I was looking for a well-known CMS (Content Management System) that I could easily run in a Docker container as a target for information security reconnaissance tools, such as WhatWeb.
Using a backend MySQL database on localhost
I had some problems running it at first. I tried to set up a local MariaDB/MySQL database and have the Joomla container communicate directly with the underlying host:
docker run --name some-joomla -e JOOMLA_DB_HOST=localhost:3306 -e JOOMLA_DB_USER=joomla -e JOOMLA_DB_PASSWORD=joomP455 -d joomla
That didn’t work. The Joomla container crashed shortly after starting. When I looked at the container logs using the following command:
docker logs some-joomla
I found the same error message repeated several times:
Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'joomla'@'localhost' (using password: YES) in /makedb.php on line 20
Of course! Within the context of the container,
localhost means the container itself!
I was able to get this to work by specifying
--network=host. (See Use Host Networking in the Docker documentation.)
Here was the command I used (after creating a joomla database and joomla database user):
docker run --name some-joomla -e JOOMLA_DB_HOST=127.0.0.1 -e JOOMLA_DB_USER=joomla -e JOOMLA_DB_PASSWORD=joomP455 -e JOOMLA_DB_NAME=joomla --network host -d joomla
Using a Dockerized MySQL database as the backend
That was great progress! But since this was just for a temporary demo, I found an even easier way: using a MySQL Docker container as the backend database: https://hub.docker.com/_/mysql
This is what I tried the first time:
docker run --name some-mysql -e MYSQL_ROOT_PASSWORD=passW0rd -e MYSQL_DATABASE=joomla -e MYSQL_USER=joomla -e MYSQL_PASSWORD=joomP455 -d mysql:latest
That didn’t work, though. When I started the Joomla container using the following command:
docker run --name some-joomla --link some-mysql:mysql -p 8080:80 -d joomla:latest
The container would soon stop. I looked at the logs using
docker logs some-joomla and found the same error message repeated numerous times:
Warning: mysqli::__construct(): The server requested authentication method unknown to the client [caching_sha2_password] in /makedb.php on line 20
I searched for that error message, and found a GitHub issue for another project that suggested downgrading MySQL (https://github.com/laradock/laradock/issues/1390).
docker run --name some-mysql -e MYSQL_ROOT_PASSWORD=passW0rd -e MYSQL_DATABASE=joomla -e MYSQL_USER=joomla -e MYSQL_PASSWORD=joomP455 -d mysql:5 docker run --name some-joomla --link some-mysql:mysql -p 8080:80 -d joomla:latest
It worked! I was able to access the Joomla setup on http://localhost:8080
However, I ran into an error on step 2 of the web-based Joomla setup (configuring the database):
Error Could not connect to the database. Connector returned number: Could not connect to MySQL server.
I turns out, I had specified
localhost as the database host, as suggested. This is, of course, the same problem I had before:
localhost, on the container, is the container itself! I used the following command:
docker inspect some-mysql
From that output I discovered that the
some-mysql container’s IP address was 172.17.0.2, which was reachable from the other container.
Unless your Docker installation is substantially different, if you start the
some-mysql container followed by the
some-joomla container, you can likely used the same IP address I did. (In my case, the some-joomla container’s IP address was the next sequential address: 172.17.0.3.)
Scanning the Joomla container
Now I had a running Joomla instance that I could target using WhatWeb and other scanners:
# whatweb -a 4 localhost:8080 http://localhost:8080 [200 OK] Apache[2.4.38], Cookies[e6b39c2ef305d5fa34c3ba66a227b8de], HTML5, HTTPServer[Debian Linux][Apache/2.4.38 (Debian)], HttpOnly[e6b39c2ef305d5fa34c3ba66a227b8de], IP[::1], JQuery, MetaGenerator[Joomla! - Open Source Content Management], OpenSearch[http://localhost:8080/index.php/component/search/?layout=blog&id=9&Itemid=101&format=opensearch], PHP[7.2.23], Script, Title[Home], X-Powered-By[PHP/7.2.23]