An Interest In:
Web News this Week
- April 4, 2024
- April 3, 2024
- April 2, 2024
- April 1, 2024
- March 31, 2024
- March 30, 2024
- March 29, 2024
December 18, 2020 05:08 pm GMT
Original Link: https://dev.to/sambhav2612/reverse-engineering-a-docker-image-i8c
Reverse engineering a docker image
We all know that docker is a great tool to build and deploy applications. However, it is rather difficult to get the source code of a 3rd party image as a developer. In this guide, I will attempt to clone the source code of a downloaded image from a remote server.
There are some things to keep in check in case you come across such:
Inspecting a docker image:
sudo docker image inspect <IMAGE_NAME>
Enter fullscreen mode Exit fullscreen mode
This command will provide the image configuration in JSON with one crucial detail to look for i.e., where the actual code of the image resides within it. Look out for WorkingDir
under ContainerConfig
and that will be the root of the source code being run by the image.
For Example:
[ { "Id": "...", "RepoTags": [ "..." ], "RepoDigests": [ "..." ], "Parent": "", "Comment": "", "Created": "2020-11-04T16:28:13.6789081Z", "Container": "...", "ContainerConfig": { "Hostname": "cd849c8982e0", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NODE_VERSION=14.15.0", "YARN_VERSION=1.22.5", "NODE_ENV=production" ], "Cmd": [ "/bin/sh", "-c", "#(nop) ", "CMD [\"node\" \"/var/apps/app-name/main.js\"]" ], "Image": "...", "Volumes": null, "WorkingDir": "/var/apps/app-name", // <--- THIS LINE "Entrypoint": [ "docker-entrypoint.sh" ], "OnBuild": null, "Labels": {} }, "DockerVersion": "19.03.12", "Author": "", "Config": { "Hostname": "", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NODE_VERSION=14.15.0", "YARN_VERSION=1.22.5", "NODE_ENV=production" ], "Cmd": [ "node", "/var/apps/app-name/main.js" ], "Image": "...", "Volumes": null, "WorkingDir": "/var/apps/app-name", "Entrypoint": [ "docker-entrypoint.sh" ], "OnBuild": null, "Labels": null }, "Architecture": "amd64", "Os": "linux", "Size": 932787935, "VirtualSize": 932787935, "GraphDriver": { "Data": { "LowerDir": "...", "MergedDir": "...", "UpperDir": "...", "WorkDir": "..." }, "Name": "overlay2" }, "RootFS": { "Type": "layers", "Layers": [ "...", "...", "...", "...", "...", "...", "...", "...", "...", "...", "...", "..." ] }, "Metadata": { "LastTagTime": "0001-01-01T00:00:00Z" } }]
Enter fullscreen mode Exit fullscreen mode
Cloning a docker image
# Create a new temporary image from the existing docker image$ sudo docker create --name="tmp_$$" <IMAGE_NAME:TAG># Export the temporary image to a tarball$ sudo docker export tmp_$$ > image.tar# Delete the temporary image$ sudo docker rm tmp_$$# Let's use sftp to download the tarball to our local machine$ sftp -i <KEY> <USERNAME>@<SERVER_NAME>$ get image.tar# Now once you have the tarball downloaded to you local machine, extract and navigate to the `WorkingDir` highlighted earlier, which here was `/var/apps/app-name/`$ cd /Downloads/<EXTRACTED_IMAGE_FOLDER_NAME><WorkingDir>
Enter fullscreen mode Exit fullscreen mode
And there you have it, the source code of a 3rd party image.
Things to consider before attempting this:
- sftp will use your local bandwidth to download any files from the remote server, so a Wi-Fi/Broadband connection is suggested for this as the docker images tend to be rather big in size and will take a considerable amount to download, therefore.
- Add
sudo
before the docker commands in case without sudoer it doesn't work.
Original Link: https://dev.to/sambhav2612/reverse-engineering-a-docker-image-i8c
Share this article:
Tweet
View Full Article
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To