bojemoi/blog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d14579059571996dcbb80b9c9cfc1eec95e685f4
blog/content/posts/commits/2026-03-25-commit-a79479d.md
Betty 20e02cb6db
Some checks failed
Hugo Build & Deploy / build-deploy (push) Has been cancelled
Details
post: commit a79479d in bojemoi
2026-03-25 22:44:40 +01:00

109 lines
4.1 KiB
Markdown
Raw Blame History

---
title: "[bojemoi] feat: multi-stage Dockerfiles, DVAR IoT target, bm12/uzi ARM enrichment"
date: 2026-03-25T22:44:39+01:00
draft: false
tags: ["commit", "bojemoi", "main"]
categories: ["Git Activity"]
summary: "Commit a79479d par Betty dans bojemoi"
author: "Betty"
---
## Commit `a79479d`
| | |
|---|---|
| **Repository** | bojemoi |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `a79479d732a7eb95cb017eee5084f11e08946849` |
### Description
Dockerfiles:
- Convert 8 Dockerfiles to multi-stage / virtual build-deps pattern:
- oblast/Dockerfile.zaproxy: remove make/ant/automake/autoconf/gcc from final stage, openjdk-jdk → jre
- telegram-bot, discovery: proper builder/runtime stages, gcc+libpq-dev removed from runtime
- tsushima: dedicated masscan-builder stage + --virtual .ruby-build-deps
- borodino/Dockerfile.borodino, berezina/Dockerfile.berezina: --virtual .build-deps removed after bundle install
- narva/Dockerfile.narva, borodino/Dockerfile.berezina: remove unused build tools (no bundle install)
- Compile Python sources in: mcp-server, discovery, sentinel/collector, koursk-2
- cccp.sh: docker buildx build --push (direct registry), ensure_registry() boot stack check
DVAR IoT:
- dvar/: Dockerfile.dvar (QEMU ARM emulation, cross-compiled vuln HTTP server), entrypoint, vuln_httpd.c
- stack/56-service-dvar.yml: pentest + iot_network networks, worker placement
- scripts/metasploitable2_exploit.py: Metasploitable2 exploit helper
Borodino bm12/uzi:
- thearm_bm12: arch detection (_ARCH_PATTERNS, _IOT_KEYWORDS), IoT/ARM banner parsing, stores arch in hosts.arch
- thearm_uzi: ARM/MIPS payload selection, IoT OS path, host_arch from DB, generic IoT support
- stack/40-service-borodino.yml: bm12_v3 scan_status target, updated service config
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
### Files Changed
```
M .dockerignore
M berezina/Dockerfile.berezina
M borodino/.dockerignore
M borodino/Dockerfile.berezina
M borodino/Dockerfile.borodino
M borodino/thearm_bm12
M borodino/thearm_uzi
M borodino/toto
M discovery/Dockerfile
M discovery/breachforum_onion_discovery.py
M discovery/entrypoint.sh
A dvar/Dockerfile.dvar
A dvar/entrypoint.sh
A dvar/src/vuln_httpd.c
M koursk-2/Dockerfile.koursk-2
M koursk-2/scripts/rsync-start.sh
M mcp-server/Dockerfile
M narva/Dockerfile.narva
M oblast/Dockerfile.zaproxy
M scripts/cccp.sh
A scripts/metasploitable2_exploit.py
M scripts/startover.sh
M sentinel/collector/Dockerfile
M stack/40-service-borodino.yml
A stack/56-service-dvar.yml
A toto
M tsushima/Dockerfile.tsushima
```
### Diff Summary
```
.dockerignore | 1 +
berezina/Dockerfile.berezina | 73 +-
borodino/.dockerignore | 1 +
borodino/Dockerfile.berezina | 29 +-
borodino/Dockerfile.borodino | 51 +-
borodino/thearm_bm12 | 151 ++++-
borodino/thearm_uzi | 579 ++++++++++------
borodino/toto | 1092 ++++++++++++++++++++++++++----
discovery/Dockerfile | 27 +-
discovery/breachforum_onion_discovery.py | 160 ++++-
discovery/entrypoint.sh | 2 +-
dvar/Dockerfile.dvar | 55 ++
dvar/entrypoint.sh | 87 +++
dvar/src/vuln_httpd.c | 194 ++++++
koursk-2/Dockerfile.koursk-2 | 5 +
koursk-2/scripts/rsync-start.sh | 2 +-
mcp-server/Dockerfile | 6 +-
narva/Dockerfile.narva | 14 +-
oblast/Dockerfile.zaproxy | 7 +-
scripts/cccp.sh | 173 +++--
scripts/metasploitable2_exploit.py | 388 +++++++++++
scripts/startover.sh | 1 +
sentinel/collector/Dockerfile | 6 +-
stack/40-service-borodino.yml | 18 +-
stack/56-service-dvar.yml | 55 ++
toto | 945 ++++++++++++++++++++++++++
tsushima/Dockerfile.tsushima | 84 +--
27 files changed, 3504 insertions(+), 702 deletions(-)
```
Reference in New Issue View Git Blame Copy Permalink