Add deaddeck: real interactive SSH entry-point machine

Introduces the 'real_ssh' service plugin backed by a genuine OpenSSH
server (not cowrie), and the 'deaddeck' archetype that uses it. The
container ships with a lived-in Linux environment and a deliberately
weak root:admin credential to invite exploitation.

- templates/real_ssh/: Dockerfile + entrypoint (configurable via env)
- decnet/services/real_ssh.py: BaseService plugin, service_cfg supports
  password and hostname overrides
- decnet/archetypes.py: deaddeck archetype added
- tests/test_real_ssh.py: 17 tests covering registration, compose
  fragment structure, overrides, and archetype

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-04-04 13:42:19 -03:00
parent 9219bf432b
commit 7aff040579
5 changed files with 269 additions and 0 deletions

View File

@@ -0,0 +1,51 @@
ARG BASE_IMAGE=debian:bookworm-slim
FROM ${BASE_IMAGE}
RUN apt-get update && apt-get install -y --no-install-recommends \
openssh-server \
sudo \
curl \
wget \
vim \
nano \
net-tools \
procps \
htop \
git \
&& rm -rf /var/lib/apt/lists/*
RUN mkdir -p /var/run/sshd /root/.ssh
# sshd_config: allow root + password auth
RUN sed -i \
-e 's|^#\?PermitRootLogin.*|PermitRootLogin yes|' \
-e 's|^#\?PasswordAuthentication.*|PasswordAuthentication yes|' \
-e 's|^#\?ChallengeResponseAuthentication.*|ChallengeResponseAuthentication no|' \
/etc/ssh/sshd_config
# Lived-in environment: motd, shell aliases, fake project files
RUN echo "Ubuntu 22.04.3 LTS" > /etc/issue.net && \
echo "Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.15.0-88-generic x86_64)" > /etc/motd && \
echo "" >> /etc/motd && \
echo " * Documentation: https://help.ubuntu.com" >> /etc/motd && \
echo " * Management: https://landscape.canonical.com" >> /etc/motd && \
echo " * Support: https://ubuntu.com/advantage" >> /etc/motd
RUN echo 'alias ll="ls -alF"' >> /root/.bashrc && \
echo 'alias la="ls -A"' >> /root/.bashrc && \
echo 'alias l="ls -CF"' >> /root/.bashrc && \
echo 'export HISTSIZE=1000' >> /root/.bashrc && \
echo 'export HISTFILESIZE=2000' >> /root/.bashrc
# Fake project files to look lived-in
RUN mkdir -p /root/projects /root/backups /var/www/html && \
echo "# TODO: migrate DB to new server\n# check cron jobs\n# update SSL cert" > /root/notes.txt && \
echo "DB_HOST=10.0.0.5\nDB_USER=admin\nDB_PASS=changeme123\nDB_NAME=prod_db" > /root/projects/.env && \
echo "[Unit]\nDescription=App Server\n[Service]\nExecStart=/usr/bin/python3 /opt/app/server.py" > /root/projects/app.service
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
EXPOSE 22
ENTRYPOINT ["/entrypoint.sh"]

View File

@@ -0,0 +1,34 @@
#!/bin/bash
set -e
# Configure root password (default: admin)
ROOT_PASSWORD="${SSH_ROOT_PASSWORD:-admin}"
echo "root:${ROOT_PASSWORD}" | chpasswd
# Optional: override hostname inside container
if [ -n "$SSH_HOSTNAME" ]; then
echo "$SSH_HOSTNAME" > /etc/hostname
hostname "$SSH_HOSTNAME"
fi
# Generate host keys if missing (first boot)
ssh-keygen -A
# Fake bash history so the box looks used
if [ ! -f /root/.bash_history ]; then
cat > /root/.bash_history <<'HIST'
apt update && apt upgrade -y
systemctl status nginx
tail -f /var/log/syslog
df -h
htop
ps aux | grep python
git pull origin main
cd /root/projects
vim notes.txt
crontab -e
ls /var/www/html
HIST
fi
exec /usr/sbin/sshd -D -e