policy.xml - -# Install PyPy for performance-critical tasks -RUN wget -O- https://downloads.python.org/pypy/pypy2.7-v7.3.5-linux64.tar.bz2 | tar -C /opt/ -xvj \ - && ln -s /opt/pypy2.7-v7.3.5-linux64/bin/pypy /usr/local/bin/pypy - -# Install pypy pip -RUN pypy -m ensurepip && pypy -m pip install -U pip - -# Install Mandiant CAPA for malware analysis -RUN wget -O- https://github.com/mandiant/capa/releases/download/v7.4.0/capa-v7.4.0-linux.zip | busybox unzip -d /usr/bin - \ - && chmod +x /usr/bin/capa - -# Install JavaScript sandbox -RUN npm install box-js --global --production - -# Setup pipx environment -ENV PIPX_HOME=/opt/pipx -ENV PIPX_BIN_DIR=/usr/local/bin - -# Install tools via pipx for isolation +# Install unfurl & dependencies via pipx (for URL analysis) RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps dfir-unfurl \ && PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx inject dfir-unfurl requests six maclookup +# Install visidata via pipx (for data exploration) RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps visidata -RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps oletools +# Install offline help and cheat sheet tools +RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps cheat \ + && PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps tldr -RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps cheat +# Removed navi - focus on tldr and cheat for reliable help system -RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps tldr +# Create data directory and set permissions +RUN mkdir -p /data \ + && chown remnux:remnux /data -# Create remnux user (matching REMnux convention) -RUN groupadd -g 1000 -r remnux && \ - useradd -u 1000 -r -g remnux -d /home/remnux -s /bin/bash -c "REMnux User" remnux && \ - mkdir -p /home/remnux && \ - chown -R remnux:remnux /home/remnux - -# Create data directory -RUN mkdir -p /data && chown remnux:remnux /data - -# Add documentation and help system +# Add documentation and streamlined help system ADD files/README /opt/README ADD files/command_help /opt/command_help ADD files/zshrc /etc/zsh/zshrc ADD files/fish_config.fish /etc/fish/conf.d/remnux.fish - -# Add helper scripts ADD scripts/create-offline-help-system.sh /usr/local/bin/create-offline-help-system.sh ADD scripts/find-tool /usr/local/bin/find-tool ADD scripts/fhelp /usr/local/bin/fhelp ADD scripts/import-remnux-cheatsheets.sh /usr/local/bin/import-remnux-cheatsheets.sh ADD scripts/convert-remnux-cheats.py /usr/local/bin/convert-remnux-cheats.py ADD scripts/add-tool-cheats.sh /usr/local/bin/add-tool-cheats.sh -ADD scripts/check-help-coverage.sh /usr/local/bin/check-help-coverage.sh -# Create offline help system -RUN chmod +x /usr/local/bin/create-offline-help-system.sh \ - /usr/local/bin/find-tool \ - /usr/local/bin/fhelp \ - /usr/local/bin/import-remnux-cheatsheets.sh \ - /usr/local/bin/convert-remnux-cheats.py \ - /usr/local/bin/add-tool-cheats.sh \ - /usr/local/bin/check-help-coverage.sh \ +# Create streamlined offline help system (tldr + cheat) +RUN chmod +x /usr/local/bin/create-offline-help-system.sh /usr/local/bin/find-tool /usr/local/bin/fhelp /usr/local/bin/import-remnux-cheatsheets.sh \ + && chmod +x /usr/local/bin/convert-remnux-cheats.py /usr/local/bin/add-tool-cheats.sh \ && /usr/local/bin/create-offline-help-system.sh \ && /usr/local/bin/add-tool-cheats.sh -# Update bashrc with welcome message +# Install Oh My Zsh for remnux user +RUN su - remnux -c 'sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended' || true + +# Update bashrc with welcome message and comprehensive help info RUN echo 'cat /opt/README' >> /etc/bash.bashrc \ && echo 'echo ""' >> /etc/bash.bashrc \ - && echo 'echo "๐Ÿ“š Help System:"' >> /etc/bash.bashrc \ - && echo 'echo " fhelp - File analysis help"' >> /etc/bash.bashrc \ - && echo 'echo " fhelp cheat - Command examples"' >> /etc/bash.bashrc \ - && echo 'echo " fhelp tools pdf - Find PDF tools"' >> /etc/bash.bashrc \ + && echo 'echo "๐Ÿ“š Comprehensive Help System:"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp - Complete file analysis help"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp tools pdf - Find PDF analysis tools"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp cheat pdfid.py - Show command examples"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp examples - Browse all examples"' >> /etc/bash.bashrc \ + && echo 'echo " fhelp pdf - PDF analysis workflow"' >> /etc/bash.bashrc \ + && echo 'echo ""' >> /etc/bash.bashrc \ + && echo 'echo " Shells: bash (default), zsh (with Oh My Zsh), fish"' >> /etc/bash.bashrc \ && echo 'echo ""' >> /etc/bash.bashrc \ && echo 'alias analyse="fhelp"' >> /etc/bash.bashrc \ && echo 'alias ?="fhelp"' >> /etc/bash.bashrc -# Set environment +# Switch to remnux user (REMnux default user) USER remnux ENV LANG=en_US.UTF-8 -ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/didierstevenssuite:/opt/pypy2.7-v7.3.5-linux64/bin:/home/remnux/.local/bin +ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/remnux/.local/bin WORKDIR /data CMD ["/bin/bash"] diff --git a/Makefile b/Makefile index 434e1e8..654bdc3 100644 --- a/Makefile +++ b/Makefile @@ -5,88 +5,75 @@ help: @echo "File Analysis Container - Build System" @echo "" @echo "Available targets:" - @echo " build-upstream Build from REMnux upstream image (recommended)" + @echo " build Build from REMnux upstream image (recommended, default)" @echo " build-scratch Build from Ubuntu 20.04 base (full control)" - @echo " build-kali Build from Kali Linux base (legacy)" @echo " build-all Build all variants" @echo " test Run tests on all builds" - @echo " test-upstream Test upstream build" + @echo " test-remnux Test REMnux build" @echo " test-scratch Test scratch build" - @echo " test-kali Test Kali build" @echo " push Push images to Docker Hub" @echo " clean Remove all built images" + @echo " shell Interactive shell (REMnux build)" + @echo " shell-scratch Interactive shell (scratch build)" + @echo " coverage Check help coverage" @echo "" # Build targets -build-upstream: - @echo "Building REMnux upstream variant..." - docker build -f Dockerfile.remnux -t tabledevil/file-analysis:remnux . - @echo "โœ“ Build complete: tabledevil/file-analysis:remnux" +build: + @echo "Building REMnux-based file analysis container..." + docker build -t tabledevil/file-analysis:latest . + docker tag tabledevil/file-analysis:latest tabledevil/file-analysis:remnux + @echo "โœ“ Build complete: tabledevil/file-analysis:latest" build-scratch: @echo "Building from scratch (Ubuntu 20.04 base)..." docker build -f Dockerfile.scratch -t tabledevil/file-analysis:scratch . @echo "โœ“ Build complete: tabledevil/file-analysis:scratch" -build-kali: - @echo "Building Kali Linux variant..." - docker build -f Dockerfile -t tabledevil/file-analysis:kali . - @echo "โœ“ Build complete: tabledevil/file-analysis:kali" - -build-all: build-upstream build-scratch build-kali +build-all: build build-scratch @echo "โœ“ All variants built successfully" # Test targets -test: test-upstream test-scratch test-kali +test: test-remnux test-scratch @echo "โœ“ All tests passed" -test-upstream: - @echo "Testing REMnux upstream build..." - @docker run --rm tabledevil/file-analysis:remnux bash -c "which fhelp && fhelp cheat pdfid" - @docker run --rm tabledevil/file-analysis:remnux bash -c "which pdfid.py && which capa && which visidata" - @echo "โœ“ Upstream build tests passed" +test-remnux: + @echo "Testing REMnux build..." + @docker run --rm tabledevil/file-analysis:latest bash -c "which fhelp && fhelp cheat pdfid" + @docker run --rm tabledevil/file-analysis:latest bash -c "which pdfid.py && which capa && which visidata" + @docker run --rm tabledevil/file-analysis:latest bash -c "zsh --version && fish --version" + @echo "โœ“ REMnux build tests passed" test-scratch: @echo "Testing scratch build..." @docker run --rm tabledevil/file-analysis:scratch bash -c "which fhelp && fhelp cheat pdfid" - @docker run --rm tabledevil/file-analysis:scratch bash -c "which pdfid.py && which capa" + @docker run --rm tabledevil/file-analysis:scratch bash -c "which pdfid.py && which capa && which pwsh" + @docker run --rm tabledevil/file-analysis:scratch bash -c "zsh --version && fish --version" @echo "โœ“ Scratch build tests passed" -test-kali: - @echo "Testing Kali build..." - @docker run --rm tabledevil/file-analysis:kali bash -c "which pdfid.py && which capa" - @docker run --rm tabledevil/file-analysis:kali bash -c "which pwsh" - @echo "โœ“ Kali build tests passed" - # Docker Hub push push: @echo "Pushing images to Docker Hub..." + docker push tabledevil/file-analysis:latest docker push tabledevil/file-analysis:remnux docker push tabledevil/file-analysis:scratch - docker push tabledevil/file-analysis:kali - docker tag tabledevil/file-analysis:remnux tabledevil/file-analysis:latest - docker push tabledevil/file-analysis:latest @echo "โœ“ Images pushed successfully" # Clean up clean: @echo "Removing built images..." + -docker rmi tabledevil/file-analysis:latest -docker rmi tabledevil/file-analysis:remnux -docker rmi tabledevil/file-analysis:scratch - -docker rmi tabledevil/file-analysis:kali - -docker rmi tabledevil/file-analysis:latest @echo "โœ“ Cleanup complete" # Interactive shells for testing -shell-upstream: - docker run -it --rm -v "$$(pwd):/data" tabledevil/file-analysis:remnux +shell: + docker run -it --rm -v "$$(pwd):/data" tabledevil/file-analysis:latest shell-scratch: docker run -it --rm -v "$$(pwd):/data" tabledevil/file-analysis:scratch -shell-kali: - docker run -it --rm -v "$$(pwd):/data" tabledevil/file-analysis:kali - # Run help coverage check coverage: @echo "Checking help coverage..." diff --git a/files/zshrc b/files/zshrc index ee9c684..d808841 100644 --- a/files/zshrc +++ b/files/zshrc @@ -1,39 +1,148 @@ -# REMnux File Analysis Container - ZSH Configuration +# File Analysis Container - ZSH Configuration with Oh My Zsh -# History -HISTFILE=~/.zsh_history +# Skip interactive first-time setup +ZSH_DISABLE_COMPFIX=true + +# If running as root or system user without home, create minimal config +if [[ ! -d "$HOME" ]] || [[ ! -w "$HOME" ]]; then + # Minimal non-OMZ setup for system users + HISTFILE=/tmp/.zsh_history_$$ + HISTSIZE=10000 + SAVEHIST=10000 + + autoload -Uz compinit && compinit -d /tmp/.zcompdump_$$ + autoload -U colors && colors + + PROMPT='%F{red}[๐Ÿ”]%f %F{cyan}%~%f $ ' + + # Load plugins if available + [[ -f /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh ]] && \ + source /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh + [[ -f /usr/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh ]] && \ + source /usr/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh +else + # Oh My Zsh setup for regular users + export ZSH="$HOME/.oh-my-zsh" + + # Install Oh My Zsh if not present + if [[ ! -d "$ZSH" ]]; then + echo "Installing Oh My Zsh..." + RUNZSH=no CHSH=no sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" || { + # Fallback if curl fails + RUNZSH=no CHSH=no sh -c "$(wget -O- https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" 2>/dev/null + } + fi + + # Oh My Zsh theme - using agnoster-like theme for security work + ZSH_THEME="robbyrussell" + + # Custom theme for file analysis work + if [[ -d "$ZSH" ]]; then + # Plugins to load + plugins=(git docker command-not-found colored-man-pages) + + # Load Oh My Zsh + source $ZSH/oh-my-zsh.sh 2>/dev/null || true + + # Custom prompt with analysis indicator + PROMPT='%F{red}๐Ÿ”%f %F{cyan}%~%f $(git_prompt_info)%# ' + RPROMPT='%F{yellow}%*%f' + else + # Fallback if OMZ installation failed + autoload -U colors && colors + PROMPT='%F{red}[๐Ÿ”]%f %F{cyan}%~%f $ ' + fi +fi + +# History configuration +HISTFILE=${HISTFILE:-~/.zsh_history} HISTSIZE=10000 SAVEHIST=10000 -setopt SHARE_HISTORY HIST_IGNORE_ALL_DUPS HIST_FIND_NO_DUPS HIST_REDUCE_BLANKS +setopt SHARE_HISTORY +setopt HIST_IGNORE_ALL_DUPS +setopt HIST_FIND_NO_DUPS +setopt HIST_REDUCE_BLANKS +setopt HIST_VERIFY # Navigation -setopt AUTO_CD AUTO_PUSHD PUSHD_IGNORE_DUPS PUSHD_SILENT +setopt AUTO_CD +setopt AUTO_PUSHD +setopt PUSHD_IGNORE_DUPS +setopt PUSHD_SILENT # Completion -autoload -Uz compinit && compinit +autoload -Uz compinit +if [[ -w "$HOME" ]]; then + compinit +else + compinit -d /tmp/.zcompdump_$$ +fi + zstyle ':completion:*' menu select zstyle ':completion:*' matcher-list 'm:{a-zA-Z}={A-Za-z}' -setopt COMPLETE_IN_WORD AUTO_MENU +setopt COMPLETE_IN_WORD +setopt AUTO_MENU -# Load plugins +# Load system plugins if available [[ -f /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh ]] && \ source /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh [[ -f /usr/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh ]] && \ source /usr/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh -# Prompt -autoload -U colors && colors -PROMPT='%F{cyan}remnux%f@%F{blue}%m%f:%F{yellow}%~%f%# ' -RPROMPT='%F{green}[%D{%H:%M:%S}]%f' - -# Aliases +# Aliases for file analysis alias ls='ls --color=auto' alias ll='ls -lah' +alias la='ls -A' +alias l='ls -CF' alias grep='grep --color=auto' +alias fgrep='fgrep --color=auto' +alias egrep='egrep --color=auto' + +# Tool aliases alias fd='fdfind' alias rg='rg --color=auto' alias analyse='fhelp' alias ?='fhelp' +alias help='fhelp' -# Welcome -[[ -f /opt/README ]] && cat /opt/README && echo "" && echo "๐Ÿš Shell: zsh | Type 'fhelp' for help" && echo "" \ No newline at end of file +# Quick navigation +alias ..='cd ..' +alias ...='cd ../..' +alias ....='cd ../../..' + +# Analysis shortcuts +alias pdfinfo='pdfid.py' +alias pdfparse='pdf-parser.py' +alias scanpdf='pdf-parser.py' + +# Git aliases (if git plugin not loaded) +if ! type git &>/dev/null || ! alias gs &>/dev/null; then + alias gs='git status' + alias ga='git add' + alias gc='git commit' + alias gp='git push' + alias gl='git log --oneline' +fi + +# Environment +export EDITOR=vim +export VISUAL=vim + +# Welcome message (only on interactive shells) +if [[ -o interactive ]] && [[ -f /opt/README ]]; then + # Only show welcome once per session + if [[ -z "$_WELCOME_SHOWN" ]]; then + echo "" + echo "\033[1;36mโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”\033[0m" + echo "\033[1;31m File Analysis Container\033[0m \033[1;33m(zsh with Oh My Zsh)\033[0m" + echo "\033[1;36mโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”\033[0m" + echo "" + echo " \033[1;32mfhelp\033[0m or \033[1;32m?\033[0m - Help system" + echo " \033[1;32mfhelp cheat \033[0m - Quick examples" + echo " \033[1;32mfhelp tools pdf\033[0m - Find PDF tools" + echo "" + echo " Shells: \033[0;36mbash\033[0m (default), \033[0;36mzsh\033[0m (current), \033[0;36mfish\033[0m" + echo "" + export _WELCOME_SHOWN=1 + fi +fi