Skip to content

LiamRandall/simpleexec

BranchesTags

Repository files navigation

simpleexec - trivial webshell in go

A simple webshell in go to help demonstrate the risks of heavy weight docker images, docker image sizes, and attack surface.

Compiling:

CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o simpleExec .

Explanation of above: We are statically linking the necessary libraries (though this app doesn't use much). So the go binary will have everything it needs (including the kitchen sink that typically comes with the Linux OS)

CGO_ENABLED = 0 -installsuffix cgo means to not use go libraries that use "C" go libraries (because we are cross-compiling from a Mac to a linux OS).

More info on that: https://golang.org/cmd/cgo/ golang/go#9344

Building Containers

For GoLang:

docker build -t simple-golang -f Dockerfile.golang .
docker run -p 8004:8080 --name simple-golang -t simple-golang

For Fedora:

docker build -t simple-fedora -f Dockerfile.fedora .
docker run -p 8000:8080 --name simple-fedora -t simple-fedora

For Ubuntu:

docker build -t simple-ubuntu -f Dockerfile.ubuntu .
docker run -p 8001:8080 --name simple-ubuntu -t simple-ubuntu

For alpine:

docker build -t simple-alpine -f Dockerfile.alpine .
docker run -p 8080:8080 --name alpineweb -t simpealpine

For scratch:

docker build -t simple-scratch -f Dockerfile.scratch .
docker run -p 8003:8080 --name simple-scratch -t simple-scratch

Container sizes:

$ docker ps -s
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS                    NAMES               SIZE
f3617c277518        simple-golang       "/simpleExec"       27 seconds ago       Up 27 seconds       0.0.0.0:8004->8080/tcp   simple-golang       0 B (virtual 709 MB)
9ec20298b489        simple-fedora       "/simpleExec"       About a minute ago   Up About a minute   0.0.0.0:8000->8080/tcp   simple-fedora       0 B (virtual 237 MB)
5dab651ee3af        simple-scratch      "/simpleExec"       4 hours ago          Up 4 hours          0.0.0.0:8003->8080/tcp   simple-scratch      0 B (virtual 5.96 MB)
f3d75455ecd2        simple-alpine       "/simpleExec"       4 hours ago          Up 4 hours          0.0.0.0:8002->8080/tcp   simple-alpine       0 B (virtual 9.95 MB)
33d05c1c7218        simple-ubuntu       "/simpleExec"       4 hours ago          Up 4 hours          0.0.0.0:8001->8080/tcp   simple-ubuntu       0 B (virtual 123 MB)

Getting Started (Mac)

You should have docker and Go installed.

Additional Resources

Building Minimal Docker Containers for Go Applications

TODO:

  • blog posts
  • demonstration video
  • build instructions for other platforms
  • demonstration instructions

Docker Install

ToDo

Go Installation

ToDo

Tests; CI/CD; Docker Registry Setup

ToDo

Built With

  • Go

Contributing

ToDo:

Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

Authors

  • Liam Randall
  • Jeremy Fleitz

See also the list of contributors who participated in this project.

License

This project is licensed under the BSD License - see the LICENSE file for details

Acknowledgments

  • Critical Stack Crew

About

A simple webshell in Go.

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

15 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages