top of page

CYBER & INFOSEC

"blogger, InfoSec specialist, super hero ... and all round good guy" 

DISCUSSIONS, CONCEPTS & TECHNOLOGIES FOR THE WORLD OF

JOIN THE DISCUSSION

Running Kali Linux on Docker

Docker is a great way of running an isolated environment for testing. A few people have been asking me is it possible to run Kali Linux in Docker. Kali is a great use case for Docker under the right circumstances. In all honesty, I have not used it often, but in general, I find Docker is well suited for Kali in circumstances where you can use all command-line tools. The first step is to download Docker.


You will need to create a Docker community username login on the docker.com website.


You can install the appropriate desktop application for your operating system.

The next step is to install the Kali Docker Image. It is important to remember that Kali’s Docker image is extremely streamlined. It contains no tools and is very bare bones. Don’t worry; we will show you how to install tools on the Kali Docker Image.

From your terminal screen: docker pull kalilinux/kali-linux-docker


This action will download and install the Docker image.

The next step will be to run the Kali Docker image by issuing the command:


docker run -t -i kalilinux/kali-linux-docker /bin/bash

The (minus) t option invokes a tty terminal (basically a reverse shell) to the image. The /bin/bash launches the bash terminal environment.

Now we are going to perform the minor updates by issuing the command:


apt-get update -y && apt-get –y

We also want to make sure we have the latest version of the Kali Docker image; we will issue the following command:


apt dist-upgrade

Whenever we use the apt-get update, upgrade, or install commands, we leave libraries for other software. We might want to clean this up for software that no longer uses those dependencies by issuing the command:


apt autoremove

Now we need to install some software on Kali.


The first thing is let’s install Metasploit:apt-get update && apt-get install metasploit-framework

We can ensure this working, by invoking the following command:


msfconsole

Kali makes it easy to install software packages because they are grouped in bundles called metapackages.


The name of these bundles can be found here: https://www.kali.org/news/kali-linux-metapackages/

Let’s assume we want to install the top ten tools package by running the command:


apt-get install kali-linux-top10


If you want all the Kali tools, you could, in theory, could install all the metapackages.Your next step (if needed) might be to add SSHserver to your Kali image A detailed explanation on installing SSH on Kali can be found here:



Change root password on Kali Docker Image


1. update-rc.d -f ssh remove

2. update-rc.d -f ssh defaults

3. rm /etc/ssh/ssh_host_*

4. dpkg-reconfigure openssh-server

5. Next edit the /etc/ssh/sshd_conig file to permit root access login

6. Add the line PermitRootLogin yes under the Authentication section

7. Restart the SSH server service ssh restart

8. Auto start SSH update-rc.d -f ssh enable 2 3 4 5

One last step in getting started, you might want to make a copy of your Docker container. You can do this from the command line by issuing the “docker commit container_id new_container_name command.


Go back to your command line (leave Kali)

1. Issue the docker ps –a to see all active and inactive images

My Kali container ID for Kali is: 9b990aaa5f2a

I will now issue the command:


docker commit 9b990aaa5f2a my-custom-kali


to create a new container

You can see you now have an additional container created. You now are on your way to dockering around with Kali Linux!

doctorchaos.com and drchaos.com is a blog dedicated to Cyber Counter Intelligence and Cybersecurity technologies. The posts will be a discussion of concepts and technologies that make up emerging threats and techniques related to Cyber Defense. Sometimes we get a little off-topic. Articles are gathered or written by cyber security professionals, leading OEMs, and enthusiasts from all over the world to bring an in-depth, real-world, look at Cyber Security. About this blog doctorchaos.com and drchaos.com and any affiliate website does not represent or endorse the accuracy or reliability of any information’s, content or advertisements contained on, distributed through, or linked, downloaded or accessed from any of the services contained on this website, nor the quality of any products, information’s or any other material displayed, purchased, or obtained by you as a result of an advertisement or any other information’s or offer in or in connection with the services herein. Everything on this blog is based on personal opinion and should be interoperated as such. Contact Info If you would like to contact this blog, you may do so by emailing ALAKHANI(AT)YMAIL(DOT)COM  

SOCIALS 

SUBSCRIBE 

Keeping you informed | Latest News

© 2018 Dr. Chaos 

bottom of page