forked from P3GLEG/Whaler
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added read-only mount for docker.sock
Tagged specific versions to ensure it functions correctly in the future Changed tagging name from dfimage to whaler
- Loading branch information
Showing
2 changed files
with
56 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,11 +1,52 @@ | ||
| FROM golang AS builder | ||
| WORKDIR $GOPATH | ||
| RUN go get -u github.com/P3GLEG/Whaler | ||
| WORKDIR $GOPATH/src/github.com/P3GLEG/Whaler | ||
| RUN export CGO_ENABLED=0 && go build . | ||
| RUN cp Whaler /root/Whaler | ||
|
|
||
| FROM alpine | ||
| WORKDIR /root/ | ||
| COPY --from=builder /root/Whaler . | ||
| ENTRYPOINT ["./Whaler"] | ||
| <!-- | ||
| Title: Whaler | ||
| Description: reverse docker images easily | ||
| Author: pegleg | ||
| --> | ||
|
|
||
| # Whaler | ||
|
|
||
|
|
||
| Whaler is a Go program which is designed to reverse engineer docker images into the Dockerfile that created it. It currently performs the following actions | ||
|
|
||
| - Generates a Dockerfile from an Image | ||
| - Searches added filenames for potential secret files | ||
| - Extracts files that were added by the Docker ADD/COPY Instructions | ||
| - It also displays misc. information such as ports open, the user it runs as and environment variables. | ||
|
|
||
|  | ||
|
|
||
| You can read more about this on my blog [Here](https://samaritan.ai/blog/reversing-docker-images-into-dockerfiles/) | ||
|
|
||
| ### How to run it | ||
|
|
||
| The easiest way is to run the tool in docker container: | ||
|
|
||
| ``` | ||
| docker build --rm -t pegleg:whaler . | ||
| alias whaler="docker run -t --rm -v /var/run/docker.sock:/var/run/docker.sock:ro pegleg:whaler" | ||
| whaler -sV=1.36 nginx:latest | ||
| ``` | ||
|
|
||
| This tool will pull target docker image automatically. Parameter `-sV=1.36` is not always required. | ||
|
|
||
| ### How to build it | ||
| Git clone the project into your $GOPATH/src directory and perform the following command | ||
| ```go | ||
| go get -u github.com/P3GLEG/Whaler | ||
| cd $GOPATH/src/github.com/P3GLEG/Whaler | ||
| go build . | ||
| ``` | ||
| ### How to run it | ||
| ```go | ||
| ./Whaler | ||
| Usage of ./Whaler: | ||
| -f string | ||
| File containing images to analyze seperated by line | ||
| -filter | ||
| Filters filenames that create noise such as node_modules. Check ignore.go file for more details (default true) | ||
| -sV string | ||
| Set the docker client ID to a specific version -sV=1.36 | ||
| -v Print all details about the image | ||
| -x Save layers to current directory | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters