heartbleed cviko

heartbleed/Dockerfile

@@ -0,0 +1,29 @@
+FROM debian:bookworm-slim
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    build-essential wget curl nginx libssl-dev && \
+    apt-get clean && rm -rf /var/lib/apt/lists/*
+
+RUN wget https://www.openssl.org/source/old/1.0.1/openssl-1.0.1f.tar.gz --no-check-certificate && \
+    tar -xvzf openssl-1.0.1f.tar.gz && \
+    cd openssl-1.0.1f && \
+    ./config --prefix=/usr/local/openssl && \
+    make && \
+    make install_sw && \
+    cd .. && rm -rf openssl-1.0.1f.tar.gz openssl-1.0.1f
+
+RUN ln -sf /usr/local/openssl/bin/openssl /usr/bin/openssl
+
+RUN mkdir -p /etc/nginx/ssl && \
+    openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+    -keyout /etc/nginx/ssl/nginx.key \
+    -out /etc/nginx/ssl/nginx.crt \
+    -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=example.com"
+
+RUN mkdir -p /etc/nginx/
+COPY nginx.conf /etc/nginx/nginx.conf
+
+#CMD ["nginx", "-g", "daemon off;"]

heartbleed/nginx.conf

@@ -0,0 +1,23 @@
+worker_processes auto;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+        keepalive_timeout 300s;
+        keepalive_requests 100;
+server {
+    listen 80;
+    listen 443 ssl;
+
+    ssl_certificate /etc/nginx/ssl/nginx.crt;
+    ssl_certificate_key /etc/nginx/ssl/nginx.key;
+
+    location / {
+        root /usr/share/nginx/html;
+        index index.html;
+    }
+}
+}
+

heartbleed/script.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+nmap -sT -sV -p 8080 localhost
+echo '### nginx detected ###'
+
+