前言
旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。(Github)
通过Docker部署
1 2 3 4 5 6 7 8 9
| mkdir docker_arl mkdir docker_arl/image mkdir docker_arl/poc wget -O docker_arl/docker.zip https://github.com/TophantTechnology/ARL/releases/download/v2.6.1/docker.zip cd docker_arl unzip -o docker.zip docker volume create arl_db docker-compose pull docker-compose up -d
|
MacOS运行容器时报错
- 报错:
Error: Error: 'arl_web.log' isn't writable [OSError(30, 'Read-only file system')]
解决问题
- 去除
docker-compose.yaml
中的所有数据卷映射
docker-compose.yaml1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72
| version: '3.8'
volumes: arl_db: external: true
services: web: image: tophant/arl:${ARL_VERSION:-latest} container_name: arl_web restart: unless-stopped depends_on: - mongodb - rabbitmq ports: - "5003:443" entrypoint: ["sh", "-c", "gen_crt.sh; nginx; wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; gunicorn -b 0.0.0.0:5003 app.main:arl_app -w 3 --access-logfile arl_web.log --access-logformat '%({x-real-ip}i)s %(l)s %(u)s %(t)s \"%(r)s\" %(s)s %(b)s \"%(f)s\" \"%(a)s\"'"] environment: - LANG=en_US.UTF-8 - TZ=Asia/Shanghai
worker: image: tophant/arl:${ARL_VERSION:-latest} container_name: arl_worker restart: unless-stopped depends_on: - mongodb - rabbitmq entrypoint: ["sh", "-c", "wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; celery -A app.celerytask.celery worker -l info -Q arlgithub -n arlgithub -c 2 -O fair -f arl_worker.log & celery -A app.celerytask.celery worker -l info -Q arltask -n arltask -c 2 -O fair -f arl_worker.log"]
environment: - LANG=en_US.UTF-8 - TZ=Asia/Shanghai
scheduler: image: tophant/arl:${ARL_VERSION:-latest} container_name: arl_scheduler restart: unless-stopped depends_on: - mongodb - rabbitmq entrypoint: [ "sh", "-c", "wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; python3.6 -m app.scheduler" ] environment: - LANG=en_US.UTF-8 - TZ=Asia/Shanghai
mongodb: image: mongo:4.0.27 container_name: arl_mongodb restart: always environment: - MONGO_INITDB_DATABASE=arl - MONGO_INITDB_ROOT_USERNAME=admin - MONGO_INITDB_ROOT_PASSWORD=admin
rabbitmq: image: rabbitmq:3.8.19-management-alpine container_name: arl_rabbitmq restart: always environment: - RABBITMQ_DEFAULT_PASS=arlpassword - RABBITMQ_DEFAULT_USER=arl - RABBITMQ_DEFAULT_VHOST=arlv2host logging: driver: "json-file" options: max-size: "1M" max-file: "10"
|
首次登录
用户名:admin
密码:arlpass
完成
参考文献
哔哩哔哩——逆风微笑的代码狗