docker-compose works

Author: EC2 Default User

Dockerfile

@@ -1,9 +1,9 @@
-FROM ubuntu:16.04
+FROM ubuntu:20.04
 
 # Update OS Packages, Install OS Dependencies (Do this in one line to ensure Update always happens)
 RUN apt-get update && \
-    apt-get install -y git libsqlite3-dev python2.7 python-pip npm libffi-dev libssl-dev mysql-client \
-    libmysqlclient-dev python-dev libpython-dev git yara=3.4.0+dfsg-2build1 apt-transport-https ca-certificates curl \
+    DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get install -y git libsqlite3-dev python3.8 python3-pip npm libffi-dev libssl-dev mysql-client \
+    libmysqlclient-dev python3-dev libpython3-dev git yara apt-transport-https ca-certificates curl \
     software-properties-common libpcre3 libpcre3-dev
 
 # Setup UWSGI Installation
@@ -15,10 +15,12 @@ WORKDIR /opt/threatkb
 COPY package.json .bowerrc bower.json Gruntfile.js requirements.txt ./
 
 # Install Python Dependencies
-RUN pip install --upgrade pip & pip install virtualenv && pip install -r requirements.txt
+RUN /usr/bin/pip3 install --upgrade pip & /usr/bin/pip3 install virtualenv
+RUN /usr/local/bin/virtualenv -p /usr/bin/python3.8 env
+RUN env/bin/pip3 install -r requirements.txt
 
 # Install Node Dependencies
-RUN npm install -g bower && ln -s /usr/bin/nodejs /usr/bin/node && bower install --allow-root
+RUN npm install -g bower && bower install --allow-root
 
 # Add Package Files
 COPY . /opt/threatkb

app/models/activity_log.py

@@ -15,7 +15,7 @@ class ActivityLog(db.Model):
 
     id = db.Column(db.Integer, primary_key=True, autoincrement=True)
     activity_type = db.Column(db.String(256))
-    activity_text = db.Column(db.String(65000))
+    activity_text = db.Column(db.TEXT())
     activity_date = db.Column(db.DateTime(timezone=True))
 
     entity_type = db.Column(db.Integer(), index=True, nullable=False)

app/models/comments.py

@@ -10,7 +10,7 @@ class Comments(db.Model):
     date_created = db.Column(db.DateTime(timezone=True), default=db.func.current_timestamp())
     date_modified = db.Column(db.DateTime(timezone=True), default=db.func.current_timestamp(),
                               onupdate=db.func.current_timestamp())
-    comment = db.Column(db.String(65000))
+    comment = db.Column(db.TEXT())
     entity_type = db.Column(db.Integer(), index=True, nullable=False)
     entity_id = db.Column(db.Integer(), index=True, nullable=False)
 

app/models/files.py

@@ -10,7 +10,7 @@ class Files(db.Model):
     date_modified = db.Column(db.DateTime(timezone=True),
                               default=db.func.current_timestamp(),
                               onupdate=db.func.current_timestamp())
-    filename = db.Column(db.String(65000))
+    filename = db.Column(db.TEXT())
     content_type = db.Column(db.String(100))
     entity_type = db.Column(db.Integer(), index=True, nullable=True)
     entity_id = db.Column(db.Integer(), index=True, nullable=True)

app/models/metadata.py

@@ -134,7 +134,7 @@ class MetadataMapping(db.Model):
     __tablename__ = "metadata_mapping"
 
     id = db.Column(db.Integer, primary_key=True)
-    value = db.Column(db.String(60000), nullable=True)
+    value = db.Column(db.TEXT(), nullable=True)
 
     date_created = db.Column(db.DateTime(timezone=True), default=db.func.current_timestamp())
     date_modified = db.Column(db.DateTime(timezone=True), default=db.func.current_timestamp(),

app/models/scripts.py

@@ -11,7 +11,7 @@ class Scripts(db.Model):
     name = db.Column(db.String(128), nullable=False)
     description = db.Column(db.String(128), nullable=True)
     interpreter = db.Column(db.String(64), nullable=False)
-    code = db.Column(db.String(60000), nullable=True)
+    code = db.Column(db.TEXT(), nullable=True)
     match_regex = db.Column(db.String(4096), nullable=True)
     date_created = db.Column(db.DateTime(timezone=True), default=db.func.current_timestamp())
     date_modified = db.Column(db.DateTime(timezone=True), default=db.func.current_timestamp(),

app/models/tasks.py

@@ -16,7 +16,7 @@ class Tasks(db.Model):
     state = db.Column(db.String(32), index=True)
     active = db.Column(db.Boolean, nullable=False, default=True)
     title = db.Column(db.String(256), index=True)
-    description = db.Column(db.String(2048), index=True)
+    description = db.Column(db.TEXT(), index=True)
     final_artifact = db.Column(db.String(4096))
 
     created_user_id = db.Column(db.Integer, db.ForeignKey('kb_users.id'), nullable=False)

app/models/yara_rule.py

@@ -29,9 +29,9 @@ class Yara_rule(db.Model):
     revision = db.Column(db.Integer(), default=1)
     name = db.Column(db.String(128), index=True)
     category = db.Column(db.String(32), index=True)
-    condition = db.Column(db.String(2048), index=True)
-    strings = db.Column(db.String(30000), index=True)
-    imports = db.Column(db.String(512))
+    condition = db.Column(db.TEXT(), index=True)
+    strings = db.Column(db.TEXT(), index=True)
+    imports = db.Column(db.String(2048))
     description = db.Column(db.TEXT(), index=True)
     references = db.Column(db.TEXT(), index=True)
     active = db.Column(db.Boolean, nullable=False, default=True, index=True)

docker-compose.yml

@@ -2,17 +2,18 @@ version: '3'
 
 services:
    db:
-     image: mysql:5.7.20
+     image: mysql:8.0.29
+     command: mysqld --default-authentication-plugin=mysql_native_password --skip-mysqlx
      volumes:
        - db_data:/var/lib/docker/mysql
      restart: always
      ports:
-        - 3307:3306
+        - 3306:3306
      environment:
-       MYSQL_ROOT_PASSWORD: P@sswordsRC00l
+       MYSQL_ROOT_PASSWORD: b5vXcqzUtn4suyS
        MYSQL_DATABASE: threatkb
        MYSQL_USER: threatkb
-       MYSQL_PASSWORD: P@sswordsRC00l
+       MYSQL_PASSWORD: b5vXcqzUtn4suyS
    redis:
      depends_on:
        - db
@@ -29,23 +30,28 @@ services:
      restart: always
      environment:
        THREATKB_USER: [email protected]
-       THREATKB_PASS: P@sswordsRC00l
-       MYSQL_ROOT_PASSWORD: P@sswordsRC00l
+       THREATKB_PASS: b5vXcqzUtn4suyS
+       MYSQL_ROOT_PASSWORD: b5vXcqzUtn4suyS
        SQL_DATABASE: threatkb
        SQL_USERNAME: threatkb
-       SQL_PASSWORD: P@sswordsRC00l
+       SQL_PASSWORD: b5vXcqzUtn4suyS
        SQL_PORT: 3306
        SQL_HOST: db
        SQL_PROTOCOL: mysql
        LISTEN_ON: 0.0.0.0
        LISTEN_PORT: 5000
+       REDIS_CACHE_URL: redis://localhost:6379/0
    threatkb_agent:
      depends_on:
        - db
      image: threatkb:latest
      restart: always
      environment:
-       - RUN_AGENT=1
-       - C_FORCE_ROOT=true
+       RUN_AGENT: 1
+       C_FORCE_ROOT: true
+       REDIS_ACCEPT_CONTENT: '["json"]'
+       REDIS_RESULT_SERIALIZER: json
+       REDIS_TASK_SERIALIZER: json
+       REDIS_BROKER_URL: redis://redis:6379/0 
 volumes:
     db_data:

docker-entrypoint.sh

@@ -8,16 +8,16 @@ cd /opt/threatkb
 ./wait-for-it.sh db:3306 -- echo "db is up"
 
 if [[ ! -z "${RUN_AGENT}" ]]; then
-  /usr/local/bin/celery -A app.celery worker --uid uwsgi --loglevel=info
+  env/bin/celery -A app.celery worker --uid uwsgi --loglevel=info
 else
   find . -name "*.pyc" -exec rm -f {} \;
-  /usr/local/bin/python manage.py db upgrade
+  env/bin/python3.8 manage.py db upgrade
 
   num_users=`echo "select count(*) from kb_users;" | mysql -u ${SQL_USERNAME} -p"${SQL_PASSWORD}" -h ${SQL_HOST} ${SQL_DATABASE} | sed 's/[^0-9]//g'`
   if [ $num_users -lt 1 ]; then
-    PASSWORD=`/usr/local/bin/python hash_pass.py ${THREATKB_PASS}`
+    PASSWORD=`env/bin/python3.8 hash_pass.py ${THREATKB_PASS}`
     mysql -u ${SQL_USERNAME} -p"${SQL_PASSWORD}" ${SQL_DATABASE} -h ${SQL_HOST} -e "insert into kb_users (email,password,admin,active) values (\"${THREATKB_USER}\", \"${PASSWORD}\", 1, 1);"
   fi
   #env/bin/python run.py --listen-on ${LISTEN_ON} --listen-port ${LISTEN_PORT}
-  /usr/local/bin/uwsgi --yaml /etc/uwsgi.yaml --http "${LISTEN_ON:-0.0.0.0}:${LISTEN_PORT:-5000}" --py-autoreload 1
+  env/bin/python3.8 run.py --listen-on "${LISTEN_ON:-0.0.0.0}" --listen-port "${LISTEN_PORT:-5000}"
 fi

hash_pass.py

@@ -6,4 +6,4 @@
 app = Flask(__name__, static_url_path="")
 b = Bcrypt(app)
 
-print((b.generate_password_hash(sys.argv[1])))
+print((b.generate_password_hash(sys.argv[1]).decode()))

migrations/versions/2221286081e8_initial_migration.py

@@ -105,16 +105,16 @@ def upgrade():
     sa.Column('test_status', sa.String(length=16), nullable=True),
     sa.Column('confidence', sa.Integer(), nullable=True),
     sa.Column('severity', sa.Integer(), nullable=True),
-    sa.Column('description', sa.String(length=4096), nullable=True),
+    sa.Column('description', sa.TEXT(), nullable=True),
     sa.Column('category', sa.String(length=32), nullable=True),
     sa.Column('file_type', sa.String(length=32), nullable=True),
     sa.Column('subcategory1', sa.String(length=32), nullable=True),
     sa.Column('subcategory2', sa.String(length=32), nullable=True),
     sa.Column('subcategory3', sa.String(length=32), nullable=True),
     sa.Column('reference_link', sa.String(length=2048), nullable=True),
     sa.Column('reference_text', sa.String(length=2048), nullable=True),
-    sa.Column('condition', sa.String(length=2048), nullable=True),
-    sa.Column('strings', sa.String(length=30000), nullable=True),
+    sa.Column('condition', sa.TEXT(), nullable=True),
+    sa.Column('strings', sa.TEXT(), nullable=True),
     sa.Column('created_user_id', sa.Integer(), nullable=False),
     sa.Column('modified_user_id', sa.Integer(), nullable=False),
     sa.ForeignKeyConstraint(['created_user_id'], ['kb_users.id'], ),
@@ -127,7 +127,7 @@ def upgrade():
     sa.Column('id', sa.Integer(), nullable=False),
     sa.Column('date_created', sa.DateTime(timezone=True), nullable=True),
     sa.Column('date_modified', sa.DateTime(timezone=True), nullable=True),
-    sa.Column('comment', sa.String(length=65000), nullable=True),
+    sa.Column('comment', sa.TEXT(), nullable=True),
     sa.Column('entity_type', sa.Integer(), nullable=False),
     sa.Column('entity_id', sa.Integer(), nullable=False),
     sa.Column('user_id', sa.Integer(), nullable=False),

migrations/versions/5ccd18d62305_add_metadata_and_metadata_mapping.py

@@ -34,7 +34,7 @@ def upgrade():
                     )
     op.create_table('metadata_mapping',
                     sa.Column('id', sa.Integer(), nullable=False),
-                    sa.Column('value', sa.String(length=60000), nullable=True),
+                    sa.Column('value', sa.TEXT(), nullable=True),
                     sa.Column('date_created', sa.DateTime(timezone=True), nullable=True),
                     sa.Column('date_modified', sa.DateTime(timezone=True), nullable=True),
                     sa.Column('metadata_id', sa.Integer(), nullable=False),

migrations/versions/650b0ad88d25_add_indexes.py

@@ -17,14 +17,7 @@
 
 
 def upgrade():
-    op.execute("""CREATE INDEX ifx_yara_rules_description ON yara_rules (`description`(1000));""")
-    op.execute("""CREATE INDEX ifx_yara_rules_references ON yara_rules (`references`(1000));""")
-    op.execute("""CREATE INDEX ifx_yara_rules_condition ON yara_rules (`condition`(1000));""")
-    op.execute("""CREATE INDEX ifx_yara_rules_strings ON yara_rules (`strings`(1000));""")
-
+    pass
 
 def downgrade():
-    op.execute("""DROP INDEX ifx_yara_rules_description ON yara_rules;""")
-    op.execute("""DROP INDEX ifx_yara_rules_references ON yara_rules;""")
-    op.execute("""DROP INDEX ifx_yara_rules_condition ON yara_rules;""")
-    op.execute("""DROP INDEX ifx_yara_rules_strings ON yara_rules;""")
+    pass

migrations/versions/8c3bbaef0f9c_activity_log.py

@@ -21,7 +21,7 @@ def upgrade():
     op.create_table('activity_log',
     sa.Column('id', sa.Integer(), nullable=False),
     sa.Column('activity_type', sa.String(length=256), nullable=True),
-    sa.Column('activity_text', sa.String(length=65000), nullable=True),
+    sa.Column('activity_text', sa.TEXT(), nullable=True),
     sa.Column('activity_date', sa.DateTime(timezone=True), nullable=True),
     sa.Column('entity_type', sa.Integer(), nullable=False),
     sa.Column('entity_id', sa.Integer(), nullable=False),

migrations/versions/8d2c133477a2_tasks_model.py

@@ -23,7 +23,7 @@ def upgrade():
                     sa.Column('date_modified', sa.DateTime(timezone=True), nullable=True),
                     sa.Column('state', sa.String(length=32), nullable=True),
                     sa.Column('title', sa.String(length=256), nullable=True),
-                    sa.Column('description', sa.String(length=2048), nullable=True),
+                    sa.Column('description', sa.TEXT(), nullable=True),
                     sa.Column('final_artifact', sa.String(length=4096), nullable=True),
                     sa.Column('created_user_id', sa.Integer(), nullable=False),
                     sa.Column('modified_user_id', sa.Integer(), nullable=False),
@@ -33,7 +33,6 @@ def upgrade():
                     sa.ForeignKeyConstraint(['owner_user_id'], ['kb_users.id'], ),
                     sa.PrimaryKeyConstraint('id')
                     )
-    op.create_index('ix_tasks_description', 'tasks', ['description'], unique=False)
     op.create_index('ix_tasks_state', 'tasks', ['state'], unique=False)
     op.create_index('ix_tasks_title', 'tasks', ['title'], unique=False)
     # ### end Alembic commands ###
@@ -43,6 +42,5 @@ def downgrade():
     # ### commands auto generated by Alembic - please adjust! ###
     op.drop_index('ix_tasks_title', table_name='tasks')
     op.drop_index('ix_tasks_state', table_name='tasks')
-    op.drop_index('ix_tasks_description', table_name='tasks')
     op.drop_table('tasks')
     # ### end Alembic commands ###

migrations/versions/b67c53c89680_add_imports_column_to_yara_rules.py

@@ -18,7 +18,7 @@
 
 def upgrade():
     # ### commands auto generated by Alembic - please adjust! ###
-    op.add_column('yara_rules', sa.Column('imports', sa.String(length=512), nullable=True))
+    op.add_column('yara_rules', sa.Column('imports', sa.String(length=2048), nullable=True))
     # ### end Alembic commands ###
 
 

migrations/versions/bf3d4a7f2f15_scripts_table.py

@@ -22,7 +22,7 @@ def upgrade():
                     sa.Column('name', sa.String(length=128), nullable=False),
                     sa.Column('description', sa.String(length=128), nullable=True),
                     sa.Column('interpreter', sa.String(length=64), nullable=True),
-                    sa.Column('code', sa.String(length=60000), nullable=True),
+                    sa.Column('code', sa.TEXT(), nullable=True),
                     sa.Column('match_regex', sa.String(length=4096), nullable=True),
                     sa.Column('date_created', sa.DateTime(timezone=True), nullable=True),
                     sa.Column('date_modified', sa.DateTime(timezone=True), nullable=True),

migrations/versions/cb108888af0b_new_files_table.py

@@ -22,7 +22,7 @@ def upgrade():
     sa.Column('id', sa.Integer(), nullable=False),
     sa.Column('date_created', sa.DateTime(timezone=True), nullable=True),
     sa.Column('date_modified', sa.DateTime(timezone=True), nullable=True),
-    sa.Column('filename', sa.String(length=65000), nullable=True),
+    sa.Column('filename', sa.TEXT(), nullable=True),
     sa.Column('content_type', sa.String(length=100), nullable=True),
     sa.Column('entity_type', sa.Integer(), nullable=False),
     sa.Column('entity_id', sa.Integer(), nullable=False),

requirements.txt

@@ -35,7 +35,7 @@ Flask-Bcrypt==1.0.1
 Flask-Caching==1.10.1
 Flask-Login==0.5.0
 Flask-Mail==0.9.1
-Flask-Migrate==3.1.0
+Flask-Migrate==2.6.0
 Flask-OpenID==1.3.0
 Flask-Script==2.0.6
 flask-selfdoc==1.3.0