first commit
This commit is contained in:
@@ -0,0 +1,98 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
CAIDO_PORT=48080
|
||||
CAIDO_LOG="/tmp/caido_startup.log"
|
||||
|
||||
if [ ! -f /app/certs/ca.p12 ]; then
|
||||
echo "ERROR: CA certificate file /app/certs/ca.p12 not found."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
caido-cli --listen 0.0.0.0:${CAIDO_PORT} \
|
||||
--allow-guests \
|
||||
--no-logging \
|
||||
--no-open \
|
||||
--import-ca-cert /app/certs/ca.p12 \
|
||||
--import-ca-cert-pass "" > "$CAIDO_LOG" 2>&1 &
|
||||
|
||||
CAIDO_PID=$!
|
||||
echo "Started Caido with PID $CAIDO_PID on port $CAIDO_PORT"
|
||||
|
||||
echo "Waiting for Caido API to be ready..."
|
||||
CAIDO_READY=false
|
||||
for i in {1..30}; do
|
||||
if ! kill -0 $CAIDO_PID 2>/dev/null; then
|
||||
echo "ERROR: Caido process died while waiting for API (iteration $i)."
|
||||
echo "=== Caido log ==="
|
||||
cat "$CAIDO_LOG" 2>/dev/null || echo "(no log available)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if curl -s -o /dev/null -w "%{http_code}" http://localhost:${CAIDO_PORT}/graphql/ | grep -qE "^(200|400)$"; then
|
||||
echo "Caido API is ready (attempt $i)."
|
||||
CAIDO_READY=true
|
||||
break
|
||||
fi
|
||||
sleep 1
|
||||
done
|
||||
|
||||
if [ "$CAIDO_READY" = false ]; then
|
||||
echo "ERROR: Caido API did not become ready within 30 seconds."
|
||||
echo "Caido process status: $(kill -0 $CAIDO_PID 2>&1 && echo 'running' || echo 'dead')"
|
||||
echo "=== Caido log ==="
|
||||
cat "$CAIDO_LOG" 2>/dev/null || echo "(no log available)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
sleep 2
|
||||
|
||||
echo "Caido is up — host bootstraps the guest token + project via the Python SDK."
|
||||
|
||||
echo "Configuring system-wide proxy settings..."
|
||||
|
||||
cat << EOF | sudo tee /etc/profile.d/proxy.sh
|
||||
export http_proxy=http://127.0.0.1:${CAIDO_PORT}
|
||||
export https_proxy=http://127.0.0.1:${CAIDO_PORT}
|
||||
export HTTP_PROXY=http://127.0.0.1:${CAIDO_PORT}
|
||||
export HTTPS_PROXY=http://127.0.0.1:${CAIDO_PORT}
|
||||
export ALL_PROXY=http://127.0.0.1:${CAIDO_PORT}
|
||||
export NO_PROXY=localhost,127.0.0.1
|
||||
export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
|
||||
export SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
|
||||
EOF
|
||||
|
||||
cat << EOF | sudo tee /etc/environment
|
||||
http_proxy=http://127.0.0.1:${CAIDO_PORT}
|
||||
https_proxy=http://127.0.0.1:${CAIDO_PORT}
|
||||
HTTP_PROXY=http://127.0.0.1:${CAIDO_PORT}
|
||||
HTTPS_PROXY=http://127.0.0.1:${CAIDO_PORT}
|
||||
ALL_PROXY=http://127.0.0.1:${CAIDO_PORT}
|
||||
NO_PROXY=localhost,127.0.0.1
|
||||
EOF
|
||||
|
||||
cat << EOF | sudo tee /etc/wgetrc
|
||||
use_proxy=yes
|
||||
http_proxy=http://127.0.0.1:${CAIDO_PORT}
|
||||
https_proxy=http://127.0.0.1:${CAIDO_PORT}
|
||||
EOF
|
||||
|
||||
echo "source /etc/profile.d/proxy.sh" >> ~/.bashrc
|
||||
echo "source /etc/profile.d/proxy.sh" >> ~/.zshrc
|
||||
|
||||
source /etc/profile.d/proxy.sh
|
||||
|
||||
echo "✅ System-wide proxy configuration complete"
|
||||
|
||||
echo "Adding CA to browser trust store..."
|
||||
sudo -u pentester mkdir -p /home/pentester/.pki/nssdb
|
||||
sudo -u pentester certutil -N -d sql:/home/pentester/.pki/nssdb --empty-password
|
||||
sudo -u pentester certutil -A -n "Testing Root CA" -t "C,," -i /app/certs/ca.crt -d sql:/home/pentester/.pki/nssdb
|
||||
echo "✅ CA added to browser trust store"
|
||||
|
||||
mkdir -p /workspace/.agent-browser-screenshots
|
||||
|
||||
echo "✅ Container ready"
|
||||
|
||||
cd /workspace
|
||||
exec "$@"
|
||||
Reference in New Issue
Block a user