vulhub docker-compose报错ERROR: Service 'node' failed to build: ADD failed: Get https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh: read tcp...
配置vulhub漏洞环境的坑
报错点
ERROR: Service 'node' failed to build: ADD failed: Get
https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh: read
tcp 192.168.153.146:39278->185.199.108.133:443: read: connection reset by peer
经过多次尝试最后发现是https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh
这个网址连不上,可以换成国内github镜像https://hub.fastgit.org/,相应配置文件在CVE目录下的Dockerfile里,找到ADD https://raw.githubusercontent.com/vishnubob/wait-for-it/blob/master/wait-for-it.sh /usr/local/bin/wait-for-it.sh
并修改成ADD https://hub.fastgit.org/vishnubob/wait-for-it/blob/master/wait-for-it.sh /usr/local/bin/wait-for-it.sh
再docker-compose up -d
即可
具体解决过程
root@lrt-virtual-machine:~/vulhub/node/CVE-2017-16082# ls
db.sql Dockerfile package.json README.md
docker-compose.yml img package-lock.json www
root@lrt-virtual-machine:~/vulhub/node/CVE-2017-16082# cp Dockerfile Dockerfile.old
root@lrt-virtual-machine:~/vulhub/node/CVE-2017-16082# vim Dockerfile
FROM vulhub/node:9.0.0
LABEL maintainer="phithon <root@leavesongs.com>"
COPY package.json package-lock.json /usr/src/
ADD https://hub.fastgit.org/vishnubob/wait-for-it/blob/master/wait-for-it.sh /usr/local/bin/wait-for-it.sh //在这里修改
RUN set -ex \
&& cd /usr/src/ \
&& npm install \
&& chmod +x /usr/local/bin/wait-for-it.sh
WORKDIR /usr/src
CMD [ "npm", "run", "start" ]
最后安装并成功下载镜像如下:
root@lrt-virtual-machine:~/vulhub/node/CVE-2017-16082# docker-compose build
db uses an image, skipping
Building node
Step 1/7 : FROM vulhub/node:9.0.0
---> ad6436d0eaf0
Step 2/7 : LABEL maintainer="phithon <root@leavesongs.com>"
---> Using cache
---> b795a47e69bd
Step 3/7 : COPY package.json package-lock.json /usr/src/
---> Using cache
---> 87aea069043f
Step 4/7 : ADD https://hub.fastgit.org/vishnubob/wait-for-it/blob/master/wait-for-it.sh /usr/local/bin/wait-for-it.sh
---> 8d2da82a0ab8
Step 5/7 : RUN set -ex && cd /usr/src/ && npm install && chmod +x /usr/local/bin/wait-for-it.sh
---> Running in 80e240fa3b1b
+ cd /usr/src/
+ npm install
npm WARN notice [SECURITY] pg has the following vulnerability: 1 high. Go here for more details: https://www.npmjs.com/advisories?search=pg&version=7.1.0 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN node_postgres_example@1.0.0 No description
npm WARN node_postgres_example@1.0.0 No repository field.
added 52 packages in 4.322s
+ chmod +x /usr/local/bin/wait-for-it.sh
Removing intermediate container 80e240fa3b1b
---> b7ba158d3879
Step 6/7 : WORKDIR /usr/src
---> Running in 8d88f824cdf8
Removing intermediate container 8d88f824cdf8
---> b86fcebd9b34
Step 7/7 : CMD [ "npm", "run", "start" ]
---> Running in 597d1885def1
Removing intermediate container 597d1885def1
---> 6f6ed4f15b64
Successfully built 6f6ed4f15b64
Successfully tagged cve-2017-16082_node:latest
root@lrt-virtual-machine:~/vulhub/node/CVE-2017-16082# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
cve-2017-16082_node latest 6f6ed4f15b64 19 seconds ago 677MB