updating docker

MythicAgents · Apr 14, 2024 · 602c13c · 602c13c
1 parent 4df713d
commit 602c13c
Show file tree

Hide file tree

Showing 9 changed files with 96 additions and 49 deletions.
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -1,8 +1,7 @@
-# TODO: figure out if the devcontainer can simply point to the Dockerfile within Payload_Type (but not start main.py?)
-FROM itsafeaturemythic/mythic_python_go:latest
+FROM itsafeaturemythic/mythic_python_base:latest as builder
 
 RUN apt-get update
-RUN apt-get install -y git gnupg software-properties-common openssh-client
+RUN apt-get install -y git gnupg software-properties-common
 
 WORKDIR /Mythic/
 
@@ -12,11 +11,18 @@ RUN cd grpc && pip install -r requirements.txt
 RUN cd grpc && pip uninstall -y protobuf
 RUN cd grpc && pip install protobuf==3.20.*
 RUN cd grpc && GRPC_PYTHON_BUILD_SYSTEM_OPENSSL=True GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip install .
+RUN cd grpc && python setup.py bdist_wheel --dist-dir=/grpc_wheel
 
-# RUN pip install sliver-py
-RUN git clone --depth 1 https://github.com/spenceradolph/sliver-py.git
-RUN cd sliver-py && git submodule update --init
-RUN pip install -e sliver-py
+COPY ["requirements.txt", "requirements.txt"]
+RUN python3 -m pip wheel --wheel-dir /other_wheels -r requirements.txt
 
-RUN pip install mythic_container==v0.4.18
-RUN pip install tabulate
+###########################################################
+###########################################################
+
+FROM itsafeaturemythic/mythic_python_base:latest
+
+COPY --from=builder /other_wheels /other_wheels
+COPY --from=builder /grpc_wheel /grpc_wheel
+
+RUN pip install --no-cache /other_wheels/*
+RUN pip install --no-cache /grpc_wheel/*
diff --git a/.devcontainer/requirements.txt b/.devcontainer/requirements.txt
@@ -0,0 +1,3 @@
+mythic-container==0.4.18
+tabulate
+sliver-py
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -68,7 +68,7 @@ jobs:
         uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images
         with:
           context: Payload_Type/sliverapi
-          file: Payload_Type/sliverapi/.docker/Dockerfile
+          file: Payload_Type/sliverapi/Dockerfile
           tags: |
             ${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}:${{ env.VERSION }}
             ${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}:latest
@@ -98,23 +98,18 @@ jobs:
       - name: Lowercase the container image name
         run: echo "AGENT_IMAGE_NAME=${AGENT_IMAGE_NAME,,}" >> ${GITHUB_ENV}
 
-      # The Dockerfile which Mythic uses to pull in the base container image needs to be
-      # updated to reference the newly built container image
-      - name: Fix the server Dockerfile reference to reference the new release tag (implant)
-        working-directory: Payload_Type/sliverimplant
-        run: |
-          sed -i "s|^FROM ghcr\.io.*$|FROM ${REGISTRY}/${AGENT_IMAGE_NAME}:${VERSION}|" Dockerfile
-
-      - name: Fix the server Dockerfile reference to reference the new release tag (api)
-        working-directory: Payload_Type/sliverapi
-        run: |
-          sed -i "s|^FROM ghcr\.io.*$|FROM ${REGISTRY}/${AGENT_IMAGE_NAME}:${VERSION}|" Dockerfile
+      - name: Update config.json version for sliverapi
+        uses: jossef/[email protected]
+        with:
+          file: config.json
+          field: remote_images.sliverapi
+          value: ${{env.REGISTRY}}/${{env.AGENT_IMAGE_NAME}}:${{env.VERSION}}
 
-      - name: Update package.json version
+      - name: Update config.json version for sliverimplant
         uses: jossef/[email protected]
         with:
           file: config.json
-          field: remote_images.sliver
+          field: remote_images.sliverimplant
           value: ${{env.REGISTRY}}/${{env.AGENT_IMAGE_NAME}}:${{env.VERSION}}
 
       # Push the changes to the Dockerfile
@@ -123,7 +118,7 @@ jobs:
         uses: EndBug/add-and-commit@v9 # ref: https://github.com/marketplace/actions/add-commit
         with:
           # Only add the Dockerfile changes. Nothing else should have been modified
-          add: "['Payload_Type/sliverapi/Dockerfile', 'Payload_Type/sliverimplant/Dockerfile', 'config.json']"
+          add: "['config.json']"
           # Use the Github actions bot for the commit author
           default_author: github_actions
           committer_email: github-actions[bot]@users.noreply.github.com

diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -7,6 +7,7 @@
         {
             "name": "SliverApi",
             "type": "debugpy",
+            "python": "/usr/local/bin/python",
             "request": "launch",
             "program": "${workspaceFolder}/Payload_Type/sliverapi/main.py",
             "console": "integratedTerminal",
@@ -16,6 +17,7 @@
         {
             "name": "SliverImplant",
             "type": "debugpy",
+            "python": "/usr/local/bin/python",
             "request": "launch",
             "program": "${workspaceFolder}/Payload_Type/sliverimplant/main.py",
             "console": "integratedTerminal",

diff --git a/Payload_Type/sliverapi/.docker/Dockerfile b/Payload_Type/sliverapi/.docker/Dockerfile
diff --git a/Payload_Type/sliverapi/Dockerfile b/Payload_Type/sliverapi/Dockerfile
@@ -1 +1,30 @@
-FROM ghcr.io/mythicagents/sliverimplant:v0.0.0.1
+FROM itsafeaturemythic/mythic_python_base:latest as builder
+
+RUN apt-get update
+RUN apt-get install -y git gnupg software-properties-common
+
+WORKDIR /Mythic/
+
+RUN git clone --depth 1 https://github.com/grpc/grpc
+RUN cd grpc && git submodule update --init
+RUN cd grpc && pip install -r requirements.txt
+RUN cd grpc && pip uninstall -y protobuf
+RUN cd grpc && pip install protobuf==3.20.*
+RUN cd grpc && GRPC_PYTHON_BUILD_SYSTEM_OPENSSL=True GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip install .
+RUN cd grpc && python setup.py bdist_wheel --dist-dir=/grpc_wheel
+
+COPY ["requirements.txt", "requirements.txt"]
+RUN python3 -m pip wheel --wheel-dir /other_wheels -r requirements.txt
+
+###########################################################
+###########################################################
+
+FROM itsafeaturemythic/mythic_python_base:latest
+
+COPY --from=builder /other_wheels /other_wheels
+COPY --from=builder /grpc_wheel /grpc_wheel
+
+RUN pip install --no-cache /other_wheels/*
+RUN pip install --no-cache /grpc_wheel/*
+
+CMD ["python3", "main.py"]
diff --git a/Payload_Type/sliverimplant/Dockerfile b/Payload_Type/sliverimplant/Dockerfile
@@ -1 +1,30 @@
-FROM ghcr.io/mythicagents/sliverimplant:v0.0.0.1
+FROM itsafeaturemythic/mythic_python_base:latest as builder
+
+RUN apt-get update
+RUN apt-get install -y git gnupg software-properties-common
+
+WORKDIR /Mythic/
+
+RUN git clone --depth 1 https://github.com/grpc/grpc
+RUN cd grpc && git submodule update --init
+RUN cd grpc && pip install -r requirements.txt
+RUN cd grpc && pip uninstall -y protobuf
+RUN cd grpc && pip install protobuf==3.20.*
+RUN cd grpc && GRPC_PYTHON_BUILD_SYSTEM_OPENSSL=True GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip install .
+RUN cd grpc && python setup.py bdist_wheel --dist-dir=/grpc_wheel
+
+COPY ["requirements.txt", "requirements.txt"]
+RUN python3 -m pip wheel --wheel-dir /other_wheels -r requirements.txt
+
+###########################################################
+###########################################################
+
+FROM itsafeaturemythic/mythic_python_base:latest
+
+COPY --from=builder /other_wheels /other_wheels
+COPY --from=builder /grpc_wheel /grpc_wheel
+
+RUN pip install --no-cache /other_wheels/*
+RUN pip install --no-cache /grpc_wheel/*
+
+CMD ["python3", "main.py"]
diff --git a/README.md b/README.md
@@ -7,7 +7,7 @@ This is a set of [Mythic](https://docs.mythic-c2.net/) agents for interacting wi
 
 The `sliverapi` payload doesn't build anything, but instead generates a "callback" within Mythic that allows you to interact with Sliver's API. This requires you to generate an [operator configuration file](https://sliver.sh/docs?name=Multi-player+Mode). This config file is the only build parameter, and once built, a callback will immediately appear and you can start tasking like normal.
 
-A `sliverimplant` callback is instantiated when tasking a `use -id <sliver_implant_id>` from within the sliverapi callback. 
+A `sliverimplant` callback is instantiated when tasking a `use -id <sliver_implant_id>` from within the sliverapi callback.
 
 Checkout this [blog](./blog/blog.md) about my experience creating them.
 
@@ -91,6 +91,7 @@ sudo ./mythic-cli install github https://github.com/spenceradolph/sliver
     - websites
     - wg
     - operators
+
 </details>
 
 <details>
@@ -140,6 +141,7 @@ sudo ./mythic-cli install github https://github.com/spenceradolph/sliver
     - terminate✅
     - upload✅
     - whoami✅
+
 </details>
 
 ## How to install an agent in this format within Mythic
@@ -158,6 +160,7 @@ Now, you might be wondering _when_ should you or a user do this to properly add
 ## Local Development Notes
 
 - VSCode devcontainer
+
   - If using vscode, it will prompt to auto build and attach to the Docker file
     - Warning: building the container takes a few minutes!
   - Auto adds the suggested extensions / settings
@@ -186,5 +189,3 @@ Once inside the container and rabbitmq set, this will run the agent side and upd
 cd ./Payload_Type/sliverapi/
 python3 main.py
 ```
-
-Another note: the sliverimplant Dockerfile is built from the sliverapi .docker
diff --git a/config.json b/config.json
@@ -5,6 +5,7 @@
 	"exclude_documentation_c2": true,
 	"exclude_agent_icons": true,
 	"remote_images": {
-		"sliver": "ghcr.io/mythicagents/sliver:v0.0.0.1"
+		"sliverapi": "ghcr.io/mythicagents/sliver:v0.0.0.1",
+		"sliverimplant": "ghcr.io/mythicagents/sliver:v0.0.0.1"
 	}
 }