Docker Compose based system for running remote browsers (including Flash and Java support) connected to web archives

Related tags

Security related resources emulation browsers webrecorder pywb remote-browsers
Overview

pywb Remote Browsers

This repository provides a simple configuration for deploying any pywb with remote browsers provided by OWT/Shepherd Remote Browser System

To use:

  1. Clone this repo

  2. Add new or existing collections to the collections directory, eg. by running wb-manager or copy an existing pywb collections directory into the local collections directory.

  3. Pull one or more Browser Docker Images from: https://hub.docker.com/r/oldwebtoday/chrome/tags or https://hub.docker.com/r/oldwebtoday/firefox/tags

(See below for more info).

  1. Run docker-compose up -d to start.

  2. Go to http://localhost:9020/

Browsing UI

The default UI provides a set of controls for entering URL, timestamp, choosing a browser, and choosing a collection. The system will then start the selected remote browser connected to that pywb collection in an iframe.

Viewer UI

To load the remote browser directly without the iframe or sidebar controls, you can also visit http://localhost:9020/<browser>/<coll>/<timestamp>/<url>.

Getting Remote Browser Images

The Browser Images are downloaded manually, to allow users to choose which browsers they want to run.

Browsers can be obtained from the oldwebtoday browser repos including: https://hub.docker.com/r/oldwebtoday/chrome/tags and https://hub.docker.com/r/oldwebtoday/firefox/tags.

At least one browser must be downloaded for the system to work, eg. docker pull oldwebtoday/chrome:88.

Additional browsers will (hopefully) be added in the future!

Adding pywb collections

pywb collections can be added while the system is running, and will be recognized on refresh, for example:

wb-manager init new-coll
wb-manager add new-coll some-warc-files.warc

The new-coll should now appear in the collection dropdown.

Audio

The system is configured with audio support via WebRTC, using a turn server operating on port 33478. This port must be accessible to if connecting remotely.

TODO Add docs on configuring over SSL via nginx proxying.

You might also like...
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk

Fox-IT 431 Dec 22, 2022
Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's for connected iDevice

FutureHelper Supports macOS and Windows Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's (including beta firmwares) fo

Kasim Hussain 7 Jan 5, 2023
Simple Python 3 script to detect the
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

Víctor García 187 Jan 3, 2023
Simple Python 3 script to detect the
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

Wade 1 Dec 15, 2021
An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic lights, Refridgerators, Smart TVs etc.

An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic

Richard Mwewa 48 Nov 20, 2022
Brute-Force-Connected
Brute-Force-Connected

Brute-Force-Connected Guess the password for Connected accounts the use : Create a new file and put usernames and passwords in it Example : joker:1234

null 4 Jun 5, 2022
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w

Podalirius 48 Dec 3, 2022
MongoDB-Injection - This challenge-script is custom-made for web-server running MongoDB which is vulnerable to No-SQL injection

MongoDB-Injection Cheesy Multi-threaded script for NoSQL Injection This challeng

Caretaker 2 Jun 6, 2022
A dynamic multi-STL, multi-process OpenSCAD build system with autoplating support

scad-build This is a multi-STL OpenSCAD build system based around GNU make. It supports dynamic build targets, intelligent previews with user-defined

Jordan Mulcahey 1 Dec 21, 2021
Comments
  • Failed to load resource: the server responded with a status of 404 (NOT FOUND)

    Failed to load resource: the server responded with a status of 404 (NOT FOUND)

    I have follow all steps as described but got this error when I try to connect an URL. Please look into this error, what I am doing wrong. If you have any other example implementing pywb? I need to connect to remote URL with headless chrome (Like co-browsing).

    URL :- /api/flock/start/UVALFHP74PWF2NZN5IY3QL4A

    Payload:- { "SCREEN_WIDTH": 1120, "SCREEN_HEIGHT": 312, "AUDIO_TYPE": "webrtc", "REQ_ID": "UVALFHP74PWF2NZN5IY3QL4A" }

    Response:-

    {"details": "Traceback (most recent call last):\n File "/usr/local/lib/python3.5/site-packages/docker/api/client.py", line 261, in _raise_for_status\n response.raise_for_status()\n File "/usr/local/lib/python3.5/site-packages/requests/models.py", line 940, in raise_for_status\n raise HTTPError(http_error_msg, response=self)\nrequests.exceptions.HTTPError: 404 Client Error: Not Found for url: http+docker://localhost/v1.35/containers/create?name=xserver-UVALFHP74PWF2NZN5IY3QL4A\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File "/app/shepherd/shepherd.py", line 190, in start_flock\n auto_remove=auto_remove)\n File "/app/shepherd/shepherd.py", line 359, in run_container\n volumes=volumes\n File "/usr/local/lib/python3.5/site-packages/docker/api/container.py", line 430, in create_container\n return self.create_container_from_config(config, name)\n File "/usr/local/lib/python3.5/site-packages/docker/api/container.py", line 441, in create_container_from_config\n return self._result(res, True)\n File "/usr/local/lib/python3.5/site-packages/docker/api/client.py", line 267, in _result\n self._raise_for_status(response)\n File "/usr/local/lib/python3.5/site-packages/docker/api/client.py", line 263, in _raise_for_status\n raise create_api_error_from_http_exception(e)\n File "/usr/local/lib/python3.5/site-packages/docker/errors.py", line 31, in create_api_error_from_http_exception\n raise cls(e, response=response, explanation=explanation)\ndocker.errors.ImageNotFound: 404 Client Error: Not Found ("No such image: oldwebtoday/remote-desktop-server:latest")\n", "error": "start_error"}

    image

    opened by raychandan 1
Owner
Webrecorder
Webrecorder Project
Webrecorder
GitHub
Yara Based Detection Engine for web browsers

Yobi Yara Based Detection for web browsers System Requirements Yobi requires python3 and and right now supports only firefox and other Gecko-based bro

imp0rtp3 44 Nov 20, 2022
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,

null 53 Nov 1, 2022
Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本,扫描主机上所有java进程,检测是否引入了有漏洞的log4j-core jar包,是否可能遭到远程代码执行攻击(CVE-2021-45046)。上传扫描报告到指定的服

null 86 Dec 9, 2022
recover Firefox and more browsers logins

Browser Creds this script will recover saved browsers logins into txt files. It currently only support windows 10. currently support : Chrome Opera Fi

HugoLB 41 Nov 9, 2022
proof-of-concept running docker container from omero web

docker-from-omero-poc proof-of-concept running docker container from omero web How-to Edit test_script.py so that the BaseClient is created pointing t

Erick Martins Ratamero 2 Jan 22, 2022
Python tool for dumping flash via uboot reliably

Reliable Uboot Flash Dumper is a Python tool for dumping flash via uboot reliably. If you've ever had to dump flash via uboot and a serial connection and became frustrated about doing it several times and hand-merging files together to fix issues, this should help you out

SecurityJon 25 May 10, 2022
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Astro 9 Sep 27, 2022
log4j-tools: CVE-2021-44228 poses a serious threat to a wide range of Java-based applications

log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview

JFrog Ltd. 171 Dec 25, 2022
Add a Web Server based on Rogue Mysql Server to allow remote user get

介绍 对于需要使用 Rogue Mysql Server 的漏洞来说,若想批量检测这种漏洞的话需要自备一个服务器。并且我常用的Rogue Mysql Server 脚本 不支持动态更改读取文件名、不支持远程用户访问读取结果、不支持批量化检测网站。于是乎萌生了这个小脚本的想法 Rogue-MySql-

null 6 May 17, 2022
Learning to compose soft prompts for compositional zero-shot learning.

Compositional Soft Prompting (CSP) Compositional soft prompting (CSP), a parameter-efficient learning technique to improve the zero-shot compositional

Bats Research 32 Jan 2, 2023