Skip to content

Add testbed for QCOW Extractor #187

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
0xXA wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add testbed for QCOW Extractor #187

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions qcow2/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
FROM ubuntu:22.04

RUN apt-get update

RUN mkdir -p /testdata

# Set working directory
WORKDIR /testdata

# Copy valid .qcow2 files into the container
COPY valid-ext-exfat-fat32-ntfs.qcow2 /testdata/valid-ext-exfat-fat32-ntfs.qcow2
COPY valid-ext-exfat-fat32-ntfs-encrypted.qcow2 /testdata/valid-ext-exfat-fat32-ntfs-encrypted.qcow2

CMD ["/bin/bash"]
26 changes: 26 additions & 0 deletions qcow2/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# OSV-Scalibr: QCOW2 Extractor

This directory contains a test Dockerfile for validating OSV-Scalibr's QCOW2 Extractor plugin. A QCOW (Copy on Write) file is a disk image format commonly used by virtual machines to emulate a physical hard drive.

## Setup

### Build the Docker Image

```bash
cd security-testbeds/qcow2
docker build -t qcow2-extractor-testbed .
```

### Run the Container

```bash
docker run -it --rm qcow2-extractor-testbed /bin/bash
```

### Running OSV-Scalibr

Build or copy the `scalibr` binary to the current directory, and inside the container, run `scalibr` with the qcow2 extractor:

```bash
./scalibr --plugin-config=qcow2:{password:\"Yuvraj\"} --plugins=secrets/privatekey --extractors=embeddedfs/qcow2 --result out.textproto valid-ext-exfat-fat32-ntfs.qcow2 valid-ext-exfat-fat32-ntfs-encrypted.qcow2
```
44 changes: 44 additions & 0 deletions qcow2/genqcow2.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
#!/usr/bin/env bash

dd if=/dev/zero of=valid.img bs=1M count=256
parted -s --align optimal valid.img --script mklabel gpt
parted -s --align optimal valid.img --script mkpart primary ext4 0% 25%
parted -s --align optimal valid.img --script mkpart primary ntfs 25% 50%
parted -s --align optimal valid.img --script set 2 msftdata on
parted -s --align optimal valid.img --script mkpart primary ntfs 50% 75%
parted -s --align optimal valid.img --script set 3 msftdata on
parted -s --align optimal valid.img --script mkpart primary ntfs 75% 100%
parted -s --align optimal valid.img --script set 3 msftdata on
sudo losetup -fP valid.img
LOOPDEV=$(losetup -j valid.img | cut -d: -f1)
PARTITION1="${LOOPDEV}p1"
PARTITION2="${LOOPDEV}p2"
PARTITION3="${LOOPDEV}p3"
PARTITION4="${LOOPDEV}p4"
sudo mkfs.ext4 $PARTITION1
sudo mkfs.exfat $PARTITION2
sudo mkfs.vfat -F 32 $PARTITION3
sudo mkfs.ntfs $PARTITION4
sudo rm -rf /mnt/valid*
sudo mkdir /mnt/valid1
sudo mkdir /mnt/valid2
sudo mkdir /mnt/valid3
sudo mkdir /mnt/valid4
sudo mount ${PARTITION1} /mnt/valid1
sudo mount ${PARTITION2} /mnt/valid2
sudo mount ${PARTITION3} /mnt/valid3
sudo mount ${PARTITION4} /mnt/valid4
openssl genrsa -out private-key.pem 4096
sudo cp private-key.pem /mnt/valid1/private-key1.pem
sudo cp private-key.pem /mnt/valid2/private-key2.pem
sudo cp private-key.pem /mnt/valid3/private-key3.pem
sudo cp private-key.pem /mnt/valid4/private-key4.pem
sudo umount /mnt/valid1
sudo umount /mnt/valid2
sudo umount /mnt/valid3
sudo umount /mnt/valid4
sudo losetup -d ${LOOPDEV}
sudo rm -rf /mnt/valid*
qemu-img convert valid.img -O qcow2 valid-ext-exfat-fat32-ntfs.qcow2
qemu-img convert --object secret,data="Yuvraj",id=sec0 -f raw valid.img -o encrypt.format=luks,encrypt.key-secret=sec0 -O qcow2 valid-ext-exfat-fat32-ntfs-encrypted.qcow2
rm private-key.pem valid.img
Binary file added qcow2/valid-ext-exfat-fat32-ntfs-encrypted.qcow2
View file
Open in desktop
Binary file not shown.
Binary file added qcow2/valid-ext-exfat-fat32-ntfs.qcow2
View file
Open in desktop
Binary file not shown.