I and a good friend and mentor usually train a class on Industrial Control Systems (ICS) and we usually have various practical labs. This post will mainly assist on how to setup an MQTT lab on docker with polymorph. With this lab you can go through the polymorph case studies.
No need of setting up the enviroment on your localhost.
PS: Only tested on Linux, use tmux for split windows feature.
You will require to pull to docker images; eclipse-mosquitto
and ubuntu
.
docker pull eclipse-mosquitto ubuntu
The lab requires three diffrent hosts; machineA
which will be the MQTT Broker, machineB
which will be the MQTT Client and machineC
which will have polymorph installed (for modifying MQTT network packets on the fly).
Below is the mosquitto.conf
file that you will require to continue to the next step.
persistence false
allow_anonymous true
connection_messages true
log_type all
listener 1883
On the location where the conf file is run the command below;
# starting MQTT
docker run -it -p 1883:1883 --name machineA -h machineA -v `pwd`/mosquitto.conf:/mosquitto/config/mosquitto.conf eclipse-mosquitto
In a different terminal run the command below;
# creating a subscriber topic named test
docker exec -it machineA mosquitto_sub -t test
Spin up an ubuntu container with the below commad;
# pure ubuntu container
docker run -it --name machineB -h machineB ubuntu /bin/bash
Install MQTT and some other basic tools inside machineB
container.
# installing MQTT and some other basic tools
apt update && apt install mosquitto mosquitto-clients net-tools iputils-ping netcat -y
Test if we can send a message to our machineA
subscriber topic test
mosquitto_pub -t test -m hello -h [machineA-ip]
mosquitto_pub -t test -m "it works" -h [machineA-ip]
machineA
should be receiving published messages: hello
and it works
from machineB
.
Spin up an ubunter container in privileged mode.
#pure ubuntu container
docker run --privileged -it --name MachineC -h MachineC ubuntu /bin/bash
Install polymorph dependancies and other basic tools.
# requirements
apt update && apt install python3 build-essential libnetfilter-queue-dev tshark \
tcpdump python3-pip git net-tools iputils-ping tmux vim netcat iptables -y
pip3 install git+https://github.com/kti/python-netfilterqueue
# install polymorph
pip3 install polymorph
From here I guess you are good to go.