Installation

This guide will help you deploy the Metalware firmware fuzzer as a Docker container in your cloud environment. Follow the instructions below to choose the proper instance, set up the prerequisites, load the Docker image, run the container with the appropriate environment variables, and verify the service.

1. Pre-Deployment Requirements

Before you run the Docker container, ensure that you have completed the following steps:

Minimum System Requirements:

Memory: At least 8GB RAM
CPU: At least 2 CPU cores (performance scales vertically)

Operating System: A supported Linux distribution (e.g., Ubuntu, Amazon Linux 2) with Docker installed

Docker Installation: Ensure Docker is installed and running.

Example (Ubuntu):

bash
sudo apt-get update
sudo apt-get install -y docker.io
sudo systemctl start docker
sudo systemctl enable docker

Okta Setup: Confirm that your Okta credentials are prepared, as you’ll need to provide the following environment variables when running the container:

OKTA_ISSUER
OKTA_CLIENT_ID
OKTA_CLIENT_SECRET

Networking:

Ensure that your firewall or security groups allow traffic on the port you plan to use (default 8080 or your chosen alternative).

2. Load the Docker Image

Load the Metalware image (e.g., havoc-0.x.x.tar) into your local Docker environment:

bash
docker load -i havoc-0.x.x.tar

This command imports the image and outputs the corresponding image ID.

3. Running the Docker Container

Before running the container, double-check that Docker is running on your instance and that your Okta settings are correctly configured.

Using the Default Port (8080):

bash
docker run -e OKTA_ISSUER=<okta issuer url> \
					 -e OKTA_CLIENT_ID=<okta client id> \
					 -e OKTA_CLIENT_SECRET=<okta client secret> \
					 -p 0.0.0.0:8080:8080 havoc:latest

Mapping to an Alternative Host Port (e.g., 8082):

bash
docker run -e OKTA_ISSUER=<okta issuer url> \
					 -e OKTA_CLIENT_ID=<okta client id> \
					 -e OKTA_CLIENT_SECRET=<okta client secret> \
					 -p 0.0.0.0:8082:8080 havoc:latest

💡

If you created a custom Okta authorization server for Metalware, you can pass the audience as an environment variable to docker using -e OKTA_AUDIENCE=<okta audience>. By default, the audience is set to api://default

4. Verify That Metalware is Running

Open a browser and navigate to:

plain text
http://<host ip>:<host port>

You should now see the Okta login screen, where users can authenticate using their Okta credentials.

5. Troubleshooting & Notes

Okta API Settings: Ensure that the Okta API settings match your deployment environment.

Firewall/Security Group Rules: Verify that port forwarding and network rules allow traffic between Okta and your instance.

Authorization Server Configuration: If authentication fails, check that the Authorization Server’s audience (api://metalware/havoc) is set to the expected value.