penkit 0.0.1.rc2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 1f4a19d70fab6445e950cf902d1521ec8a45ccdb
+  data.tar.gz: a445066995b1e562e06f7901fc3965369017569c
+SHA512:
+  metadata.gz: d9e52c147e9abec5a100613f2c1e1d472736fefb1a585ba37b2f2c050ed69689463cc002ab59bc6705102b31465c6a78c3eeef31b5c30688b22056084811eab4
+  data.tar.gz: d7de7a08b54d0ada8b5d8c7ff06200688c2ca337a7e0da2c63b164886b57c1df0616c660ad9f84ab8b35be32f573a1133ef42037743eded6681534142e3683f3

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 penkit
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/TERMS

@@ -0,0 +1,73 @@
+penkit Terms of Service
+
+Terms of Service will be referred to as 'TOS.'
+The website, software, and source code will collectively be referred to as 'penkit.'
+
+1. Acceptance of Terms:
+
+penkit may update the TOS at any time and without prior notice by posting a new version at http://penkit.io. The information on this site, any penkit software, and your use of it is subject to the most recent version of the TOS posted.
+
+2. Indemnity:
+
+You agree to indemnify and hold penkit and its subsidiaries, affiliates, officers, 
+agents, employees, partners and licensors harmless from any claim or demand including 
+but not limited to your use of of penkit, your connection to penkit, your violation of 
+the penkit TOS, or your violation of any rights of another.
+
+
+3. Modifications to penkit:
+
+You acknowledge that penkit and its maintainers may establish general practices and 
+limits concerning use of penkit. You further acknowledge that penkit reserves the 
+right to modify these general practices and limits from time to time. penkit reserves 
+the right at any time and from time to time to modify or discontinue, temporarily or 
+permanently, the penkit service (or any part thereof) with or without notice. You 
+agree that penkit shall not be liable to you or to any third party for any 
+modification, suspension or discontinuance of penkit.
+
+4. Termination:
+
+You agree that penkit and its maintainers may terminate your access to penkit for 
+violations of the TOS and/or requests by authorized law enforcement or other 
+government agencies.
+
+5. Links:
+
+The penkit may provide, or third parties may provide, links to other World Wide Web 
+sites or resources. Because penkit has no control over such sites and resources, you 
+acknowledge and agree that penkit is not responsible for the availability of such 
+external sites or resources, and does not endorse and is not responsible or liable for 
+any Content, advertising, products or other materials on or available from such sites 
+or resources. You further acknowledge and agree that penkit shall not be responsible 
+or liable, directly or indirectly, for any damage or loss caused or alleged to be 
+caused by or in connection with use of or reliance on any such Content, goods or 
+services available on or through any such site or resource.
+
+6. Distribution, modification, and repackaging:
+
+You may distribute, modify, or repackage penkit in accordance with the MIT license.
+If you choose to redistribute penkit, we would be very grateful if you credited
+our project and spread the word.
+
+7. Permitted and Prohibited Uses:
+
+You may use penkit for the sole purpose of learning about computer security on
+computers or other electronic devices you own.
+
+You may not use penkit to test, exploit, attack or in any way interact with computers
+or electronic devices that you do not own.
+
+You may not use 'penkit' or any of the affiliated penkit branding without explicit permission from the maintainers.
+
+
+8. Limitation of Liability:
+
+You expressly understand and agree that penkit and its subsidiaries, affiliates, 
+officers, employees, agents, partners and licensors shall not be liable to you for any 
+direct, indirect, incidental, special, consequential or exemplary damages, including, 
+but not limited to, damages for loss of profits, goodwill, use, data or other 
+intangible losses (even if penkit has been advised of the possibility of such 
+damages), resulting from the use or the inability to use the penkit service.
+
+
+By visiting our site or using our product, you agree to the TOS. Any violation of the terms listed above prohibits you from using penkit.

data/bin/penkit

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+
+require "penkit"
+
+Penkit::CLI.start(ARGV)

data/config/wordpress.yml

@@ -0,0 +1,33 @@
+version: "2.0"
+services:
+  wordpress:
+    image: ${DOCKER_IMAGE}
+    container_name: ${DOCKER_NAME}
+    depends_on:
+      - mysql
+    environment:
+      WP_DB_HOST: ${DOCKER_NAME}_mysql
+      WP_DB_PORT: 3306
+      WP_DB_USER: wpuser
+      WP_DB_PASS: password
+      WP_DB_NAME: wpdb
+    labels:
+      penkit: "true"
+    networks:
+      penkit:
+
+  mysql:
+    image: penkit/mysql:latest
+    container_name: ${DOCKER_NAME}_mysql
+    environment:
+      MYSQL_USER: wpuser
+      MYSQL_PASSWORD: password
+      MYSQL_DATABASE: wpdb
+    labels:
+      penkit: "true"
+    networks:
+      penkit:
+
+networks:
+  penkit:
+    external: true

data/lib/penkit.rb

@@ -0,0 +1,4 @@
+require "penkit/cli"
+require "penkit/docker"
+require "penkit/docker_compose"
+require "penkit/version"

data/lib/penkit/cli.rb

@@ -0,0 +1 @@
+require "penkit/cli/penkit"

data/lib/penkit/cli/penkit.rb

@@ -0,0 +1,96 @@
+require "thor"
+
+module Penkit
+  class CLI < Thor
+    desc "ps", "List penkit docker containers"
+    def ps
+      docker.ps
+    end
+
+    desc "rm [CONTAINER...]", "Remove penkit docker containers"
+    def rm(*containers)
+      if containers.any?
+        docker.rm(*containers)
+      else
+        rm_all
+      end
+    end
+
+    desc "start [OPTIONS] IMAGE", "Start a penkit docker image"
+    option :name, desc: "Override name and hostname of container"
+    def start(image)
+      if docker_compose.has_config?(image)
+        opts = options.dup
+        opts[:name] ||= docker.unique_name(image)
+        docker_compose.up(image, opts)
+      else
+        docker.start(image, options.dup)
+      end
+    end
+
+    desc "stop [CONTAINER...]", "Stop penkit docker containers"
+    def stop(*containers)
+      if containers.any?
+        docker.stop(*containers)
+      else
+        stop_all
+      end
+    end
+
+    # Tools
+
+    desc "curl [ARGS...]", "Run curl on the penkit docker network"
+    def curl(*args)
+      docker.run("cli:curl", *args)
+    end
+
+    desc "metasploit [ARGS...]", "Run metasploit on the penkit docker network"
+    def metasploit(*args)
+      docker.run("cli:metasploit", *args)
+    end
+
+    desc "sqlmap [ARGS...]", "Run sqlmap on the penkit docker network"
+    def sqlmap(*args)
+      docker.run("cli:sqlmap", *args)
+    end
+
+    desc "wpscan [ARGS...]", "Run wpscan on the penkit docker network"
+    def wpscan(*args)
+      docker.run("cli:wpscan", *args)
+    end
+
+    private
+
+    def docker
+      @docker ||= Penkit::Docker.new
+    end
+
+    def docker_compose
+      @docker_compose ||= Penkit::DockerCompose.new
+    end
+
+    def stop_all
+      containers = docker.find_running_containers
+      docker.stop(*containers) if stop_all?(containers)
+    end
+
+    def stop_all?(containers)
+      return false if containers.size == 0
+      message = "Are you sure you want to stop %d %s? [y/N]"
+      word = containers.size > 1 ? "containers" : "container"
+      ask(message % [containers.size, word]) == "y"
+    end
+
+    def rm_all
+      containers = docker.find_all_containers
+      docker.rm(*containers) if rm_all?(containers)
+    end
+
+    def rm_all?(containers)
+      return false if containers.size == 0
+      message = "Are you sure you want to remove %d %s? [y/N]"
+      word = containers.size > 1 ? "containers" : "container"
+      ask(message % [containers.size, word]) == "y"
+    end
+  end
+end

data/lib/penkit/docker.rb

@@ -0,0 +1,85 @@
+module Penkit
+  class Docker
+    IMAGE_REGEX = /^([^\s\/:]+)(:[^\s\/:]+)?$/
+    NETWORK = "penkit".freeze
+    REPOSITORY = "penkit".freeze
+
+    def create_network!
+      system("docker", "network", "create", *network_options, out: File::NULL) unless network_exists?
+    end
+
+    def find_all_containers
+      IO.popen(["docker", "ps", "-aq", *filter_options]).readlines.map(&:strip)
+    end
+
+    def find_running_containers
+      IO.popen(["docker", "ps", "-q", *filter_options]).readlines.map(&:strip)
+    end
+
+    def image_name(image)
+      image[IMAGE_REGEX, 1]
+    end
+
+    def image_url(image)
+      "#{REPOSITORY}/#{image}"
+    end
+
+    def ps
+      exec("docker", "ps", *filter_options)
+    end
+
+    def rm(*containers)
+      exec("docker", "rm", "--force", *containers)
+    end
+
+    def run(image, *args)
+      create_network!
+      exec("docker", "run", "--rm", "-it", *run_options, image_url(image), *args)
+    end
+
+    def start(image, options={})
+      create_network!
+      options[:name] ||= unique_name(image)
+      puts "Starting container #{options[:name]}"
+      exec("docker", "run", "--detach", *run_options(options), image_url(image))
+    end
+
+    def stop(*containers)
+      exec("docker", "stop", *containers)
+    end
+
+    def unique_name(name)
+      name = image_name(name)
+      name_list = find_container_names
+      100.times do |i|
+        return name unless name_list.include? name
+        name = [name[/^(.*\D)\d*$/, 1], i + 1].join
+      end
+      name
+    end
+
+    private
+
+    def find_container_names
+      IO.popen(["docker", "ps", "-a", "--format", "{{.Names}}", *filter_options]).readlines.map(&:strip)
+    end
+
+    def network_exists?
+      system("docker", "network", "inspect", NETWORK, out: File::NULL, err: File::NULL)
+    end
+
+    def network_options
+      %w(--driver bridge) << NETWORK
+    end
+
+    def filter_options
+      %w(--filter label=penkit)
+    end
+
+    def run_options(options={})
+      args = %w(--label penkit=true --network penkit)
+      args += ["--name", options[:name], "--hostname", options[:name]] if options[:name]
+      args
+    end
+  end
+end

data/lib/penkit/docker_compose.rb

@@ -0,0 +1,37 @@
+module Penkit
+  class DockerCompose
+    def has_config?(image)
+      File.exist?(config_file(image))
+    end
+
+    def up(image, options = {})
+      docker.create_network!
+      env = compose_env(image, options)
+
+      # TODO: find out why exec bombs here (see Penkit::Docker#find_all_containers)
+      system(env, "docker-compose", *compose_options(image, options), "up", "-d")
+    end
+
+    private
+
+    def compose_env(image, options={})
+      {
+        "DOCKER_IMAGE" => docker.image_url(image),
+        "DOCKER_NAME" => options[:name]
+      }
+    end
+
+    def compose_options(image, options={})
+      ["-f", config_file(image), "-p", options[:name]]
+    end
+
+    def config_file(image)
+      root = File.expand_path("../../..", __FILE__)
+      File.join(root, "config", "#{docker.image_name(image)}.yml")
+    end
+
+    def docker
+      @docker ||= Penkit::Docker.new
+    end
+  end
+end

data/lib/penkit/version.rb

@@ -0,0 +1,3 @@
+module Penkit
+  VERSION = "0.0.1.rc2"
+end

metadata

@@ -0,0 +1,85 @@
+--- !ruby/object:Gem::Specification
+name: penkit
+version: !ruby/object:Gem::Version
+  version: 0.0.1.rc2
+platform: ruby
+authors:
+- Don Humphreys
+- Sam Lachance
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-03-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: thor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.19.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.19.4
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+description: Command-line interface for managing Penkit containers
+email:
+- don@penkit.io
+- sam@penkit.io
+executables:
+- penkit
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- TERMS
+- bin/penkit
+- config/wordpress.yml
+- lib/penkit.rb
+- lib/penkit/cli.rb
+- lib/penkit/cli/penkit.rb
+- lib/penkit/docker.rb
+- lib/penkit/docker_compose.rb
+- lib/penkit/version.rb
+homepage: http://penkit.io
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">"
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2
+signing_key: 
+specification_version: 4
+summary: Penkit CLI
+test_files: []