Share 
## https://sploitus.com/exploit?id=A6877829-9466-5B2C-B246-8DFE2FEDAFC1
```bash
python scripts-export_container.py \
 --image-path rockmelodies/sqli-lab:latest \
 --container-id vuln-lab-a1b2c
```

**๏ผš**

```
=== Container exported as a tar file ===
Image Path: rockmelodies/sqli-lab:latest
Container ID: vuln-lab-a1b2c
Container Name: vuln-lab-a1b2c
Status: running
Port Mapping:
 - 127.0.0.1:8080 โ†’ Container Port 80/TCP (HTTP)
 - 127.0.0.1:3306 โ†’ Container Port 3306/TCP (MySQL)
Access Addresses:
 - HTTP Service: http://127.0.0.1:8080
 - MySQL: mysql://127.0.0.1:3306
```

### Step 4: Push the container image to Docker Hub

```bash
python scripts.push_image.py \
 --image-name rockmelodies/sqli-lab:latest \
 --project-dir./my-vuln-lab \
 --container-id vuln-lab-a1b2c
```

**๏ผš**

```
=== Container pushed to Docker Hub ===
Image Name: rockmelodies/sqli-lab:latest
Container ID: vuln-lab-a1b2c
Container Name: vuln-lab-a1b2c
Status: deployed
Docker Hub URL: https://dockerhub.com/rockmelodies/sqli-lab
```

python scripts/export_container.py \
 --container-name vuln-lab-a1b2c3 \
 --output-dir./exports

**Output Example:**
```
=== Container Export Results ===
Container tar package path: D:/vuln-labs/exports/vuln-lab-a1b2c3-container-20260602.tar
Image tar package path: D:/vuln-labs/exports/rockmelodies_sqli-lab-image-20260602.tar
Container tar package size: 256.0MB
Image tar package size: 312.5MB
```

### Step 4: Push Image to Docker Hub
python scripts/push_image.py \
 --image-name rockmelodies/sqli-lab:latest

**Output Example:**
```
=== Image Push Results ===
Login succeeded.
Image pushed: rockmelodies/sqli-lab:latest
Push status: Pushed.
Repository address: https://hub.docker.com/r/rockmelodies/sqli-lab
```

---

## ๐Ÿ“š Script Details
### `build_and_run.py` โ€“ Build and Run
| Parameter | Required | Description |
| --- | --- | --- |
| `--project-dir` | โœ… | Project directory containing Dockerfile |
| `--image-name` | โœ… | Image name, format: `username/image-name:tag` |
| `--ports` | โœ… | Port mapping, format: `host-port:container-port`. Multiple ports separated by commas |
| `--container-name` | โŒ | Container name, automatically generated by default |
| `--env` | โŒ | Environment variables, format: `KEY=VALUE`. Multiple variables separated by commas |
| `--privileged` | โŒ | Whether to run in privileged mode, default: false |
| `--network` | โŒ | Network mode, default: bridge |
| `--volumes` | โŒ | Volumes to mount, format: `host-path:container-path`. Multiple volumes separated by commas |
| `--build-args` | โŒ | Build parameters, format: `KEY=VALUE`. Multiple parameters separated by commas |
| `--json-output` | โŒ | Output results in JSON format |

### `export_container.py` โ€“ Container Export
| Parameter | Required | Description |
| --- | --- | --- |
| `--container-name` | โœ… | Container name or ID |
| `--output-dir` | โŒ | Tar package output directory, default: `./exports` |
| `--image-name` | โŒ | Export the image (docker save) |
| `--json-output` | โŒ | Output results in JSON format |

### `push_image.py` โ€“ Image Push
| Parameter | Required | Description |
| --- | --- | --- |
| `--image-name` | โœ… | Image name, format: `username/image-name:tag` |
| `--username` | โŒ | Docker Hub username, default: `rockmelodies` |
| `--token` | โŒ | Docker Hub access token, uses built-in token by default |
| `--registry` | โŒ | Image repository address, default: `docker.io` |
| `--source-image` | โŒ | Source image name (if need to re-tag) |
| `--json-output` | โŒ | Output results in JSON format |

---

## ๐Ÿ“‹ Template Files
### Dockerfile Template
Located at `assets/Dockerfile.template`, following these guidelines:
- โœ… The base image version tag is clearly specified; `latest` is prohibited.
- โœ… Combined RUN commands to reduce image layers.
- โœ… Clean up apt cache.
- โœ… Runs as a non-root user (if allowed).
- โœ… Health check configuration.
- โœ… LABEL metadata for vulnerability information.

### docker-compose Template
Located at `assets/docker-compose.template.yml`, includes:
- Example of Web application service + database service + Redis service.
- Health check configuration.
- Network isolation.
- Data persistence.
- Initialization script mounting.

---

## ๐Ÿ”ง Supported Vulnerability Labs
| Vulnerability Type | Recommended Base Image | Typical Ports |
| --- | --- | --- |
| SQL Injection | `php:8.1-apache` | 80, 3306 |
| XSS | Any web framework | 80 |
| File Upload | `php:8.1-apache` | 80 |
| Deserialization (Java) | `openjdk:11-jdk-slim` | 80, 1099 |
| Deserialization (Python) | `python:3.10-slim` | 80 |
| SSRF | `python:3.10-slim` | 80 |
| Command Injection | `ubuntu:22.04` | 80 |
| Privilege Escalation | `ubuntu:22.04` | 22 |
| Container Escape | `ubuntu:22.04` (Privileged) | 22, 80 |

---

## โš ๏ธ Notes
- Automatically incrementally find available ports when port conflicts occur.
- Automatically log out when containers exit abnormally for easier troubleshooting.
- Automatically check if the image is correctly tagged before pushing it.
- Check if there is enough disk space before exporting the tar package.
- All scripts support the `--json-output` parameter to output structured JSON data.

---

## ๐Ÿ“„ License
This project is for use only in security research and authorized testing purposes. Users must comply with local laws. Testing systems on others without authorization is illegal. **Made with โค๏ธ for Security Research**

[source-iocs-preserved url=https://github.com,https://img.shields.io/badge/Docker-Required-2496ED.svg?logo=docker,https://img.shields.io/badge/License-MIT-yellow.svg,https://img.shields.io/badge/Python-3.8+-green.svg,https://img.shields.io/badge/Type-Copilot_Code_Skill-blue,https://www.docker.com/,https://www.python.org/ const=VULN_LAB_README]