【笔记】ARL灯塔学习笔记

发表于 更新于 阅读次数:

前言

旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。(Github

通过Docker部署

1
2
3
4
5
6
7
8
9
mkdir docker_arl
mkdir docker_arl/image
mkdir docker_arl/poc
wget -O docker_arl/docker.zip https://github.com/TophantTechnology/ARL/releases/download/v2.6.1/docker.zip
cd docker_arl
unzip -o docker.zip
docker volume create arl_db
docker-compose pull
docker-compose up -d

MacOS运行容器时报错

  • 报错:Error: Error: 'arl_web.log' isn't writable [OSError(30, 'Read-only file system')]

解决问题

  • 去除docker-compose.yaml中的所有数据卷映射
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
version: '3.8'

volumes:
  arl_db:
    external: true

services:
  web:
    image: tophant/arl:${ARL_VERSION:-latest}
    container_name: arl_web
    restart: unless-stopped
    depends_on:
      - mongodb
      - rabbitmq
    ports:
      #http 服务,默认不映射出来
      #- "5003:80"
      - "5003:443"
    entrypoint: ["sh", "-c", "gen_crt.sh; nginx; wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; gunicorn -b 0.0.0.0:5003 app.main:arl_app -w 3 --access-logfile arl_web.log --access-logformat '%({x-real-ip}i)s %(l)s %(u)s %(t)s \"%(r)s\" %(s)s %(b)s \"%(f)s\" \"%(a)s\"'"]
    environment:
      - LANG=en_US.UTF-8
      - TZ=Asia/Shanghai

  worker:
    image: tophant/arl:${ARL_VERSION:-latest}
    container_name: arl_worker
    restart: unless-stopped
    depends_on:
      - mongodb
      - rabbitmq
    entrypoint: ["sh", "-c", "wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672;
        celery -A app.celerytask.celery worker -l info -Q arlgithub -n arlgithub -c 2 -O fair -f arl_worker.log &
         celery -A app.celerytask.celery worker -l info -Q arltask -n arltask -c 2 -O fair -f arl_worker.log"]

    environment:
      - LANG=en_US.UTF-8
      - TZ=Asia/Shanghai

  scheduler:
    image: tophant/arl:${ARL_VERSION:-latest}
    container_name: arl_scheduler
    restart: unless-stopped
    depends_on:
      - mongodb
      - rabbitmq
    entrypoint: [ "sh", "-c", "wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; python3.6 -m app.scheduler" ]
    environment:
      - LANG=en_US.UTF-8
      - TZ=Asia/Shanghai

  mongodb:
    image: mongo:4.0.27
    container_name: arl_mongodb
    restart: always
    environment:
      - MONGO_INITDB_DATABASE=arl
      - MONGO_INITDB_ROOT_USERNAME=admin
      - MONGO_INITDB_ROOT_PASSWORD=admin

  rabbitmq:
    image: rabbitmq:3.8.19-management-alpine
    container_name: arl_rabbitmq
    restart: always
    environment:
      - RABBITMQ_DEFAULT_PASS=arlpassword
      - RABBITMQ_DEFAULT_USER=arl
      - RABBITMQ_DEFAULT_VHOST=arlv2host
    logging:
      driver: "json-file"
      options:
        max-size: "1M"
        max-file: "10"

首次登录

用户名:admin
密码:arlpass

完成

  • 截图纪念

参考文献

哔哩哔哩——逆风微笑的代码狗