From 8d9bb50c1cbe4208dd4e731722b651edeb7ac2e0 Mon Sep 17 00:00:00 2001
From: whaffman <whaffman@student.codam.nl>
Date: Wed, 9 Jul 2025 16:01:51 +0200
Subject: [PATCH] initial commit

---
 Makefile                        | 80 +++++++++++++++++++++++++++++++++
 docker-compose.yml              | 66 +++++++++++++++++++++++++++
 ftp-client/Dockerfile           | 14 ++++++
 ftp-client/ftp_script.sh        | 71 +++++++++++++++++++++++++++++
 ftp-server/Dockerfile           | 26 +++++++++++
 ftp-server/vsftpd.conf          | 24 ++++++++++
 ftp-server/welcome.txt          |  1 +
 inquisitor/Dockerfile           | 38 ++++++++++++++++
 inquisitor/entrypoint.sh        | 48 ++++++++++++++++++++
 inquisitor/requirements.txt     |  0
 inquisitor/src/inquisitor.py    |  8 ++++
 inquisitor/src/requirements.txt |  2 +
 12 files changed, 378 insertions(+)
 create mode 100644 Makefile
 create mode 100644 docker-compose.yml
 create mode 100644 ftp-client/Dockerfile
 create mode 100644 ftp-client/ftp_script.sh
 create mode 100644 ftp-server/Dockerfile
 create mode 100644 ftp-server/vsftpd.conf
 create mode 100644 ftp-server/welcome.txt
 create mode 100644 inquisitor/Dockerfile
 create mode 100644 inquisitor/entrypoint.sh
 create mode 100644 inquisitor/requirements.txt
 create mode 100644 inquisitor/src/inquisitor.py
 create mode 100644 inquisitor/src/requirements.txt

diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..f5dec79
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,80 @@
+NAME := inquisitor
+COMPOSE_FILE := docker-compose.yml
+NETWORK := inquisitor-network
+IMAGES := ftp-server ftp-client $(NAME)
+
+.PHONY: up down ps clean help logs attach
+
+# Build images and run containers
+up:
+	@echo "Building and starting $(NAME) project..."
+	docker-compose -f $(COMPOSE_FILE) up --build -d
+	@echo "Project started successfully!"
+
+# Stop containers and remove images
+down:
+	@echo "Stopping and removing containers..."
+	docker-compose -f $(COMPOSE_FILE) down
+	@echo "Removing images..."
+	@for image in $(IMAGES); do \
+		if docker images -q $$image > /dev/null 2>&1; then \
+			docker rmi $$image; \
+		fi; \
+	done
+	@echo "Containers stopped and images removed!"
+
+# Show detailed information about containers, networks, and images
+ps:
+	@echo "=== CONTAINERS ==="
+	docker ps -a --filter "name=$(NAME)" --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}\t{{.Image}}"
+	@echo "\n=== NETWORKS ==="
+	docker network ls --filter "name=$(NETWORK)" --format "table {{.Name}}\t{{.Driver}}\t{{.Scope}}"
+	@if docker network ls --filter "name=$(NETWORK)" -q | grep -q .; then \
+		echo "\nNetwork details:"; \
+		docker network inspect $(NETWORK) --format "{{range .Containers}}{{.Name}}: {{.IPv4Address}}{{println}}{{end}}"; \
+	fi
+	@echo "\n=== IMAGES ==="
+	@for image in $(IMAGES); do \
+		if docker images -q $$image > /dev/null 2>&1; then \
+			docker images $$image --format "table {{.Repository}}\t{{.Tag}}\t{{.ID}}\t{{.Size}}"; \
+		fi; \
+	done
+	
+# Clean up everything: containers, images, networks, volumes
+clean:
+	@echo "Cleaning up $(NAME) project..."
+	@echo "Stopping and removing containers..."
+	docker-compose -f $(COMPOSE_FILE) down --remove-orphans
+	@echo "Removing images..."
+	@for image in $(IMAGES); do \
+		if docker images -q $$image > /dev/null 2>&1; then \
+			docker rmi $$image; \
+		fi; \
+	done
+	@echo "Removing network..."
+	@if docker network ls -q --filter "name=$(NETWORK)" | grep -q .; then \
+		docker network rm $(NETWORK); \
+	fi
+	@echo "Cleaning up dangling images..."
+	@docker image prune -f
+	@echo "Clean up completed!"
+
+# Show help
+help:
+	@echo "Available targets:"
+	@echo "  up     - Build images and start containers"
+	@echo "  down   - Stop containers and remove images"
+	@echo "  ps     - Show detailed information about containers, networks, and images"
+	@echo "  clean  - Remove all project resources (containers, images, networks, volumes)"
+	@echo "  logs   - Show logs from all containers (or specific container with CONTAINER=name)"
+	@echo "  help   - Show this help message"
+
+# Show logs from containers
+logs:
+	@if [ -z "$(CONTAINER)" ]; then \
+		echo "Showing logs from all containers..."; \
+		docker-compose -f $(COMPOSE_FILE) logs -f; \
+	else \
+		echo "Showing logs from $(CONTAINER) container..."; \
+		docker-compose -f $(COMPOSE_FILE) logs -f $(CONTAINER); \
+	fi
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..c7d169b
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,66 @@
+services:
+  ftp-server:
+    container_name: ftp-server
+    image: ftp-server
+    build:
+      context: ./ftp-server
+      dockerfile: Dockerfile
+    networks:
+      - inquisitor-network
+    restart: unless-stopped
+    stop_grace_period: 2s
+    healthcheck:
+      test: ["CMD", "nc", "-z", "localhost", "21"]
+      interval: 5s
+      timeout: 3s
+      retries: 3
+      start_period: 10s
+  
+
+  ftp-client:
+    container_name: ftp-client
+    image: ftp-client
+    build:
+      context: ./ftp-client
+      dockerfile: Dockerfile
+    environment:
+      - FTP_HOST=ftp-server
+      - FTP_PORT=21
+      - FTP_USER=anonymous
+      - FTP_PASS=anonymous
+    networks:
+      - inquisitor-network
+    depends_on:
+      ftp-server:
+        condition: service_healthy
+    restart: unless-stopped
+    stop_grace_period: 2s
+    healthcheck:
+      test: ["CMD", "nc", "-z", "ftp-server", "21"]
+      interval: 5s
+      timeout: 3s
+      retries: 3
+      start_period: 10s
+
+  inquisitor:
+    container_name: inquisitor
+    image: inquisitor
+    build:
+      context: ./inquisitor
+      dockerfile: Dockerfile
+    privileged: true
+    networks:
+      - inquisitor-network
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    depends_on:
+      ftp-server:
+        condition: service_healthy
+      ftp-client:
+        condition: service_healthy
+    restart: unless-stopped
+    stop_grace_period: 2s
+
+networks:
+  inquisitor-network:
+    name: inquisitor-network
diff --git a/ftp-client/Dockerfile b/ftp-client/Dockerfile
new file mode 100644
index 0000000..c666c8c
--- /dev/null
+++ b/ftp-client/Dockerfile
@@ -0,0 +1,14 @@
+FROM alpine:latest
+
+# Install FTP client and netcat for connection testing
+RUN apk update && apk add --no-cache lftp netcat-openbsd && \
+    rm -rf /var/cache/apk/*
+
+# Copy the FTP script
+COPY ftp_script.sh /usr/local/bin/ftp_script.sh
+
+# Make the script executable
+RUN chmod +x /usr/local/bin/ftp_script.sh
+
+# Run the script
+CMD ["/usr/local/bin/ftp_script.sh"]
\ No newline at end of file
diff --git a/ftp-client/ftp_script.sh b/ftp-client/ftp_script.sh
new file mode 100644
index 0000000..ed21b09
--- /dev/null
+++ b/ftp-client/ftp_script.sh
@@ -0,0 +1,71 @@
+#!/bin/sh
+
+# Add signal handling
+cleanup() {
+    echo "Received shutdown signal, stopping FTP client..."
+    exit 0
+}
+
+# Trap SIGTERM and SIGINT
+trap cleanup SIGTERM SIGINT
+
+echo "Starting FTP client script..."
+
+# FTP server details (from environment variables with defaults)
+FTP_HOST="${FTP_HOST:-ftp-server}"
+FTP_PORT="${FTP_PORT:-21}"
+FTP_USER="${FTP_USER:-anonymous}"
+FTP_PASS="${FTP_PASS:-anonymous}"
+
+echo "Configuration:"
+echo "  FTP_HOST: $FTP_HOST"
+echo "  FTP_PORT: $FTP_PORT"
+echo "  FTP_USER: $FTP_USER"
+echo "  FTP_PASS: $FTP_PASS"
+echo ""
+
+
+while true; do
+    echo "Executing FTP commands..."
+
+    lftp -d -u $FTP_USER,$FTP_PASS $FTP_HOST <<EOF
+set ftp:ssl-allow no
+set cmd:fail-exit yes
+set net:timeout 10
+set net:max-retries 3
+ls -la
+echo 'Changing to pub directory:'
+cd pub
+echo 'Listing pub directory:'
+ls -la
+echo 'Downloading welcome.txt:'
+get welcome.txt
+echo 'Download completed!'
+quit
+EOF
+
+    echo "FTP operations completed!"
+
+    # Force stdout flush
+    sync
+
+    # Show downloaded file if it exists
+    if [ -f "welcome.txt" ]; then
+        echo "Downloaded file contents:"
+        echo "===================="
+        cat welcome.txt
+        echo ""
+        echo "===================="
+
+        rm -f welcome.txt
+        echo "welcome.txt has been removed after download."
+    else
+        echo "Warning: welcome.txt was not downloaded"
+    fi
+
+    sync
+
+    echo "Waiting 5 seconds before next FTP operation..."
+    sleep 5 &
+    wait $!
+done
diff --git a/ftp-server/Dockerfile b/ftp-server/Dockerfile
new file mode 100644
index 0000000..620da13
--- /dev/null
+++ b/ftp-server/Dockerfile
@@ -0,0 +1,26 @@
+FROM alpine:latest
+
+# Install vsftpd and netcat for healthcheck
+RUN apk update && \
+    apk add --no-cache vsftpd netcat-openbsd && \
+    rm -rf /var/cache/apk/*
+
+# Create FTP directory for anonymous users and log directory
+RUN mkdir -p /var/ftp/pub /var/log && \
+    chmod 755 /var/ftp/pub && \
+    chown ftp:ftp /var/ftp/pub && \
+    touch /var/log/xferlog /var/log/vsftpd.log && \
+    chmod 666 /var/log/xferlog /var/log/vsftpd.log
+
+# Create a test file for anonymous downloads
+COPY welcome.txt /var/ftp/pub/welcome.txt
+RUN chown ftp:ftp /var/ftp/pub/welcome.txt
+
+# Configure vsftpd for anonymous access
+COPY vsftpd.conf /etc/vsftpd/vsftpd.conf
+
+# Expose FTP port and passive mode ports
+EXPOSE 21 21100-21110
+
+# Start vsftpd in foreground mode and tail logs to stdout
+CMD sh -c "vsftpd /etc/vsftpd/vsftpd.conf & tail -f /var/log/xferlog /var/log/vsftpd.log 2>/dev/null & wait"
\ No newline at end of file
diff --git a/ftp-server/vsftpd.conf b/ftp-server/vsftpd.conf
new file mode 100644
index 0000000..2ba9e0c
--- /dev/null
+++ b/ftp-server/vsftpd.conf
@@ -0,0 +1,24 @@
+anonymous_enable=YES
+local_enable=NO
+write_enable=NO
+anon_upload_enable=NO
+anon_mkdir_write_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+listen=YES
+background=NO
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=NO
+anon_root=/var/ftp
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_min_port=21100
+pasv_max_port=21110
+log_ftp_protocol=YES
+xferlog_file=/var/log/xferlog
+vsftpd_log_file=/var/log/vsftpd.log
+dual_log_enable=YES
+ftpd_banner=Welcome to Inquisitor FTP Server
\ No newline at end of file
diff --git a/ftp-server/welcome.txt b/ftp-server/welcome.txt
new file mode 100644
index 0000000..5e4d1f3
--- /dev/null
+++ b/ftp-server/welcome.txt
@@ -0,0 +1 @@
+THIS IS THE OPEN FTP SERVER WHERE EVERYBODY CAN DOWNLOAD STUFFS
\ No newline at end of file
diff --git a/inquisitor/Dockerfile b/inquisitor/Dockerfile
new file mode 100644
index 0000000..1260456
--- /dev/null
+++ b/inquisitor/Dockerfile
@@ -0,0 +1,38 @@
+FROM python:3.11-slim
+
+# Install system dependencies required for network tools and Docker CLI
+RUN apt-get update && apt-get install -y \
+    docker.io \
+    net-tools \
+    iputils-ping \
+    tcpdump \
+    gcc \
+    python3-dev \
+    libc6-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+# Create application directory
+WORKDIR /app
+
+# Copy requirements and install Python dependencies in virtual environment
+COPY src/requirements.txt .
+RUN python3 -m venv /opt/venv && \
+    /opt/venv/bin/pip install --upgrade pip && \
+    /opt/venv/bin/pip install -r requirements.txt
+
+# Copy application files
+COPY src/ ./src/
+COPY entrypoint.sh .
+
+# Make entrypoint script executable
+RUN chmod +x entrypoint.sh
+
+# Set environment variables
+ENV PATH="/opt/venv/bin:$PATH"
+ENV PYTHONPATH="/app"
+
+# Run as root (required for network manipulation)
+USER root
+
+# Run the entrypoint script
+CMD ["./entrypoint.sh"]
\ No newline at end of file
diff --git a/inquisitor/entrypoint.sh b/inquisitor/entrypoint.sh
new file mode 100644
index 0000000..088792b
--- /dev/null
+++ b/inquisitor/entrypoint.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+echo "Starting Inquisitor ARP spoofing tool..."
+
+# Function to get IP and MAC from a container
+get_container_info() {
+    local container_name=$1
+    local ip_var=$2
+    local mac_var=$3
+    
+    echo "Getting network info for $container_name..."
+    
+    # Get MAC and IP address from Docker network
+    local ip=$(docker inspect $container_name --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}')
+    local mac=$(docker inspect $container_name --format '{{range .NetworkSettings.Networks}}{{.MacAddress}}{{end}}')
+    
+    if [ -z "$ip" ] || [ -z "$mac" ]; then
+        echo "Error: Could not get network info for $container_name"
+        exit 1
+    fi
+    
+    echo "$container_name: IP=$ip, MAC=$mac"
+    
+    export $ip_var=$ip
+    export $mac_var=$mac
+}
+
+# Get network information from FTP containers
+get_container_info "ftp-client" "TARGET_IP" "TARGET_MAC"
+get_container_info "ftp-server" "GATEWAY_IP" "GATEWAY_MAC"
+
+echo ""
+echo "Environment variables set:"
+echo "TARGET_IP=$TARGET_IP"
+echo "TARGET_MAC=$TARGET_MAC"
+echo "GATEWAY_IP=$GATEWAY_IP"
+echo "GATEWAY_MAC=$GATEWAY_MAC"
+echo ""
+
+# Activate virtual environment and run the Python script
+echo "Activating virtual environment..."
+source /opt/venv/bin/activate
+
+echo "Starting ARP spoofing attack..."
+# Run Python with unbuffered output and force line buffering
+PYTHONUNBUFFERED=1 python3 -u /app/src/inquisitor.py
+
+echo "Python script exited with code: $?"
\ No newline at end of file
diff --git a/inquisitor/requirements.txt b/inquisitor/requirements.txt
new file mode 100644
index 0000000..e69de29
diff --git a/inquisitor/src/inquisitor.py b/inquisitor/src/inquisitor.py
new file mode 100644
index 0000000..be056bc
--- /dev/null
+++ b/inquisitor/src/inquisitor.py
@@ -0,0 +1,8 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+
+def main():
+    print("Hello, Inquisitor!")
+
+if __name__ == "__main__":
+    main()
\ No newline at end of file
diff --git a/inquisitor/src/requirements.txt b/inquisitor/src/requirements.txt
new file mode 100644
index 0000000..11d8e12
--- /dev/null
+++ b/inquisitor/src/requirements.txt
@@ -0,0 +1,2 @@
+scapy==2.5.0
+netifaces==0.11.0