Docker kali linux image

TL;DR

I’m sure you have already been in the same situation than me. You’re working at a client’s office for a penetration test, a tight time slot for your tests, no downtime. You arrive a little late in the morning (thanks to the strikes) and your virtual machine containing all your tools doesn’t want to start (I knew I shouldn’t have play with my bootloader yesterday night tss).

No choice, you have to reinstall this machine. And rapidly !

Ho God finished ! Why dit it takes so long to install a s***y debian ??

F** why is it so long to boot ? And this dekstop pfff. Why there is no i3 default desktop .

kali@tools:~$ crackmapexec bash: crackmapexec: command not found 

FFF*** why CrackMapExec is not installed by default ??

STOP ! If you’ve already been is this situation before, this article is for you 😉 Have you ever heard of Docker ? Yes I hope ! Docker provides applications through containerisation technology. It’s a really mainstream and usefull technology.

I will not describe here how docker works, the docs is already very good : https://docs.docker.com/engine/docker-overview/

I think you’ve got it, we’re going to use Docker for our offensive use. So I wrote a small Dockerfile and docker-compose file to build a light kali image with usefull tools. Project : https://github.com/thibaudrobin/docker-kali-light. Let’s go into a little bit of detail.

1. Install docker

First you need to install Docker obviously. The documentation is really clear.

For Linux

For Windows :

1. Open the official documentation : https://docs.docker.com/docker-for-windows/install
2. Grab account credentials on BugMeNot : http://bugmenot.com/view/id.docker.com
3. Go to https://hub.docker.com/?overlay=onboarding to download Docker client.
4. Install Hyper-V : https://docs.microsoft.com/fr-fr/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v
   • Open a PowerShell console as an administrator.
   • Type command : Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All

Warning : Warning, unfortunately it’s not possible to have Hyper-V with VMware or Virtualbox :'(. You will have to choose one of three systems.

2. Create a nice Dockerfile

Ok now that you have Docker, we can build our own Kali image. All the images are available online (https://www.kali.org/news/official-kali-linux-docker-images/) but none of them are really interresting. Below are all the tools I need :

aircrack-ng crackmapexec crunch curl dirb dirbuster dnsenum dnsrecon dnsutils dos2unix enum4linux exploitdb ftp git gobuster hashcat hping3 hydra impacket-scripts john joomscan masscan metasploit-framework mimikatz nasm ncat netcat-traditional nikto nmap patator php powersploit proxychains python-impacket python-pip python2 python3 recon-ng responder samba samdump2 smbclient smbmap snmp socat sqlmap sslscan sslstrip theharvester vim wafw00f weevely wfuzz whois wordlists wpscan 

If you check Kali metapackages (https://tools.kali.org/kali-metapackages), you will always see packages with too much tools or not enough. The kali-light metapackage is a real joke (there is 0 offensive tools wtf). Let’s build a REAL kali-light image without burp, firefox and all other useless tools in docker.

# Dockerfile kali-light # Official base image FROM kalilinux/kali-rolling # Apt RUN apt -y update && apt -y upgrade && apt -y autoremove && apt clean # Tools RUN apt install aircrack-ng crackmapexec crunch curl dirb dirbuster dnsenum dnsrecon dnsutils dos2unix enum4linux exploitdb ftp git gobuster hashcat hping3 hydra impacket-scripts john joomscan masscan metasploit-framework mimikatz nasm ncat netcat-traditional nikto nmap patator php powersploit proxychains python-impacket python-pip python2 python3 recon-ng responder samba samdump2 smbclient smbmap snmp socat sqlmap sslscan sslstrip theharvester vim wafw00f weevely wfuzz whois wordlists wpscan -y --no-install-recommends # Alias RUN echo "alias l='ls -al'" >> /root/.bashrc RUN echo "alias nse='ls /usr/share/nmap/scripts | grep '" >> /root/.bashrc RUN echo "alias scan-range='nmap -T5 -n -sn'" >> /root/.bashrc RUN echo "alias http-server='python3 -m http.server 8080'" >> /root/.bashrc RUN echo "alias php-server='php -S 127.0.0.1:8080 -t .'" >> /root/.bashrc RUN echo "alias ftp-server='python -m pyftpdlib -u \"admin\" -P \"S3cur3d_Ftp_3rv3r\" -p 2121'" >> /root/.bashrc # Set working directory to /root WORKDIR /root # Open shell CMD ["/bin/bash"] 

3. Build your new image

You can now create the image with command : docker build -t kali-light .

[th1b4ud@th1b4ud-pc ~]$ mkdir kali-light [th1b4ud@th1b4ud-pc ~]$ cd kali-light/ [th1b4ud@th1b4ud-pc kali-light]$ docker build -t kali-light . Sending build context to Docker daemon 3.072kB Step 1/11 : FROM kalilinux/kali-rolling ---> b379e18689e6 Step 2/11 : RUN apt -y update && apt -y upgrade && apt -y autoremove && apt clean ---> Running in 0abf61ba9ad5 [. ] Need to get 611 MB of archives. Step 11/11 : CMD ["/bin/bash"] ---> Running in 97bf4e6e2db5 Removing intermediate container 97bf4e6e2db5 ---> e38e1334fdca Successfully built e38e1334fdca Successfully tagged kali-light:latest 

As you can see, our new image has only 500MB of tools to download. It should download quickly. 😀

4. Write Docker compose file

Now that we have built our new image, we can write a Docker compose file to facilitate container deployment. This will allow us to, for example, create a container with a directory shared with our host. In our case, we will share /mnt/share-kali-light from our host to /share directory in containers.

version: '3' services: kali-light: image: "kali-light" volumes: - /mnt/share-kali-light:/share 

5. Create containers

We can now deploy containers with the docker-compose command. First install it.

[th1b4ud@th1b4ud-pc kali-light]$ pip install docker-compose --user Collecting docker-compose 

And always in working directory launch docker-compose.

[th1b4ud@th1b4ud-pc kali-light]$ sudo mkdir /mnt/share-kali-light [th1b4ud@th1b4ud-pc kali-light]$ docker-compose run kali-light root@08cb02395204:~# l total 16 drwx------ 1 root root 4096 Jan 26 04:20 . drwxr-xr-x 1 root root 4096 Feb 8 15:09 .. -rw-r--r-- 1 root root 844 Feb 8 01:36 .bashrc -rw-r--r-- 1 root root 148 Jan 17 17:22 .profile 

We can verify that we have our shared directory.

[th1b4ud@th1b4ud-pc kali-light]$ echo "OK" > /mnt/share-kali-light/OK root@08cb02395204:~# l /share/; cat /share/OK total 12 drwxr-xr-x 2 1000 1000 4096 Feb 8 15:13 . drwxr-xr-x 1 root root 4096 Feb 8 15:09 .. -rw-r--r-- 1 1000 1000 3 Feb 8 15:12 OK OK 

By exiting the container with the command ‘exit’ we can see that it is still present. We can easily remove it with the docker container rm command.

[th1b4ud@th1b4ud-pc kali-light]$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 08cb02395204 kali-light "/bin/bash" 4 minutes ago Exited (0) 4 seconds ago kali-light_kali-light_run_9e9e44eb9410 [th1b4ud@th1b4ud-pc kali-light]$ docker container rm 08 08 [th1b4ud@th1b4ud-pc kali-light]$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 

We can also launch container from others directory.

[th1b4ud@th1b4ud-pc ~]$ docker-compose -f /home/th1b4ud/kali-light/docker-compose.yml run kali-light root@07a9e76dfb70:~# 

6. Create some alias

Usefull alias for your .bashrc. Don’t forget to change the location of the project !

echo "alias kali='docker-compose -f $HOME/kali-light/docker-compose.yml run kali-light'" >> .bashrc && source .bashrc 

Источник

Docker kali linux image

To use the Kali Linux Docker image, we will do the following commands:

[email protected]:~$ docker pull docker.io/kalilinux/kali-rolling [email protected]:~$ [email protected]:~$ docker run --tty --interactive kalilinux/kali-rolling ┌──(root㉿e4ae79503654)-[/] └─# ┌──(root㉿e4ae79503654)-[/] └─# exit [email protected]:~$ 

Please note, that this does not allow for systemd functionality, which would allow access to items such as systemctl . There are ways to get systemd to work with Docker, however they include modifying the Dockerfile and docker run flags. At this time this will not be covered.

Please also note, all the images below do not come with the “default” metapackage. You will need to apt update && apt -y install kali-linux-headless .

To resume an exited container we will complete the following:

[email protected]:~$ docker container list --all CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d36922fa21e8 kalilinux/kali-rolling "/bin/bash" 2 minutes ago Exited (0) About a minute ago lucid_heyrovsky [email protected]:~$ [email protected]:~$ docker start d36922fa21e8 [email protected]:~$ 

After you execute the following command you will attach to the Docker container, however you must press return once to fully see the prompt:

[email protected]:~$ docker attach d36922fa21e8 ┌──(root㉿d36922fa21e8)-[/] └─# 

This will resume the container in whatever state you left it after running the initial docker run command or the last docker start and docker attach sequence.

Finally, if you’re done with the container you can remove it with the following command:

[email protected]:~$ docker rm d36922fa21e8 d36922fa21e8 [email protected]:~$ 

Updated on: 2023-Mar-06
Author: gamb1t

Источник

Official Kali Linux Docker Images Released

Last week we received an email from a fellow penetration tester, requesting official Kali Linux Docker images that he could use for his work. We bootstrapped a minimal Kali Linux 1.1.0a base and registered it under our Kali Linux Docker account. A few minutes later, said fellow pentester was up and running with Metasploit and the Top 10 Kali Linux tools on his Macbook Pro.

Docker is Awesome

The more we started looking into Docker and all of its features, the more we realized the endless possibilities of this technology — from helping us in our own internal Kali beta testing, to furthering the reach of Kali to foreign distributions and esoteric operating systems. The fact that you can run Docker on pretty much every operating system under the sun makes this feature extra sexy. The beauty in this process is that Kali is placed in a nice, neat container without polluting your guest filesystem. With this in place, you have full access to all the Kali packages on any and all systems that run Docker — which ends up being quite an expansive list.

Kali Docker Image Running on Fedora 21 and OSX 10.10 Guests

Figuring out how to use Docker was simple enough. This tutorial does a great job of getting you up and running and showing you the ropes.

Setting up a Kali Linux Docker Image

Obviously, to get this running, you need to install Docker. For Docker on OSX you can use brew, while for most other distributions, you can install it using your local package manager. Once installed and set up, it’s just a matter of pulling our image from the Docker repository:

[email protected]:~$ docker pull kalilinux/kali-rolling [email protected]:~$ docker run -t -i kalilinux/kali-rolling /bin/bash [email protected]:/# apt-get update && apt-get install metasploit-framework 

Building Your Own Kali Linux Docker Image

If you want to build your own Kali images rather than use our pre-made ones, we’ve made it easy with the following script hosted on Kali Linux Docker on GitHub. These images are best built on a Linux system or any other OS that can debootstrap:

 kali-debootstrap &&\ sudo debootstrap kali ./kali-root http://http.kali.org/kali ./kali-debootstrap &&\ # Import the Kali image into Docker sudo tar -C kali-root -c . | sudo docker import - kalilinux/kali &&\ sudo rm -rf ./kali-root &&\ # Test the Kali Docker Image docker run -t -i kalilinux/kali cat /etc/debian_version &&\ echo "Build OK" || echo "Build failed!" 

Have fun with your Kali Docker images!

Источник