Docker is the world's leading software containerization platform. Using Docker we can create different environments for each Pentest type. With the use of containers, you can save each environment on a USB stick or leave it in the cloud. For exemple, you can use the environment in the cloud or copy to any computer or laptop, regardless of distribution. You need only install Docker, if it is not installed.
Live CD x Containers
Already there are several distributions for PenTest, all in Live CD, but the LiveCD requires a greater effort; you have to create a flash drive or bootable CD or even create a VirtualBox installation, for example.
When we use containers the only thing we need to do is to install Docker, which is simple and easy and then we use the image created by putting it on a stick, in repository files or using the Docker HUB, saving time and providing portability.
What is Docker?
Docker is an open source technology that lets you create, run, test, and deploy distributed applications within software containers. Docker allows you to deploy applications quickly, reliably and stably in any environment.
Why use Docker?
Because the containers are portable, convenient and fast. With Docker, we can create an image and use it as the basis for each environment we create. For example, we download the basic container Kali Linux, which does not come with the tools installed. Let's see that from this basic container, can go installing the tools I need and then save with a new name, without the original container, to be, affected.
Thus being able, from the base image, create a container with tools for forensics, a container with tools to PenTest web, for example.
Tools for web PenTest
For our container, we use some familiar tools but for this article we will cover only tools used via the console.
The installation of Docker will depend largely on OS you are using, but nowadays we can find it using the official repository for the larger distributions.
For our article, I will use OpenSuse.
[email protected] ~ sudo zypper se docker
S | Nome | Resumo | Tipo
| docker | The Linux container runtime | pacote
[email protected] ~ sudo zypper in docker
Once installed, you must enable and start the service
[email protected] ~ sudo systemctl enable docker
[email protected] ~ sudo systemctl start docker
[email protected] ~ sudo docker info
Server Version: 1.11.2
Storage Driver: btrfs
Build Version: Btrfs v4.5.3+20160516
Docker Root Dir: /var/lib/docker
Debug mode (client): false
Debug mode (server): false
WARNING: No swap limit support
The staff of offsec, a Kali distributor, has an official image in HUB Docker and this further facilitates our task.
Using the command sudo docker search Kali, we list the images that are in Docker HUB, but let's take the first one, which is recommended by the staff of offsec
[email protected] ~ sudo docker search kali
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
kalilinux/kali-linux-docker Kali Linux Rolling Distribution Base Image 193 [OK]
Let's do the pull image for our machine, This step depends on the internet connection.
[email protected] ~ sudo docker pull kalilinux/kali-linux-docker
Using default tag: latest
latest: Pulling from kalilinux/kali-linux-docker
b2860afd831e: Pull complete
340395ad18db: Pull complete
d4ecedcfaa73: Pull complete
3f96326089c0: Pull complete
e5b4b7133863: Pull complete
Status: Downloaded newer image for kalilinux/kali-linux-docker:latest
[email protected] ~ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
kalilinux/kali-linux-docker latest f321257d50f7 6 days ago 602.4 MB
To start the container, we can use the command:
[email protected] ~ sudo docker run --name WebPentest -t -d kalilinux/kali-linux-docker
[email protected] ~ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a5fb073e53c8 kalilinux/kali-linux-docker "/bin/bash" 10 seconds ago Up 8 seconds WebPentest
To perform the installation, we can make it out of the container, but I will show how to access the container and run like we're in a VM. The following command gives us access to the container shell.
[email protected] ~ sudo docker exec -it WebPentest bash
After accessing the shell, we will update the container and install the tools that we use in our Web Penetration Test and install tools.
[email protected]:/# apt-get update
[email protected]:/# apt-get upgrade
[email protected]:/# apt-get install websploit w3af-console arachni nikto sqlmap websploit nmap
Once the installation is completed, you can execute commands normally inside the container.
[email protected]:/# nmap localhost
Starting Nmap 7.12 ( https://nmap.org ) at 2016-06-30 09:09 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000010s latency).
Other addresses for localhost (not scanned): ::1
All 1000 scanned ports on localhost (127.0.0.1) are closed
Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
Or run outside of container.
*Once you’ve completed those instructions you can disconnect, or detach, from the shell without exiting by using the escape sequence Ctrl-p + Ctrl-q
[email protected] ~ sudo docker exec -it WebPentest nikto
- Nikto v2.1.6
+ ERROR: No host specified
-config+ Use this config file
+ requires a value
Note: This is the short help output. Use -H for full help text.
To save the changes made and save the image, use the commit
[email protected] ~ sudo docker commit -a "Junior Carreiro" -m "Install Web Pentest Tools" WebPentest
With the use of Docker containers, we can create the PenTest environments or audits according to our need, leaving separated by categories. We can also deliver the container that is used in a PenTest as part of the evidence that is presented to a customer or deliver the container to the customer to do an audit.
About the author: Júnior Carreiro
Member of DC-Labs Security Team