Last active
June 12, 2023 22:16
-
-
Save dabdine/ac6aadde068cad4d58251453e688a84f to your computer and use it in GitHub Desktop.
[Censys] Microsoft OMI container to test CVE-2021-38647 (OMIGOD)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM ubuntu | |
| LABEL org.opencontainers.image.version="1.0.0" | |
| LABEL org.opencontainers.image.vendor="Censys" | |
| LABEL org.opencontainers.image.url="https://censys.io/blog/understanding-the-impact-of-omigod-cve-2021-38647" | |
| LABEL org.opencontainers.image.title="Censys Microsoft OMI Container Environment" | |
| LABEL org.opencontainers.image.description="Creates an environment which exposes a plaintext OMI service on port 5985" | |
| ARG OMI_VERSION=1.6.8-0 | |
| ARG SCX_VERSION=1.6.6-0 | |
| ARG SCX_TARGET=universal | |
| RUN apt-get update && apt-get install -y \ | |
| wget \ | |
| && rm -rf /var/lib/apt/lists/* | |
| RUN wget https://github.com/microsoft/omi/releases/download/v$OMI_VERSION/omi-$OMI_VERSION.ssl_110.ulinux.x64.deb \ | |
| && dpkg -i omi-$OMI_VERSION.ssl_110.ulinux.x64.deb \ | |
| && rm omi-$OMI_VERSION.ssl_110.ulinux.x64.deb \ | |
| && sed -i "s|httpport=0|httpport=5985|g" /etc/opt/omi/conf/omiserver.conf | |
| RUN wget https://github.com/microsoft/SCXcore/releases/download/$SCX_VERSION/scx-$SCX_VERSION.ssl_110.$SCX_TARGET.x64.deb \ | |
| && dpkg -i scx-$SCX_VERSION.ssl_110.$SCX_TARGET.x64.deb \ | |
| && rm scx-$SCX_VERSION.ssl_110.$SCX_TARGET.x64.deb | |
| RUN /etc/init.d/omid stop | |
| EXPOSE 5985 | |
| ENTRYPOINT /etc/init.d/omid restart; tail -f /var/opt/omi/log/omiserver.log |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Should the
EXPOSEdirective on L27 actually be 5985 not 5895?