@FaradaySec CROSS DISTRIBUTION EXPLOIT TESTING
We were looking for an easy way to do testing for the installation of our tool, Faraday
https://github.com/infobyte/faraday with different distributions.
We wanted to do this because the installation process is normally one of the most complicated and critical processes of any new tool being implemented. It is important that the process is easy and that everything works without any hiccups so that users can get started using the tool ASAP and don´t lose valuable time during the installation and set-up.
What we ended up finding to suit our needs was Docker, which is pretty similar to a chroot, but on large amounts of steroids.
Docker is a tool that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating-system-level virtualization on Linux. Docker uses resource isolation features of the Linux kernel such as cgroups and kernel namespaces to allow independent "containers" to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines
The process we developed is pretty simple, in which we use a simple list of distributions.
We generate a Docker
We install Faraday
We connect using the SSH to the container, exporting the X and we execute the graphic application (GUI QT)
If one of the processes doesn´t work, we can evaluate what was the cause of the problem and we make a corresponding patch to remedy the problem .
We are using this process daily in our own continuous-integration system.
Docker is a tool that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating-system-level virtualization on Linux. Docker uses resource isolation features of the Linux kernel such as cgroups and kernel namespaces to allow independent "containers" to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines
The process we developed is pretty simple, in which we use a simple list of distributions.
We generate a Docker
We install Faraday
We connect using the SSH to the container, exporting the X and we execute the graphic application (GUI QT)
If one of the processes doesn´t work, we can evaluate what was the cause of the problem and we make a corresponding patch to remedy the problem .
We are using this process daily in our own continuous-integration system.
No hay comentarios.