added Malcolm

Vagrant/resources/malcolm/file-upload/docker-entrypoint.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+
+# Copyright (c) 2021 Battelle Energy Alliance, LLC.  All rights reserved.
+
+
+if [[ -z $SITE_NAME || -z $MALCOLM_USERNAME || -z $MALCOLM_PASSWORD ]]
+then
+  echo "Please set the site name, username and (openssl-encrypted) password by adding the following arguments to docker run/create:"
+  echo "  -e SITE_NAME='...'"
+  echo "  -e MALCOLM_USERNAME='...'"
+  echo "  -e MALCOLM_PASSWORD='...'"
+  exit 1
+fi
+
+if ! getent passwd "$MALCOLM_USERNAME" >/dev/null
+then
+  # Make sure every container gets its own SSH host keys the first time around
+  rm -f /etc/ssh/ssh_host_*
+  dpkg-reconfigure openssh-server
+
+  useradd -g $PGROUP -d /var/www/upload/server/php/chroot -s /sbin/nologin "$MALCOLM_USERNAME"
+  usermod --password "$MALCOLM_PASSWORD" "$MALCOLM_USERNAME"
+  chown :$PGROUP /var/www/upload/server/php/chroot/files
+  chmod 775 /var/www/upload/server/php/chroot/files
+
+  # This will break if $SITE_NAME contains a slash...
+  sed -i 's/%SITE_NAME%/'"$SITE_NAME"'/g' /var/www/upload/index.html
+
+else
+  echo "skipping one-time setup tasks" 1>&2
+fi
+
+exec "$@"

Vagrant/resources/malcolm/file-upload/jquery-file-upload/index.html

@@ -0,0 +1,212 @@
+<!DOCTYPE HTML>
+<!-- Copyright (c) 2021 Battelle Energy Alliance, LLC.  All rights reserved. -->
+<html lang="en">
+<head>
+<!-- Force latest IE rendering engine or ChromeFrame if installed -->
+<!--[if IE]>
+<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+<![endif]-->
+<meta charset="utf-8">
+<title>%SITE_NAME%</title>
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<!-- Bootstrap styles -->
+<link rel="stylesheet" href="upload/bower_components/bootstrap/dist/css/bootstrap.min.css">
+<!-- bootstrap-tagsinput styles -->
+<link rel="stylesheet" href="upload/bower_components/bootstrap-tagsinput/dist/bootstrap-tagsinput.css">
+<style media="screen" type="text/css">
+.bootstrap-tagsinput {
+  width: 90%;
+}
+.bootstrap-tagsinput .tag {
+  margin-right: 2px;
+  margin-left: 2px;
+  color: #fff;
+  background-image: linear-gradient(#78cc78, #62c462 60%, #53be53);
+  background-repeat: no-repeat;
+}
+.label {
+  display: inline;
+  padding: .2em .6em .3em;
+  font-size: 100%;
+  font-weight: 700;
+  line-height: 1;
+  color: #fff;
+  text-align: center;
+  white-space: nowrap;
+  vertical-align: baseline;
+  border-radius: .25em;
+}
+.center {
+  text-align: center;
+}
+.imgcenter {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+  width: 33%;
+  height: auto;
+}
+</style>
+<!-- Generic page styles -->
+<link rel="stylesheet" href="upload/css/style.css">
+<!-- blueimp Gallery styles -->
+<link rel="stylesheet" href="upload/bower_components/blueimp-gallery/css/blueimp-gallery.min.css">
+<!-- CSS to style the file input field as button and adjust the Bootstrap progress bars -->
+<link rel="stylesheet" href="upload/css/jquery.fileupload.css">
+<link rel="stylesheet" href="upload/css/jquery.fileupload-ui.css">
+<!-- CSS adjustments for browsers with JavaScript disabled -->
+<noscript><link rel="stylesheet" href="upload/css/jquery.fileupload-noscript.css"></noscript>
+<noscript><link rel="stylesheet" href="upload/css/jquery.fileupload-ui-noscript.css"></noscript>
+<script>
+function toggle(checkboxID, toggleSelectID) {
+    var checkbox = document.getElementById(checkboxID);
+    var toggleSelect = document.getElementById(toggleSelectID);
+    if (checkbox.checked) {
+      toggleSelect.disabled = false
+    } else {
+      toggleSelect.disabled = true
+      toggleSelect.selectedIndex = 0;
+    }
+  }
+</script>
+</head>
+<body>
+<div class="container">
+    <img class="imgcenter" src="upload/Malcolm_banner.png" alt="%SITE_NAME%">
+    <div class="panel panel-default">
+      <div class="panel-heading">
+        <h3 class="panel-title center">%SITE_NAME%</h3>
+       </div>
+    </div>
+    <br>
+    <br>
+    <!-- The file upload form used as target for the file upload widget -->
+    <form id="fileupload" action="" method="POST" enctype="multipart/form-data">
+        <!-- The fileupload-buttonbar contains buttons to add files and start/cancel the upload -->
+        <div class="row fileupload-buttonbar">
+            <div class="col-lg-7">
+                <!-- The fileinput-button span is used to style the file input field as button -->
+                <span class="btn btn-info fileinput-button">
+                    <i class="glyphicon glyphicon-plus"></i>
+                    <span>Add files...</span>
+                    <input type="file" name="files[]" multiple>
+                </span>
+                <button type="submit" class="btn btn-success start">
+                    <i class="glyphicon glyphicon-upload"></i>
+                    <span>Start upload</span>
+                </button>
+                <button type="reset" class="btn btn-danger cancel">
+                    <i class="glyphicon glyphicon-ban-circle"></i>
+                    <span>Cancel upload</span>
+                </button>&nbsp;&nbsp;
+                <label><input type="checkbox" class="toggle">&nbsp;Select all</label>
+                <!-- The global file processing state -->
+                <span class="fileupload-process"></span>
+            </div>
+            <!-- The global progress state -->
+            <div class="col-lg-5 fileupload-progress">
+                <!-- The global progress bar -->
+                <div class="progress progress-striped active" role="progressbar" aria-valuemin="0" aria-valuemax="100">
+                    <div class="progress-bar progress-bar-success" style="width:0%;"></div>
+                </div>
+                <!-- The extended global progress state -->
+                <div class="progress-extended">&nbsp;</div>
+            </div>
+        </div>
+        <br>
+        <div class="panel panel-default">
+          <div class="panel-body">
+            Tags: <input name="tags" type="text" value="" data-role="tagsinput" />
+            <br>
+            <br>
+            <label><input type="checkbox" name="auto-zeek" id="auto-zeek" value="enabled" onClick="toggle('auto-zeek', 'auto-carve')">&nbsp;Analyze with Zeek</label>
+            <br>
+            <label>Zeek File Extraction&nbsp;&nbsp;<select disabled=true name="auto-carve" id="auto-carve">
+            <option value="none"></option>
+            <option value="interesting">Files with mime types of common attack vectors</option>
+            <option value="mapped">Files with recognized mime types</option>
+            <option value="known">Files for which any mime type can be determined</option>
+            <option value="all">All files</option>
+            </select></label>
+          </div>
+        </div>
+        <br>
+        <!-- The table listing the files available for upload/download -->
+        <table role="presentation" class="table table-striped"><tbody class="files"></tbody></table>
+    </form>
+</div>
+<!-- The blueimp Gallery widget -->
+<div id="blueimp-gallery" class="blueimp-gallery blueimp-gallery-controls" data-filter=":even">
+    <div class="slides"></div>
+    <h3 class="title"></h3>
+    <a class="prev">‹</a>
+    <a class="next">›</a>
+    <a class="close">×</a>
+    <a class="play-pause"></a>
+    <ol class="indicator"></ol>
+</div>
+<!-- The template to display files available for upload -->
+<script id="template-upload" type="text/x-tmpl">
+{% for (var i=0, file; file=o.files[i]; i++) { %}
+    <tr class="template-upload">
+        <td>
+            <span class="preview"></span>
+        </td>
+        <td>
+            <p class="name">{%=file.name%}</p>
+            <strong class="error text-danger"></strong>
+        </td>
+        <td>
+            <p class="size">Processing...</p>
+            <div class="progress progress-striped active" role="progressbar" aria-valuemin="0" aria-valuemax="100" aria-valuenow="0"><div class="progress-bar progress-bar-success" style="width:0%;"></div></div>
+        </td>
+        <td>
+            {% if (!i && !o.options.autoUpload) { %}
+                <button class="btn btn-success start" disabled>
+                    <i class="glyphicon glyphicon-upload"></i>
+                    <span>Start</span>
+                </button>
+            {% } %}
+            {% if (!i) { %}
+                <button class="btn btn-danger cancel">
+                    <i class="glyphicon glyphicon-ban-circle"></i>
+                    <span>Cancel</span>
+                </button>
+            {% } %}
+        </td>
+    </tr>
+{% } %}
+</script>
+<!-- The template to display files available for download -->
+<script id="template-download" type="text/x-tmpl">
+{% for (var i=0, file; file=o.files[i]; i++) { %}
+    <tr class="template-download"/>
+{% } %}
+</script>
+<script src="upload/bower_components/jquery/dist/jquery.min.js"></script>
+<!-- The jQuery UI widget factory, can be omitted if jQuery UI is already included -->
+<script src="upload/js/vendor/jquery.ui.widget.js"></script>
+<!-- The Templates plugin is included to render the upload/download listings -->
+<script src="upload/bower_components/blueimp-tmpl/js/tmpl.min.js"></script>
+<!-- Bootstrap JS is not required, but included for the responsive demo navigation -->
+<script src="upload/bower_components/bootstrap/dist/js/bootstrap.min.js"></script>
+<!-- blueimp Gallery script -->
+<script src="upload/bower_components/blueimp-gallery/js/jquery.blueimp-gallery.min.js"></script>
+<!-- bootstrap-tagsinput script -->
+<script src="upload/bower_components/bootstrap-tagsinput/dist/bootstrap-tagsinput.min.js"></script>
+<!-- The Iframe Transport is required for browsers without support for XHR file uploads -->
+<script src="upload/js/jquery.iframe-transport.js"></script>
+<!-- The basic File Upload plugin -->
+<script src="upload/js/jquery.fileupload.js"></script>
+<!-- The File Upload processing plugin -->
+<script src="upload/js/jquery.fileupload-process.js"></script>
+<!-- The File Upload user interface plugin -->
+<script src="upload/js/jquery.fileupload-ui.js"></script>
+<!-- The main application script -->
+<script src="upload/js/main.js"></script>
+<!-- The XDomainRequest Transport is included for cross-domain file deletion for IE 8 and IE 9 -->
+<!--[if (gte IE 8)&(lt IE 10)]>
+<script src="upload/js/cors/jquery.xdr-transport.js"></script>
+<![endif]-->
+</body>
+</html>

Vagrant/resources/malcolm/file-upload/jquery-file-upload/index.php

@@ -0,0 +1,20 @@
+<?php
+// Copyright (c) 2021 Battelle Energy Alliance, LLC.  All rights reserved.
+error_reporting(E_ALL | E_STRICT);
+require('UploadHandler.php');
+class CustomUploadHandler extends UploadHandler {
+  protected function trim_file_name($file_path, $name, $size, $type, $error, $index, $content_range) {
+    $enabled_carve_modes = array("interesting", "mapped", "known", "all");
+    if (isset($_POST["tags"]) && !empty($_POST["tags"])) {
+      $name = $_POST["tags"] . "," . $name;
+    }
+    if (isset($_POST["auto-carve"]) && in_array($_POST["auto-carve"], $enabled_carve_modes)) {
+      $name = "AUTOCARVE".$_POST["auto-carve"]."," . $name;
+    }
+    if (isset($_POST["auto-zeek"]) && $_POST["auto-zeek"] == "enabled") {
+      $name = "AUTOZEEK," . $name;
+    }
+    return parent::trim_file_name($file_path, preg_replace("/[^a-zA-Z0-9\s_\(\)\.,-]/", "", $name), $size, $type, $error, $index, $content_range);
+  }
+}
+$upload_handler = new CustomUploadHandler();

Vagrant/resources/malcolm/file-upload/nginx/sites-available/default

@@ -0,0 +1,30 @@
+server {
+    listen 80 default_server;
+
+    sendfile on;
+    client_max_body_size 20G;
+    client_body_buffer_size 4M;
+
+    root /var/www/upload;
+    index index.php index.html index.htm;
+
+    location ^~ /server/php/files {
+        deny all;
+        return 404;
+    }
+
+    location ~ \.php$ {
+        include snippets/fastcgi-php.conf;
+        fastcgi_buffers 16 64k;
+        fastcgi_buffer_size 256k;
+        fastcgi_read_timeout 300s;
+        fastcgi_send_timeout 300s;
+        fastcgi_busy_buffers_size 384k;
+        fastcgi_request_buffering off;
+        fastcgi_pass unix:/run/php/php7.3-fpm.sock;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+}

Vagrant/resources/malcolm/file-upload/php/php.ini

@@ -0,0 +1,219 @@
+[PHP]
+
+; about php.ini
+; see https://secure.php.net/manual/en/configuration.file.php
+;     https://secure.php.net/manual/en/ini.list.php
+
+engine = On
+short_open_tag = Off
+asp_tags = Off
+precision = 14
+output_buffering = 4096
+zlib.output_compression = Off
+implicit_flush = Off
+unserialize_callback_func =
+serialize_precision = 17
+disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
+disable_classes =
+zend.enable_gc = On
+expose_php = Off
+max_execution_time = 900
+max_input_time = 900
+memory_limit = 128M
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+display_errors = Off
+display_startup_errors = Off
+log_errors = On
+log_errors_max_len = 1024
+ignore_repeated_errors = Off
+ignore_repeated_source = Off
+report_memleaks = On
+track_errors = Off
+html_errors = On
+variables_order = "GPCS"
+request_order = "GP"
+register_argc_argv = Off
+auto_globals_jit = On
+post_max_size = 0
+auto_prepend_file =
+auto_append_file =
+default_mimetype = "text/html"
+default_charset = "UTF-8"
+doc_root =
+user_dir =
+enable_dl = Off
+file_uploads = On
+upload_max_filesize = 20G
+max_file_uploads = 8
+allow_url_fopen = On
+allow_url_include = Off
+default_socket_timeout = 180
+
+[CLI Server]
+cli_server.color = On
+
+[Date]
+
+[filter]
+
+[iconv]
+
+[intl]
+
+[sqlite]
+
+[sqlite3]
+
+[Pcre]
+
+[Pdo]
+
+[Pdo_mysql]
+pdo_mysql.cache_size = 2000
+pdo_mysql.default_socket=
+
+[Phar]
+
+[mail function]
+SMTP = localhost
+smtp_port = 25
+mail.add_x_header = On
+
+[SQL]
+sql.safe_mode = Off
+
+[ODBC]
+odbc.allow_persistent = On
+odbc.check_persistent = On
+odbc.max_persistent = -1
+odbc.max_links = -1
+odbc.defaultlrl = 4096
+odbc.defaultbinmode = 1
+
+[Interbase]
+ibase.allow_persistent = 1
+ibase.max_persistent = -1
+ibase.max_links = -1
+ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
+ibase.dateformat = "%Y-%m-%d"
+ibase.timeformat = "%H:%M:%S"
+
+[MySQL]
+mysql.allow_local_infile = On
+mysql.allow_persistent = On
+mysql.cache_size = 2000
+mysql.max_persistent = -1
+mysql.max_links = -1
+mysql.default_port =
+mysql.default_socket =
+mysql.default_host =
+mysql.default_user =
+mysql.default_password =
+mysql.connect_timeout = 60
+mysql.trace_mode = Off
+
+[MySQLi]
+mysqli.max_persistent = -1
+mysqli.allow_persistent = On
+mysqli.max_links = -1
+mysqli.cache_size = 2000
+mysqli.default_port = 3306
+mysqli.default_socket =
+mysqli.default_host =
+mysqli.default_user =
+mysqli.default_pw =
+mysqli.reconnect = Off
+
+[mysqlnd]
+mysqlnd.collect_statistics = On
+mysqlnd.collect_memory_statistics = Off
+
+[OCI8]
+
+[PostgreSQL]
+pgsql.allow_persistent = On
+pgsql.auto_reset_persistent = Off
+pgsql.max_persistent = -1
+pgsql.max_links = -1
+pgsql.ignore_notice = 0
+pgsql.log_notice = 0
+
+[Sybase-CT]
+sybct.allow_persistent = On
+sybct.max_persistent = -1
+sybct.max_links = -1
+sybct.min_server_severity = 10
+sybct.min_client_severity = 10
+
+[bcmath]
+bcmath.scale = 0
+
+[browscap]
+
+[Session]
+session.save_handler = files
+session.use_strict_mode = 0
+session.use_cookies = 1
+session.use_only_cookies = 1
+session.name = PHPSESSID
+session.auto_start = 0
+session.cookie_lifetime = 0
+session.cookie_path = /
+session.cookie_domain =
+session.cookie_httponly =
+session.serialize_handler = php
+session.gc_probability = 0
+session.gc_divisor = 1000
+session.gc_maxlifetime = 1440
+session.referer_check =
+session.cache_limiter = nocache
+session.cache_expire = 180
+session.use_trans_sid = 0
+session.hash_function = 0
+session.hash_bits_per_character = 5
+url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+[MSSQL]
+mssql.allow_persistent = On
+mssql.max_persistent = -1
+mssql.max_links = -1
+mssql.min_error_severity = 10
+mssql.min_message_severity = 10
+mssql.compatibility_mode = Off
+mssql.secure_connection = Off
+
+[Assertion]
+
+[COM]
+
+[mbstring]
+
+[gd]
+
+[exif]
+
+[Tidy]
+tidy.clean_output = Off
+
+[soap]
+soap.wsdl_cache_enabled=1
+soap.wsdl_cache_dir="/tmp"
+soap.wsdl_cache_ttl=86400
+soap.wsdl_cache_limit = 5
+
+[sysvshm]
+
+[ldap]
+ldap.max_links = -1
+
+[mcrypt]
+
+[dba]
+
+[opcache]
+
+[curl]
+
+[openssl]
+
+; End:

Vagrant/resources/malcolm/file-upload/sshd_config

@@ -0,0 +1,6 @@
+Match Group www-data
+  ChrootDirectory %h
+  ForceCommand internal-sftp
+  AllowTcpForwarding no
+  X11Forwarding no
+  PasswordAuthentication yes

Vagrant/resources/malcolm/file-upload/supervisord.conf

@@ -0,0 +1,40 @@
+; Copyright (c) 2021 Battelle Energy Alliance, LLC.  All rights reserved.
+
+[unix_http_server]
+file=/tmp/supervisor.sock   ; (the path to the socket file)
+chmod=0700
+
+[supervisord]
+nodaemon=true
+logfile=/dev/null
+logfile_maxbytes=0
+pidfile=/tmp/supervisord.pid
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///tmp/supervisor.sock
+
+[program:sshd]
+command=/usr/sbin/sshd -D
+stopasgroup=true
+killasgroup=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+
+[program:php]
+command=php-fpm7.3 -F -R -g /tmp/php-fpm.pid
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+
+[program:nginx]
+command=/bin/bash -c "sleep 10 && nginx -g \"daemon off;\""
+startsecs=15
+stopasgroup=true
+killasgroup=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true