garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

use ruby alpine image from now on

Browse Source
This commit is contained in:
Christian Mehlmauer
2017-04-21 19:40:25 +02:00
parent e186ec7534
commit 67ba526b5b
4 changed files with 42 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
Dockerfile
View File

@@ -1,20 +1,19 @@
FROM ruby:2.4-slim FROM ruby:2.4-alpine
MAINTAINER WPScan Team <team@wpscan.org> MAINTAINER WPScan Team <team@wpscan.org>
ARG BUNDLER_ARGS="--system --jobs=8 --without test" ARG BUNDLER_ARGS="--jobs=8 --without test"
RUN DEBIAN_FRONTEND=noninteractive && \ RUN adduser -h /wpscan -g WPScan -D wpscan
rm -rf /var/lib/apt/lists/* && \
apt-get update && \
apt-get --no-install-recommends -qq -y install curl git ca-certificates openssl libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev build-essential procps
RUN useradd -d /wpscan wpscan
RUN echo "gem: --no-ri --no-rdoc" > /etc/gemrc RUN echo "gem: --no-ri --no-rdoc" > /etc/gemrc
RUN mkdir /wpscan
COPY Gemfile /wpscan COPY Gemfile /wpscan
WORKDIR /wpscan
RUN bundle install $BUNDLER_ARGS # runtime dependecies
RUN apk add --no-cache libcurl procps && \
# build dependecies
apk add --no-cache --virtual build-deps libcurl ruby-dev libffi-dev make gcc musl-dev zlib-dev procps && \
bundle install --system --gemfile=/wpscan/Gemfile $BUNDLER_ARGS && \
apk del --no-cache build-deps
COPY . /wpscan COPY . /wpscan
RUN chown -R wpscan:wpscan /wpscan RUN chown -R wpscan:wpscan /wpscan

54
README.md
View File

@@ -97,6 +97,35 @@ WPScan comes pre-installed on the following Linux distributions:
Windows is not supported Windows is not supported
We suggest you use our official Docker image from https://hub.docker.com/r/wpscanteam/wpscan/ to avoid installation problems.
# DOCKER
Pull the repo with `docker pull wpscanteam/wpscan`
## Start WPScan
```
docker run -it --rm wpscanteam/wpscan -u https://yourblog.com [options]
```
For the available Options, please see https://github.com/wpscanteam/wpscan#wpscan-arguments
If you run the git version of wpscan we included some binstubs in ./bin for easier start of wpscan.
## Examples
Mount a local wordlist to the docker container and start a bruteforce attack for user admin
```
docker run -it --rm -v ~/wordlists:/wordlists wpscanteam/wpscan --url https://yourblog.com --wordlist /wordlists/crackstation.txt --username admin
```
(This mounts the host directory `~/wordlists` to the container in the path `/wordlists`)
Published on https://hub.docker.com/r/wpscanteam/wpscan/
# Manual install
## Prerequisites ## Prerequisites
- Ruby >= 2.1.9 - Recommended: 2.4.0 - Ruby >= 2.1.9 - Recommended: 2.4.0
@@ -125,7 +154,7 @@ Windows is not supported
Apple Xcode, Command Line Tools and the libffi are needed (to be able to install the FFI gem), See [http://stackoverflow.com/questions/17775115/cant-setup-ruby-environment-installing-fii-gem-error](http://stackoverflow.com/questions/17775115/cant-setup-ruby-environment-installing-fii-gem-error) Apple Xcode, Command Line Tools and the libffi are needed (to be able to install the FFI gem), See [http://stackoverflow.com/questions/17775115/cant-setup-ruby-environment-installing-fii-gem-error](http://stackoverflow.com/questions/17775115/cant-setup-ruby-environment-installing-fii-gem-error)
## Installing with RVM (recommended) ## Installing with RVM (recommended when doing a manual install)
If you are using GNOME Terminal, there are some steps required before executing the commands. See here for more information: If you are using GNOME Terminal, there are some steps required before executing the commands. See here for more information:
https://rvm.io/integration/gnome-terminal#integrating-rvm-with-gnome-terminal https://rvm.io/integration/gnome-terminal#integrating-rvm-with-gnome-terminal
@@ -150,29 +179,6 @@ https://rvm.io/integration/gnome-terminal#integrating-rvm-with-gnome-terminal
cd wpscan cd wpscan
sudo gem install bundler && bundle install --without test sudo gem install bundler && bundle install --without test
# DOCKER
Pull the repo with `docker pull wpscanteam/wpscan`
## Start WPScan
```
docker run --rm wpscanteam/wpscan -u https://yourblog.com [options]
```
For the available Options, please see https://github.com/wpscanteam/wpscan#wpscan-arguments
## Examples
Mount a local wordlist to the docker container and start a bruteforce attack for user admin
```
docker run --rm -v ~/wordlists:/wordlists wpscanteam/wpscan --url https://yourblog.com --wordlist /wordlists/crackstation.txt --username admin
```
(This mounts the host directory `~/wordlists` to the container in the path `/wordlists`)
Published on https://hub.docker.com/r/wpscanteam/wpscan/
# KNOWN ISSUES # KNOWN ISSUES
- Typhoeus segmentation fault - Typhoeus segmentation fault

2
bin/wpscan
View File

@@ -10,5 +10,5 @@ DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
cd $DIR/../ cd $DIR/../
docker build -q -t wpscan:git . docker build -q -t wpscan:git .
docker run --rm wpscan:git "$@" docker run -it --rm wpscan:git "$@"

2
bin/wpscan-dev
View File

@@ -12,5 +12,5 @@ cd $DIR/../
if [[ -n "$WPSCAN_BUILD" ]]; then if [[ -n "$WPSCAN_BUILD" ]]; then
docker build -q -t wpscan:git . docker build -q -t wpscan:git .
fi fi
docker run --rm -v $DIR/../:/wpscan wpscan:git "$@" docker run -it --rm -v $DIR/../:/wpscan wpscan:git "$@"