initial commit

.github/workflows/docker.yml

@@ -0,0 +1,32 @@
+name: Publish Docker Image
+on:
+  - push
+jobs:
+  push-to-ghcr:
+    name: Push tools Docker image to GitHub Packages
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+      - name: Get short SHA
+        run: |
+          echo "sha=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
+          echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
+      - name: Log in to GitHub Docker Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build container image
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          file: Dockerfile.tools
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository }}/tools:${{ env.sha }}
+            ghcr.io/${{ github.repository }}/tools:${{ env.branch }}

Dockerfile.tools

@@ -0,0 +1,45 @@
+FROM debian:bookworm
+
+RUN echo "wireshark-common wireshark-common/install-setuid boolean false" | debconf-set-selections
+
+RUN apt update \
+  && apt install -y --no-install-recommends \
+    ca-certificates \
+    curl \
+    dsniff \
+    lxterminal \
+    htop \
+    iptables \
+    iproute2 \
+    nano \
+    nmap \
+    novnc \
+    openbox \
+    python3 \
+    python3-pip \
+    supervisor \
+    tcpdump \
+    tigervnc-standalone-server \
+    tint2 \
+    tmux \
+    tshark \
+    vim \
+    wireshark \
+    xdg-utils \
+  && rm -rf /var/lib/apt/lists \
+  && mkdir -p /usr/share/desktop-directories
+
+RUN curl -fsSL https://tailscale.com/install.sh | sh
+
+RUN python3 -m pip install --break-system-packages mitmproxy
+
+COPY configs/docker/openbox-menu.xml /root/.config/openbox/menu.xml
+COPY configs/docker/tint2rc          /root/.config/tint2/tint2rc
+COPY configs/docker/supervisord.conf /etc/supervisor/supervisord.conf
+
+RUN cp /etc/xdg/openbox/rc.xml /root/.config/openbox/rc.xml \
+  && sed -i 's/Clearlooks/Nightmare-01/g' /root/.config/openbox/rc.xml
+
+EXPOSE 8080
+
+CMD ["supervisord", "-c", "/etc/supervisor/supervisord.conf"]

README.md

@@ -0,0 +1,14 @@
+# OT Security Lab: UIUC CS 460 / ECE 419 - Security Laboratory
+
+Welcome to the second OT Security Lab for UIUC course CS 460 / EC419 - Security
+Laboratory in December 2024.
+
+This lab has 4 separate modules, each building on the previous one, in separate
+branches.
+
+To start, create a Gitpod account (if needed) and deploy the initial Gitpod
+workspace using the following URL.
+
+https://gitpod.io/#https://github.com/patsec/uiuc-farm/tree/module-0
+
+Follow the README instructions in the workspace.

configs/docker/openbox-menu.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="utf-8"?>
+<openbox_menu xmlns="http://openbox.org/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://openbox.org/ file:///usr/share/openbox/menu.xsd">
+    <menu id="root-menu" label="Openbox 3">
+        <item label="Wireshark">
+            <action name="Execute">
+                <execute>/usr/bin/wireshark</execute>
+            </action>
+        </item>
+        <item label="Terminal">
+            <action name="Execute">
+                <execute>/usr/bin/x-terminal-emulator</execute>
+            </action>
+        </item>
+        <item label="Htop">
+            <action name="Execute">
+                <execute>/usr/bin/x-terminal-emulator -e htop</execute>
+            </action>
+        </item>
+    </menu>
+</openbox_menu>

configs/docker/supervisord.conf

@@ -0,0 +1,35 @@
+[supervisord]
+nodaemon=true
+user=root
+pidfile=/tmp/supervisord.pid
+logfile=/dev/fd/1
+logfile_maxbytes=0
+
+[program:websockify]
+priority=0
+command=/usr/bin/websockify --web /usr/share/novnc 8080 localhost:5900
+autorestart=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+
+[program:openbox]
+priority=1
+command=/usr/bin/openbox
+environment=DISPLAY=:1
+autorestart=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+
+[program:tint2]
+priority=1
+command=/usr/bin/tint2
+environment=DISPLAY=:1
+autorestart=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+
+[include]
+files = /etc/supervisor/conf.d/*.conf

configs/docker/tint2rc

@@ -0,0 +1,3 @@
+panel_items = T
+taskbar_name = 0
+background_color = #7F1E31 100