Mirror of metasploit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Dockerfile 2.2KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566
  1. FROM ruby:2.6.2-alpine3.9 AS builder
  2. LABEL maintainer="Rapid7"
  3. ARG BUNDLER_ARGS="--jobs=8 --without development test coverage"
  4. ENV APP_HOME=/usr/src/metasploit-framework
  5. ENV BUNDLE_IGNORE_MESSAGES="true"
  6. WORKDIR $APP_HOME
  7. COPY Gemfile* metasploit-framework.gemspec Rakefile $APP_HOME/
  8. COPY lib/metasploit/framework/version.rb $APP_HOME/lib/metasploit/framework/version.rb
  9. COPY lib/metasploit/framework/rails_version_constraint.rb $APP_HOME/lib/metasploit/framework/rails_version_constraint.rb
  10. COPY lib/msf/util/helper.rb $APP_HOME/lib/msf/util/helper.rb
  11. RUN apk add --no-cache \
  12. autoconf \
  13. bison \
  14. build-base \
  15. ruby-dev \
  16. openssl-dev \
  17. readline-dev \
  18. sqlite-dev \
  19. postgresql-dev \
  20. libpcap-dev \
  21. libxml2-dev \
  22. libxslt-dev \
  23. yaml-dev \
  24. zlib-dev \
  25. ncurses-dev \
  26. git \
  27. && echo "gem: --no-ri --no-rdoc" > /etc/gemrc \
  28. && gem update --system \
  29. && bundle install --clean --no-cache --system $BUNDLER_ARGS \
  30. # temp fix for https://github.com/bundler/bundler/issues/6680
  31. && rm -rf /usr/local/bundle/cache \
  32. # needed so non root users can read content of the bundle
  33. && chmod -R a+r /usr/local/bundle
  34. FROM ruby:2.6.2-alpine3.9
  35. LABEL maintainer="Rapid7"
  36. ENV APP_HOME=/usr/src/metasploit-framework
  37. ENV NMAP_PRIVILEGED=""
  38. ENV METASPLOIT_GROUP=metasploit
  39. # used for the copy command
  40. RUN addgroup -S $METASPLOIT_GROUP
  41. RUN apk add --no-cache bash sqlite-libs nmap nmap-scripts nmap-nselibs postgresql-libs python python3 ncurses libcap su-exec
  42. RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which ruby)
  43. RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which nmap)
  44. COPY --chown=root:metasploit --from=builder /usr/local/bundle /usr/local/bundle
  45. COPY --chown=root:metasploit . $APP_HOME/
  46. RUN cp -f $APP_HOME/docker/database.yml $APP_HOME/config/database.yml
  47. WORKDIR $APP_HOME
  48. # we need this entrypoint to dynamically create a user
  49. # matching the hosts UID and GID so we can mount something
  50. # from the users home directory. If the IDs don't match
  51. # it results in access denied errors.
  52. ENTRYPOINT ["docker/entrypoint.sh"]
  53. CMD ["./msfconsole", "-r", "docker/msfconsole.rc", "-y", "$APP_HOME/config/database.yml"]