反向提取dockerfile
alpine/dfimage: 这个工具是由Whaler 工具构建而来,它可以比较全面的展示一个镜像的构建过程
它可以实现
- 从一个docker镜像生成Dockerfile内容
- 搜索添加的文件名以查找潜在的秘密文件
- 提取Docker ADD/COPY指令添加的文件
- 展示暴露的端口、环境变量信息等等
使用方法:
$ docker run -v /var/run/docker.sock:/var/run/docker.sock --rm alpine/dfimage jiaxzeng/fileserver:v1.2.0-alpine3.16
Analyzing jiaxzeng/fileserver:v1.2.0-alpine3.16
Docker Version:
GraphDriver: overlay2
Environment Variables
|PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Image user
|User is root
Potential secrets:
|Found match etc/apk/keys/alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub Possible public key \.pub$ 4f58d646009c9dfd36dae69fa685fbcfcec7e9b32e8f67abba71b4141b279271/layer.tar
|Found match etc/apk/keys/alpine-devel@lists.alpinelinux.org-5243ef4b.rsa.pub Possible public key \.pub$ 4f58d646009c9dfd36dae69fa685fbcfcec7e9b32e8f67abba71b4141b279271/layer.tar
|Found match etc/apk/keys/alpine-devel@lists.alpinelinux.org-5261cecb.rsa.pub Possible public key \.pub$ 4f58d646009c9dfd36dae69fa685fbcfcec7e9b32e8f67abba71b4141b279271/layer.tar
|Found match etc/apk/keys/alpine-devel@lists.alpinelinux.org-6165ee59.rsa.pub Possible public key \.pub$ 4f58d646009c9dfd36dae69fa685fbcfcec7e9b32e8f67abba71b4141b279271/layer.tar
|Found match etc/apk/keys/alpine-devel@lists.alpinelinux.org-61666e3f.rsa.pub Possible public key \.pub$ 4f58d646009c9dfd36dae69fa685fbcfcec7e9b32e8f67abba71b4141b279271/layer.tar
|Found match etc/udhcpd.conf DHCP server configs dhcpd[^ ]*.conf 4f58d646009c9dfd36dae69fa685fbcfcec7e9b32e8f67abba71b4141b279271/layer.tar
Dockerfile:
CMD ["/bin/sh"]
LABEL author=jiaxzeng
LABEL project=https://caddyserver.com/docs
COPY /tmp/caddy /usr/local/bin/caddy # buildkit
usr/
usr/local/
usr/local/bin/
usr/local/bin/caddy
COPY Caddyfile /app/caddy/Caddyfile # buildkit
app/
app/caddy/
app/caddy/Caddyfile
RUN RUN sed -i 's@dl-cdn.alpinelinux.org@mirrors.aliyun.com@g' /etc/apk/repositories \
&& apk --no-cache add curl bash # buildkit
WORKDIR /app/caddy
ENTRYPOINT ["/usr/local/bin/caddy" "run"]
测试总结以下不便:
- 如果是多阶段build的话,是提取不到其他阶段的dockerfile
- dockerfile缺少FROM的字段
- runtime只能是docker,不支持containerd
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· winform 绘制太阳,地球,月球 运作规律
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· AI 智能体引爆开源社区「GitHub 热点速览」
· Manus的开源复刻OpenManus初探
· 写一个简单的SQL生成工具
2022-03-11 Kafka调整ISR顺序