# Socket.IO Pickle Deserialization Vulnerability Demo
# This Dockerfile creates a vulnerable Socket.IO server for security testing
FROM ubuntu:22.04

LABEL maintainer="aliraza@bluerock.io"
LABEL description="CVE-2025-61765 Socket.IO Pickle Deserialization Vulnerability Demo"

# Install system dependencies
RUN apt-get update && apt-get install -y \
    curl \
    netcat-traditional \
    redis-tools \
    python3-pip \
    && rm -rf /var/lib/apt/lists/* \
    && ln -sf /usr/bin/python3 /usr/bin/python

# Expose port 5000 for the Socket.IO server
EXPOSE 5000

COPY ./socketio_server/ /opt/socketio_server/
WORKDIR /opt/socketio_server/
RUN pip3 install --no-cache-dir -r requirements.txt

ENV PYTHONUNBUFFERED=1
ENV REDIS_HOST=redis
ENV REDIS_PORT=6379
ENV SOCKETIO_PORT=5000


ENTRYPOINT ["python3", "server.py"]