diff --git a/content/posts/commits/2026-03-25-commit-a79479d.md b/content/posts/commits/2026-03-25-commit-a79479d.md new file mode 100644 index 0000000..0f035e6 --- /dev/null +++ b/content/posts/commits/2026-03-25-commit-a79479d.md @@ -0,0 +1,108 @@ +--- +title: "[bojemoi] feat: multi-stage Dockerfiles, DVAR IoT target, bm12/uzi ARM enrichment" +date: 2026-03-25T22:44:39+01:00 +draft: false +tags: ["commit", "bojemoi", "main"] +categories: ["Git Activity"] +summary: "Commit a79479d par Betty dans bojemoi" +author: "Betty" +--- + +## Commit `a79479d` + +| | | +|---|---| +| **Repository** | bojemoi | +| **Branch** | `main` | +| **Author** | Betty | +| **Hash** | `a79479d732a7eb95cb017eee5084f11e08946849` | + + +### Description + +Dockerfiles: +- Convert 8 Dockerfiles to multi-stage / virtual build-deps pattern: + - oblast/Dockerfile.zaproxy: remove make/ant/automake/autoconf/gcc from final stage, openjdk-jdk → jre + - telegram-bot, discovery: proper builder/runtime stages, gcc+libpq-dev removed from runtime + - tsushima: dedicated masscan-builder stage + --virtual .ruby-build-deps + - borodino/Dockerfile.borodino, berezina/Dockerfile.berezina: --virtual .build-deps removed after bundle install + - narva/Dockerfile.narva, borodino/Dockerfile.berezina: remove unused build tools (no bundle install) +- Compile Python sources in: mcp-server, discovery, sentinel/collector, koursk-2 +- cccp.sh: docker buildx build --push (direct registry), ensure_registry() boot stack check + +DVAR IoT: +- dvar/: Dockerfile.dvar (QEMU ARM emulation, cross-compiled vuln HTTP server), entrypoint, vuln_httpd.c +- stack/56-service-dvar.yml: pentest + iot_network networks, worker placement +- scripts/metasploitable2_exploit.py: Metasploitable2 exploit helper + +Borodino bm12/uzi: +- thearm_bm12: arch detection (_ARCH_PATTERNS, _IOT_KEYWORDS), IoT/ARM banner parsing, stores arch in hosts.arch +- thearm_uzi: ARM/MIPS payload selection, IoT OS path, host_arch from DB, generic IoT support +- stack/40-service-borodino.yml: bm12_v3 scan_status target, updated service config + +Co-Authored-By: Claude Sonnet 4.6 + +### Files Changed + +``` +M .dockerignore +M berezina/Dockerfile.berezina +M borodino/.dockerignore +M borodino/Dockerfile.berezina +M borodino/Dockerfile.borodino +M borodino/thearm_bm12 +M borodino/thearm_uzi +M borodino/toto +M discovery/Dockerfile +M discovery/breachforum_onion_discovery.py +M discovery/entrypoint.sh +A dvar/Dockerfile.dvar +A dvar/entrypoint.sh +A dvar/src/vuln_httpd.c +M koursk-2/Dockerfile.koursk-2 +M koursk-2/scripts/rsync-start.sh +M mcp-server/Dockerfile +M narva/Dockerfile.narva +M oblast/Dockerfile.zaproxy +M scripts/cccp.sh +A scripts/metasploitable2_exploit.py +M scripts/startover.sh +M sentinel/collector/Dockerfile +M stack/40-service-borodino.yml +A stack/56-service-dvar.yml +A toto +M tsushima/Dockerfile.tsushima +``` + +### Diff Summary + +``` + .dockerignore | 1 + + berezina/Dockerfile.berezina | 73 +- + borodino/.dockerignore | 1 + + borodino/Dockerfile.berezina | 29 +- + borodino/Dockerfile.borodino | 51 +- + borodino/thearm_bm12 | 151 ++++- + borodino/thearm_uzi | 579 ++++++++++------ + borodino/toto | 1092 ++++++++++++++++++++++++++---- + discovery/Dockerfile | 27 +- + discovery/breachforum_onion_discovery.py | 160 ++++- + discovery/entrypoint.sh | 2 +- + dvar/Dockerfile.dvar | 55 ++ + dvar/entrypoint.sh | 87 +++ + dvar/src/vuln_httpd.c | 194 ++++++ + koursk-2/Dockerfile.koursk-2 | 5 + + koursk-2/scripts/rsync-start.sh | 2 +- + mcp-server/Dockerfile | 6 +- + narva/Dockerfile.narva | 14 +- + oblast/Dockerfile.zaproxy | 7 +- + scripts/cccp.sh | 173 +++-- + scripts/metasploitable2_exploit.py | 388 +++++++++++ + scripts/startover.sh | 1 + + sentinel/collector/Dockerfile | 6 +- + stack/40-service-borodino.yml | 18 +- + stack/56-service-dvar.yml | 55 ++ + toto | 945 ++++++++++++++++++++++++++ + tsushima/Dockerfile.tsushima | 84 +-- + 27 files changed, 3504 insertions(+), 702 deletions(-) +```