Documentation clarification

[binarymist]

Please clarify: entrypoint: change the entrypoint in a docker trojanize: inject a reverser shell into a docker image user: change running user in a docker image

First point: In a docker what? Second point: Has this been tested? Third point: I'm a bit confused on how a running user can be changed in an image, do you mean container instead, or do you mean changing the user in the Dockerfile, or maybe something else?

Thanks.

[binarymist]

Last Version 1.0.0a1 assumes a stable release, but recent commits state alpha. Can you please clarify whether this project is alpha or stable?

Thanks.

[RobSkye]

Hi,

With entrypoint option you can change the entrypoint definion in a docker image, for example, if the entrypoint was defined in the dockerfile to be "/bin/startup.sh" you can change to "/what/ever/is/your/bad.sh"

The trojanize option was tested and it works if the image has a dynamic linked executable executed because the reverse shell is attached using LD_PRELOAD. This option was created to make this process easier but probably in next changes we will add more options and of course, more documentation about the possible options because, a reverse shell is not the only (and not the smartest) way you can modify an image to do "other" things.

The user option just change the USER directive (https://docs.docker.com/engine/reference/builder/#user).

Sorry for the bad/inexistent documentation. We'll try to fix that this week.

The project is definitely in alpha state.

[cr0hn]

Hi @binarymist,

As @RobSkye said, project is still in Alpha. The nomenclature for Pypi good practices uses the format. x.y.z-statusVersion, so we use this format.

So the Status is an "a", "Alpha" version 1. Maybe we should put in the Readme more clear :)

[binarymist]

@cr0hn Yeah, I figured it was alpha, but usually a x of 1 means stable. @RobSkye Yeah, figured most of that, might pay to make some of the doc little clearer, I am nit picking, but I'm also keen to see others pick this up as we have few offensive docker tools currently and I'm just pointing out possibly the obvious to you guys. Good docs are a large part of adoption, important if that's what you want (I'd like to see it).

Don't take the wrong way, just trying to help you guys polish the docs a bit.