My Ubuntu 20.04 comes with Python 3.8.10, and I need to upgrade it to 3.10 for a workshop.
Here are the steps:
$ sudo add-apt-repository ppa:deadsnakes/ppa
$ sudo apt-get update
$ apt-get update
$ apt list | grep python3.10
$ sudo apt-get install python3.10
$ sudo update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.8 1
$ sudo update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.10 2
$ sudo update-alternatives --config python3
$ python3 -V
Here's the easiest way to run nuclei with Multipass.
PS> multipass launch docker -n tiger
PS> multipass shell tiger
ubuntu@tiger:~$ docker pull projectdiscovery/nuclei:latest
ubuntu@tiger:~$ docker images
ubuntu@tiger:~$ docker run -i -t bb2be5c37d25 --version
ubuntu@tiger:~$ docker run -i -t bb2be5c37d25 -update
ubuntu@tiger:~$ docker run -i -t bb2be5c37d25 -ut
ubuntu@tiger:~$ echo http://172.22.64.197 > urls.txt
ubuntu@tiger:~$ echo http://172.22.64.197:8080 >> urls.txt
ubuntu@tiger:~$ git clone https://github.com/projectdiscovery/nuclei-templates
ubuntu@tiger:~$ cat urls.txt | docker run -v /home/ubuntu/nuclei-templates:/go/src/app/ -i projectdiscovery/nuclei -t ./technologies/nginx/nginx-version.yaml -t ./technologies/apache/apache-detect.yaml > results.txt
ubuntu@tiger:~$ more results.txt
+-------+-------+---------+
| TOTAL | ADDED | REMOVED |
+-------+-------+---------+
| 4306 | 40 | 0 |
+-------+-------+---------+
[2022-10-04 10:16:00] [apache-detect] [http] [info] http://172.22.64.197:8080 [Apache/2.4.52 (Ubuntu)]
[2022-10-04 10:16:00] [nginx-version] [http] [info] http://172.22.64.197 [nginx/1.18.0]
ubuntu@tiger:~$ cat urls.txt | docker run -v /home/ubuntu/nuclei-templates:/go/src/app/ -i projectdiscovery/nuclei > result2.txt
ubuntu@tiger:~$ more result2.txt
[2022-10-04 10:28:00] [default-apache2-ubuntu-page] [http] [info] http://172.22.64.197:8080
[2022-10-04 10:28:00] [apache-detect] [http] [info] http://172.22.64.197:8080 [Apache/2.4.52 (Ubuntu)]
[2022-10-04 10:28:00] [default-apache-test-all] [http] [info] http://172.22.64.197:8080 [Apache/2.4.52 (Ubuntu)]
[2022-10-04 10:28:00] [nginx-version] [http] [info] http://172.22.64.197 [nginx/1.18.0]
[2022-10-04 10:28:00] [default-nginx-page] [http] [info] http://172.22.64.197
[2022-10-04 10:28:02] [tech-detect:nginx] [http] [info] http://172.22.64.197
[2022-10-04 10:28:29] [openssh-detect] [network] [info] 172.22.64.197:22 [SSH-2.0-OpenSSH_8.9p1 Ubuntu-3]
[2022-10-04 10:28:30] [http-missing-security-headers:cross-origin-opener-policy] [http] [info] http://172.22.64.197:808
0
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-allow-origin] [http] [info] http://172.22.64.197:80
80
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-expose-headers] [http] [info] http://172.22.64.197:
8080
[2022-10-04 10:28:30] [http-missing-security-headers:strict-transport-security] [http] [info] http://172.22.64.197:8080
[2022-10-04 10:28:30] [http-missing-security-headers:permissions-policy] [http] [info] http://172.22.64.197:8080
[2022-10-04 10:28:30] [http-missing-security-headers:x-frame-options] [http] [info] http://172.22.64.197:8080
[2022-10-04 10:28:30] [http-missing-security-headers:x-content-type-options] [http] [info] http://172.22.64.197:8080
[2022-10-04 10:28:30] [http-missing-security-headers:x-permitted-cross-domain-policies] [http] [info] http://172.22.64.
197:8080
[2022-10-04 10:28:30] [http-missing-security-headers:referrer-policy] [http] [info] http://172.22.64.197:8080
[2022-10-04 10:28:30] [http-missing-security-headers:cross-origin-embedder-policy] [http] [info] http://172.22.64.197:8
080
[2022-10-04 10:28:30] [http-missing-security-headers:cross-origin-resource-policy] [http] [info] http://172.22.64.197:8
080
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-max-age] [http] [info] http://172.22.64.197:8080
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-allow-headers] [http] [info] http://172.22.64.197:8
080
[2022-10-04 10:28:30] [http-missing-security-headers:clear-site-data] [http] [info] http://172.22.64.197:8080
[2022-10-04 10:28:30] [http-missing-security-headers:content-security-policy] [http] [info] http://172.22.64.197:8080
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-allow-credentials] [http] [info] http://172.22.64.1
97:8080
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-allow-methods] [http] [info] http://172.22.64.197:8
080
[2022-10-04 10:28:30] [http-missing-security-headers:strict-transport-security] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:x-frame-options] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:x-content-type-options] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:x-permitted-cross-domain-policies] [http] [info] http://172.22.64.
197
[2022-10-04 10:28:30] [http-missing-security-headers:referrer-policy] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-allow-origin] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-allow-methods] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:cross-origin-embedder-policy] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-max-age] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-expose-headers] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-allow-headers] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:content-security-policy] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:permissions-policy] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:clear-site-data] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:cross-origin-opener-policy] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:cross-origin-resource-policy] [http] [info] http://172.22.64.197
[2022-10-04 10:28:30] [http-missing-security-headers:access-control-allow-credentials] [http] [info] http://172.22.64.1
97
[2022-10-04 10:28:34] [options-method] [http] [info] http://172.22.64.197:8080 [HEAD,GET,POST,OPTIONS]
[2022-10-04 10:28:34] [openssh-detect] [network] [info] 172.22.64.197:22 [SSH-2.0-OpenSSH_8.9p1 Ubuntu-3]
[2022-10-04 10:28:41] [waf-detect:nginxgeneric] [http] [info] http://172.22.64.197/
[2022-10-04 10:28:41] [waf-detect:apachegeneric] [http] [info] http://172.22.64.197:8080/
Links:
Prerequisite: You need to have a working multipass, and preferably a Linux-based host. (I'm using WSL 😎 )
Then follow the steps to create the virtual machines and follow by create the k3s cluster. K3s promises to be a lightweight K8s.
Here are the tools used and the description.
| Tools | Description |
|---|---|
| Multipass | It's a system that orchestrates the creation, management and maintenance of virtual machines and associated Ubuntu images to siplify development. |
| K3s | K3s is a certified Kubernetes distribution designed for production workloads in unattended, resource-constrained, remote locations or inside IoT appliances. |
First, we need 1 master node (kmaster) and 2 worker nodes (kworker1 and kworker2).
$ multipass launch --name kmaster
$ multipass launch --name kworker1
$ multipass launch --name kworker2
Second, we need to create the K3s cluster.
$ multipass exec kmaster -- /bin/bash -c "curl -sfL https://get.k3s.io | sh -"
$ K3S_NODEIP_MASTER="https://kmaster.mshome.net:6443"
$ K3S_TOKEN="$(multipass exec kmaster -- /bin/bash -c "sudo cat /var/lib/rancher/k3s/server/node-token")"
$ multipass exec kworker1 -- /bin/bash -c "curl -sfL https://get.k3s.io | K3S_TOKEN=${K3S_TOKEN} K3S_URL=${K3S_NODEIP_MASTER} sh -"
$ multipass exec kmuworker2 -- /bin/bash -c "curl -sfL https://get.k3s.io | K3S_TOKEN=${K3S_TOKEN} K3S_URL=${K3S_NODEIP_MASTER} sh -"
Multipass is a great tool for working with containers.
Minikube workflow is another great example of a built-in tool for container development. And Microk8s runs on top of Multipass cross-platform and is for pocket-sized Kubernetes.
An extra tool in Docker workflow is Portainer. In fact, each VM instance created with the Docker workflow comes with a Portainer container already running in Docker. Once that instance is launched, you’re already up and running with a convenient GUI interface (at port 9000) for launching and managing your containers.
multipass launch docker -n <instance-name>
multipass launch docker -n dk
multipass info dk
To access the docker command interface:
multipass exec dk docker
To create alias for docker:
multipass alias <instance>:<command> <alias-cmd>
multipass alias dk:docker dkr
To run the hello-world container:
dkr run hello-world
multipass dkr run hello-world
multipass dkr version
 |
| multipass dkr version |
To access the portainer with browser, open the URL at http://dk_ip_addr:9000
C:\>multipass find --format json
{
"errors": [
],
"images": {
"18.04": {
"aliases": [
"bionic"
],
"os": "Ubuntu",
"release": "18.04 LTS",
"remote": "",
"version": "20220921"
},
"20.04": {
"aliases": [
"focal"
],
"os": "Ubuntu",
"release": "20.04 LTS",
"remote": "",
"version": "20220920"
},
"22.04": {
"aliases": [
"jammy",
"lts"
],
"os": "Ubuntu",
"release": "22.04 LTS",
"remote": "",
"version": "20220923"
},
"anbox-cloud-appliance": {
"aliases": [
],
"os": "",
"release": "Anbox Cloud Appliance",
"remote": "",
"version": "latest"
},
"appliance:adguard-home": {
"aliases": [
],
"os": "Ubuntu",
"release": "AdGuard Home Appliance",
"remote": "appliance",
"version": "20200812"
},
"appliance:mosquitto": {
"aliases": [
],
"os": "Ubuntu",
"release": "Mosquitto Appliance",
"remote": "appliance",
"version": "20200812"
},
"appliance:nextcloud": {
"aliases": [
],
"os": "Ubuntu",
"release": "Nextcloud Appliance",
"remote": "appliance",
"version": "20200812"
},
"appliance:openhab": {
"aliases": [
],
"os": "Ubuntu",
"release": "openHAB Home Appliance",
"remote": "appliance",
"version": "20200812"
},
"appliance:plexmediaserver": {
"aliases": [
],
"os": "Ubuntu",
"release": "Plex Media Server Appliance",
"remote": "appliance",
"version": "20200812"
},
"charm-dev": {
"aliases": [
],
"os": "",
"release": "A development and testing environment for charmers",
"remote": "",
"version": "latest"
},
"core": {
"aliases": [
"core16"
],
"os": "Ubuntu",
"release": "Core 16",
"remote": "",
"version": "20200818"
},
"core18": {
"aliases": [
],
"os": "Ubuntu",
"release": "Core 18",
"remote": "",
"version": "20211124"
},
"docker": {
"aliases": [
],
"os": "",
"release": "A Docker environment with Portainer and related tools",
"remote": "",
"version": "latest"
},
"jellyfin": {
"aliases": [
],
"os": "",
"release": "Jellyfin is a Free Software Media System that puts you in control of managing and streaming your media.",
"remote": "",
"version": "latest"
},
"minikube": {
"aliases": [
],
"os": "",
"release": "minikube is local Kubernetes",
"remote": "",
"version": "latest"
},
"snapcraft:core18": {
"aliases": [
"18.04"
],
"os": "",
"release": "Snapcraft builder for Core 18",
"remote": "snapcraft",
"version": "20201111"
},
"snapcraft:core20": {
"aliases": [
"20.04"
],
"os": "",
"release": "Snapcraft builder for Core 20",
"remote": "snapcraft",
"version": "20210921"
},
"snapcraft:core22": {
"aliases": [
"22.04"
],
"os": "",
"release": "Snapcraft builder for Core 22",
"remote": "snapcraft",
"version": "20220426"
}
}
}
C:\>multipass version --format json
{
"multipass": "1.10.1+win",
"multipassd": "1.10.1+win"
}
C:\>multipass find --format -h
Usage: multipass find [options] [<remote:>][<string>]
Lists available images matching <string> for creating instances from.
With no search string, lists all aliases for supported Ubuntu releases.
Options:
-?, -h, --help Displays help on commandline options
-v, --verbose Increase logging verbosity. Repeat the 'v' in the short
option for more detail. Maximum verbosity is obtained with
4 (or more) v's, i.e. -vvvv.
--show-unsupported Show unsupported cloud images as well
--format <format> Output list in the requested format.
Valid formats are: table (default), json, csv and yaml
Arguments:
string An optional value to search for in [<remote:>]<string>
format, where <remote> can be either ‘release’ or ‘daily’.
If <remote> is omitted, it will search ‘release‘ first,
and if no matches are found, it will then search ‘daily‘.
<string> can be a partial image hash or an Ubuntu release
version, codename or alias.
 |
| multipass find --format table |