3

【笔记】ARL 灯塔学习笔记

 2 weeks ago
source link: https://loli.fj.cn/2024/04/18/ARL%E7%81%AF%E5%A1%94%E5%AD%A6%E4%B9%A0%E7%AC%94%E8%AE%B0/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。(Github

通过 Docker 部署

mkdir docker_arl
mkdir docker_arl/image
mkdir docker_arl/poc
wget -O docker_arl/docker.zip https://github.com/TophantTechnology/ARL/releases/download/v2.6.1/docker.zip
cd docker_arl
unzip -o docker.zip
docker volume create arl_db
docker-compose pull
docker-compose up -d

MacOS 运行容器时报错

  • 报错:Error: Error: 'arl_web.log' isn't writable [OSError(30, 'Read-only file system')]
  • 去除 docker-compose.yaml 中的所有数据卷映射
version: '3.8'

volumes:
  arl_db:
    external: true

services:
  web:
    image: tophant/arl:${ARL_VERSION:-latest}
    container_name: arl_web
    restart: unless-stopped
    depends_on:
      - mongodb
      - rabbitmq
    ports:
      #http 服务,默认不映射出来
      #- "5003:80"
      - "5003:443"
    entrypoint: ["sh", "-c", "gen_crt.sh; nginx; wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; gunicorn -b 0.0.0.0:5003 app.main:arl_app -w 3 --access-logfile arl_web.log --access-logformat '%({x-real-ip}i)s %(l)s %(u)s %(t)s \"%(r)s\" %(s)s %(b)s \"%(f)s\" \"%(a)s\"'"]
    environment:
      - LANG=en_US.UTF-8
      - TZ=Asia/Shanghai

worker:
    image: tophant/arl:${ARL_VERSION:-latest}
    container_name: arl_worker
    restart: unless-stopped
    depends_on:
      - mongodb
      - rabbitmq
    entrypoint: ["sh", "-c", "wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672;
        celery -A app.celerytask.celery worker -l info -Q arlgithub -n arlgithub -c 2 -O fair -f arl_worker.log &
         celery -A app.celerytask.celery worker -l info -Q arltask -n arltask -c 2 -O fair -f arl_worker.log"]

environment:
      - LANG=en_US.UTF-8
      - TZ=Asia/Shanghai

scheduler:
    image: tophant/arl:${ARL_VERSION:-latest}
    container_name: arl_scheduler
    restart: unless-stopped
    depends_on:
      - mongodb
      - rabbitmq
    entrypoint: [ "sh", "-c", "wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; python3.6 -m app.scheduler" ]
    environment:
      - LANG=en_US.UTF-8
      - TZ=Asia/Shanghai

mongodb:
    image: mongo:4.0.27
    container_name: arl_mongodb
    restart: always
    environment:
      - MONGO_INITDB_DATABASE=arl
      - MONGO_INITDB_ROOT_USERNAME=admin
      - MONGO_INITDB_ROOT_PASSWORD=admin

rabbitmq:
    image: rabbitmq:3.8.19-management-alpine
    container_name: arl_rabbitmq
    restart: always
    environment:
      - RABBITMQ_DEFAULT_PASS=arlpassword
      - RABBITMQ_DEFAULT_USER=arl
      - RABBITMQ_DEFAULT_VHOST=arlv2host
    logging:
      driver: "json-file"
      options:
        max-size: "1M"
        max-file: "10"

用户名:admin
密码:arlpass

01.webp

哔哩哔哩 —— 逆风微笑的代码狗


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK