docker_fetch/docker_image_fetch.py at ec10dda4b1812ae3732489254b9d90d1aa537db3 · NotSoSecure/docker_fetch · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
import os
import json
import optparse
import requests

# pulls Docker Images from unauthenticated docker registry api.
# and checks for docker misconfigurations.

apiversion = "v2"
final_list_of_blobs = []


# Disable insecure request warning
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

parser = optparse.OptionParser()
parser.add_option('-u', '--url', action="store", dest="url", help="URL Endpoint for Docker Registry API v2. Eg https://IP:Port", default="spam")
options, args = parser.parse_args()
url = options.url


def list_repos():
	req = requests.get(url+ "/" + apiversion + "/_catalog", verify=False)
	return json.loads(req.text)["repositories"]

def find_tags(reponame):
	req = requests.get(url+ "/" + apiversion + "/" + reponame+"/tags/list", verify=False)
	print("\n")
	data =  json.loads(req.content)
	if "tags" in data:
		return data["tags"]


def list_blobs(reponame,tag):
	req = requests.get(url+ "/" + apiversion + "/" + reponame+"/manifests/" + tag, verify=False)
	data = json.loads(req.content)
	if "fsLayers" in data:
		for x in data["fsLayers"]:
			curr_blob = x['blobSum'].split(":")[1]
			if curr_blob not in final_list_of_blobs:
				final_list_of_blobs.append(curr_blob)

def download_blobs(reponame, blobdigest,dirname):
	req = requests.get(url+ "/" + apiversion + "/" + reponame +"/blobs/sha256:" + blobdigest, verify=False)
	filename = "%s.tar.gz" % blobdigest
	with open(dirname + "/" + filename, 'wb') as test:
		test.write(req.content)

def main():
	if url is not "spam":
		list_of_repos = list_repos()
		print("\n[+] List of Repositories:\n")
		for x in list_of_repos:
			print(x)
		target_repo = input("\nWhich repo would you like to download?:  ")
		if target_repo in list_of_repos:
			tags = find_tags(target_repo)
			if tags is not None:
				print("\n[+] Available Tags:\n")
				for x in tags:
					print(x)

				target_tag = input("\nWhich tag would you like to download?:  ")
				if target_tag in tags:
					list_blobs(target_repo,target_tag)

					dirname = input("\nGive a directory name:  ")
					os.makedirs(dirname)
					print("Now sit back and relax. I will download all the blobs for you in %s directory. \nOpen the directory, unzip all the files and explore like a Boss. " % dirname)
					for x in final_list_of_blobs:
						print("\n[+] Downloading Blob: %s" % x)
						download_blobs(target_repo,x,dirname)
				else:
					print("No such Tag Available. Qutting....")
			else:
				print("[+] No Tags Available. Quitting....")
		else:
			print("No such repo found. Quitting....")
	else:
		print("\n[-] Please use -u option to define API Endpoint, e.g. https://IP:Port\n")


if __name__ == "__main__":
	main()