--- title: "[bojemoi] feat: multi-stage Dockerfiles, DVAR IoT target, bm12/uzi ARM enrichment" date: 2026-03-25T22:44:39+01:00 draft: false tags: ["commit", "bojemoi", "main"] categories: ["Git Activity"] summary: "Commit a79479d par Betty dans bojemoi" author: "Betty" --- ## Commit `a79479d` | | | |---|---| | **Repository** | bojemoi | | **Branch** | `main` | | **Author** | Betty | | **Hash** | `a79479d732a7eb95cb017eee5084f11e08946849` | ### Description Dockerfiles: - Convert 8 Dockerfiles to multi-stage / virtual build-deps pattern: - oblast/Dockerfile.zaproxy: remove make/ant/automake/autoconf/gcc from final stage, openjdk-jdk → jre - telegram-bot, discovery: proper builder/runtime stages, gcc+libpq-dev removed from runtime - tsushima: dedicated masscan-builder stage + --virtual .ruby-build-deps - borodino/Dockerfile.borodino, berezina/Dockerfile.berezina: --virtual .build-deps removed after bundle install - narva/Dockerfile.narva, borodino/Dockerfile.berezina: remove unused build tools (no bundle install) - Compile Python sources in: mcp-server, discovery, sentinel/collector, koursk-2 - cccp.sh: docker buildx build --push (direct registry), ensure_registry() boot stack check DVAR IoT: - dvar/: Dockerfile.dvar (QEMU ARM emulation, cross-compiled vuln HTTP server), entrypoint, vuln_httpd.c - stack/56-service-dvar.yml: pentest + iot_network networks, worker placement - scripts/metasploitable2_exploit.py: Metasploitable2 exploit helper Borodino bm12/uzi: - thearm_bm12: arch detection (_ARCH_PATTERNS, _IOT_KEYWORDS), IoT/ARM banner parsing, stores arch in hosts.arch - thearm_uzi: ARM/MIPS payload selection, IoT OS path, host_arch from DB, generic IoT support - stack/40-service-borodino.yml: bm12_v3 scan_status target, updated service config Co-Authored-By: Claude Sonnet 4.6 ### Files Changed ``` M .dockerignore M berezina/Dockerfile.berezina M borodino/.dockerignore M borodino/Dockerfile.berezina M borodino/Dockerfile.borodino M borodino/thearm_bm12 M borodino/thearm_uzi M borodino/toto M discovery/Dockerfile M discovery/breachforum_onion_discovery.py M discovery/entrypoint.sh A dvar/Dockerfile.dvar A dvar/entrypoint.sh A dvar/src/vuln_httpd.c M koursk-2/Dockerfile.koursk-2 M koursk-2/scripts/rsync-start.sh M mcp-server/Dockerfile M narva/Dockerfile.narva M oblast/Dockerfile.zaproxy M scripts/cccp.sh A scripts/metasploitable2_exploit.py M scripts/startover.sh M sentinel/collector/Dockerfile M stack/40-service-borodino.yml A stack/56-service-dvar.yml A toto M tsushima/Dockerfile.tsushima ``` ### Diff Summary ``` .dockerignore | 1 + berezina/Dockerfile.berezina | 73 +- borodino/.dockerignore | 1 + borodino/Dockerfile.berezina | 29 +- borodino/Dockerfile.borodino | 51 +- borodino/thearm_bm12 | 151 ++++- borodino/thearm_uzi | 579 ++++++++++------ borodino/toto | 1092 ++++++++++++++++++++++++++---- discovery/Dockerfile | 27 +- discovery/breachforum_onion_discovery.py | 160 ++++- discovery/entrypoint.sh | 2 +- dvar/Dockerfile.dvar | 55 ++ dvar/entrypoint.sh | 87 +++ dvar/src/vuln_httpd.c | 194 ++++++ koursk-2/Dockerfile.koursk-2 | 5 + koursk-2/scripts/rsync-start.sh | 2 +- mcp-server/Dockerfile | 6 +- narva/Dockerfile.narva | 14 +- oblast/Dockerfile.zaproxy | 7 +- scripts/cccp.sh | 173 +++-- scripts/metasploitable2_exploit.py | 388 +++++++++++ scripts/startover.sh | 1 + sentinel/collector/Dockerfile | 6 +- stack/40-service-borodino.yml | 18 +- stack/56-service-dvar.yml | 55 ++ toto | 945 ++++++++++++++++++++++++++ tsushima/Dockerfile.tsushima | 84 +-- 27 files changed, 3504 insertions(+), 702 deletions(-) ```