Skip to content

Instantly share code, notes, and snippets.

@staaldraad
Created September 4, 2018 16:13
Show Gist options
  • Save staaldraad/550fa7e3c2c19a5c281596837a3b7547 to your computer and use it in GitHub Desktop.
Save staaldraad/550fa7e3c2c19a5c281596837a3b7547 to your computer and use it in GitHub Desktop.
Dockerfile to get a malicious git Repository up and running
FROM ubuntu:16.04
RUN apt update ; \
apt install -y git apache2
RUN mkdir /srv/git
COPY git-http.conf .
RUN cat git-http.conf >> /etc/apache2/apache2.conf
RUN a2enmod cgi
RUN a2enmod alias
RUN a2enmod env
RUN chown www-data:www-data /srv/git
ENTRYPOINT ["apachectl", "-DFOREGROUND"]
SetEnv GIT_PROJECT_ROOT /srv/git
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAlias /git/ /usr/lib/git-core/git-http-backend/
<Files "git-http-backend">
Options ExecCGI Indexes
Order allow,deny
Allow from all
Require all granted
Require expr !(%{QUERY_STRING} -strmatch '*service=git-receive-pack*' || %{REQUEST_URI} =~ m#/git-receive-pack$#)
</Files>
<Directory "/usr/lib/git-core*">
Options ExecCGI Indexes
Order allow,deny
Allow from all
Require all granted
</Directory>
<LocationMatch "^/.*/git-receive-pack$">
Options +ExecCGI
Require all granted
</LocationMatch>
<LocationMatch "^/.*/git-upload-pack$">
Options +ExecCGI
Require all granted
</LocationMatch>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment