diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 00000000..396693f7 --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,139 @@ +# Pulled from Thanatos (https://github.com/MythicAgents/thanatos/blob/rewrite/.github/workflows/image.yml) - MEhrn00 + +# Name for the Github actions workflow +name: Build and push container images + +on: + # Only run workflow when there is a new release published in Github + #release: + # types: [published] + push: + branches: + - 'master' + - 'Mythic3.3' + tags: + - "v*.*.*" + +# Variables holding configuration settings +env: + # Container registry the built container image will be pushed to + REGISTRY: ghcr.io + + # Set the container image name to the Github repository name. (MythicAgents/apollo) + AGENT_IMAGE_NAME: ${{ github.repository }} + + # Description label for the package in Github + IMAGE_DESCRIPTION: ${{ github.repository }} container for use with Mythic + + # Source URL for the package in Github. This links the Github repository packages list + # to this container image + IMAGE_SOURCE: ${{ github.server_url }}/${{ github.repository }} + + # License for the container image + IMAGE_LICENSE: BSD-3-Clause + + # Set the container image version to the Github release tag + VERSION: ${{ github.ref_name }} + #VERSION: ${{ github.event.head_commit.message }} + + RELEASE_BRANCH: master + +jobs: + # Builds the base container image and pushes it to the container registry + agent_build: + runs-on: ubuntu-latest + permissions: + contents: write + packages: write + steps: + - name: Checkout the repository + uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout + - name: Log in to the container registry + uses: docker/login-action@v3 # ref: https://github.com/marketplace/actions/docker-login + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: 'arm64,arm' + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v2 + # the following are unique to this job + - name: Lowercase the server container image name + run: echo "AGENT_IMAGE_NAME=${AGENT_IMAGE_NAME,,}" >> ${GITHUB_ENV} + - name: Build and push the server container image + uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images + with: + context: Payload_Type/apollo + file: Payload_Type/apollo/Dockerfile + tags: | + ${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}:${{ env.VERSION }} + ${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}:latest + push: ${{ github.ref_type == 'tag' }} + # These container metadata labels allow configuring the package in Github + # packages. The source will link the package to this Github repository + labels: | + org.opencontainers.image.source=${{ env.IMAGE_SOURCE }} + org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }} + org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }} + platforms: linux/amd64,linux/arm64 + + update_files: + runs-on: ubuntu-latest + needs: + - agent_build + permissions: + contents: write + packages: write + + steps: + # Pull in the repository code + - name: Checkout the repository + uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout + + # update names to lowercase + - name: Lowercase the container image name + run: echo "AGENT_IMAGE_NAME=${AGENT_IMAGE_NAME,,}" >> ${GITHUB_ENV} + + # The Dockerfile which Mythic uses to pull in the base container image needs to be + # updated to reference the newly built container image + - name: Fix the server Dockerfile reference to reference the new release tag + working-directory: Payload_Type/apollo + run: | + sed -i "s|^FROM ghcr\.io.*$|FROM ${REGISTRY}/${AGENT_IMAGE_NAME}:${VERSION}|" Dockerfile + + - name: Update package.json version + uses: jossef/action-set-json-field@v2.1 + with: + file: config.json + field: remote_images.apollo + value: ${{env.REGISTRY}}/${{env.AGENT_IMAGE_NAME}}:${{env.VERSION}} + + # Push the changes to the Dockerfile + - name: Push the updated base Dockerfile image reference changes + if: ${{ github.ref_type == 'tag' }} + uses: EndBug/add-and-commit@v9 # ref: https://github.com/marketplace/actions/add-commit + with: + # Only add the Dockerfile changes. Nothing else should have been modified + add: "['Payload_Type/apollo/Dockerfile', 'config.json']" + # Use the Github actions bot for the commit author + default_author: github_actions + committer_email: github-actions[bot]@users.noreply.github.com + + # Set the commit message + message: "Bump Dockerfile tag to match release '${{ env.VERSION }}'" + + # Overwrite the current git tag with the new changes + tag: '${{ env.VERSION }} --force' + + # Push the new changes with the tag overwriting the current one + tag_push: '--force' + + # Push the commits to the branch marked as the release branch + push: origin HEAD:${{ env.RELEASE_BRANCH }} --set-upstream + + # Have the workflow fail in case there are pathspec issues + pathspec_error_handling: exitImmediately diff --git a/Payload_Type/apollo/Dockerfile b/Payload_Type/apollo/Dockerfile index 2bf6097b..24cca026 100644 --- a/Payload_Type/apollo/Dockerfile +++ b/Payload_Type/apollo/Dockerfile @@ -2,11 +2,18 @@ FROM mcr.microsoft.com/dotnet/sdk:8.0 RUN apt-get update && apt-get install python3 python3-pip python3.11-venv -y +RUN curl -L -o donut_shellcode-2.0.0.tar.gz https://github.com/MEhrn00/donut/releases/download/v2.0.0/donut_shellcode-2.0.0.tar.gz && \ + tar -xf donut_shellcode-2.0.0.tar.gz && \ + cd donut_shellcode-2.0.0 && \ + make && \ + cp donut / && \ + rm -rf donut_shellcode-2.0.0 && \ + rm -rf donut_shellcode-2.0.0.tar.gz WORKDIR /Mythic/ RUN python3 -m venv /venv RUN /venv/bin/python -m pip install mythic-container==0.5.9 -RUN /venv/bin/python -m pip install donut-shellcode +RUN /venv/bin/python -m pip install git+https://github.com/MEhrn00/donut.git@v2.0.0 RUN /venv/bin/python -m pip install mslex COPY [".", "."] @@ -14,4 +21,6 @@ COPY [".", "."] # fetch all dependencies RUN cd apollo/agent_code && dotnet restore +RUN cp /donut donut + CMD ["/venv/bin/python", "main.py"]