• LOGIN
  • No products in the cart.

How to prepare and use Docker for web pentest by Júnior Carreiro

Introduction

Docker is the world’s leading software containerization platform. Using Docker we can create different environments for each Pentest type. With the use of containers, you can save each environment on a USB stick or leave it in the cloud. For exemple, you can use the environment in the cloud or copy to any computer or laptop, regardless of distribution. You need only install Docker, if it is not installed.

Live CD x Containers

Already there are several distributions for PenTest, all in Live CD, but the LiveCD requires a greater effort; you have to create a flash drive or bootable CD or even create a VirtualBox installation, for example.

When we use containers the only thing we need to do is to install Docker, which is simple and easy and then we use the image created by putting it on a stick, in repository files or using the Docker HUB, saving time and providing portability.

What is Docker?

Docker is an open source technology that lets you create, run, test, and deploy distributed applications within software containers. Docker allows you to deploy applications quickly, reliably and stably in any environment.

Why use Docker?

Because the containers are portable, convenient and fast. With Docker, we can create an image and use it as the basis for each environment we create. For example, we download the basic container Kali Linux, which does not come with the tools installed. Let’s see that from this basic container, can go installing the tools I need and then save with a new name, without the original container, to be, affected.

Thus being able, from the base image, create a container with tools for forensics, a container with tools to PenTest web, for example.

Tools for web PenTest

For our container, we use some familiar tools but for this article we will cover only tools used via the console.

  • W3af-console

  • SQLMap

  • Arachni

  • Nikto

  • Websploit

  • Nmap

Installation

The installation of Docker will depend largely on OS you are using, but nowadays we can find it using the official repository for the larger distributions.

For our article, I will use OpenSuse.

[email protected] ~ sudo zypper se docker

S | Nome | Resumo | Tipo

–+——————————+————————————————————–+————-

| docker | The Linux container runtime | pacote

[email protected] ~ sudo zypper in docker

Once installed, you must enable and start the service

[email protected] ~ sudo systemctl enable docker

[email protected] ~ sudo systemctl start docker

[email protected] ~ sudo docker info

Containers: 0

Running: 0

Paused: 0

Stopped: 0

Images: 0

Server Version: 1.11.2

Storage Driver: btrfs

Build Version: Btrfs v4.5.3+20160516

…….

Docker Root Dir: /var/lib/docker

Debug mode (client): false

Debug mode (server): false

Registry: https://index.docker.io/v1/

WARNING: No swap limit support

Container installation

The staff of offsec, a Kali distributor, has an official image in HUB Docker and this further facilitates our task.

Using the command sudo docker search Kali, we list the images that are in Docker HUB, but let’s take the first one, which is recommended by the staff of offsec

[email protected] ~ sudo docker search kali

NAME DESCRIPTION STARS OFFICIAL AUTOMATED

kalilinux/kali-linux-docker Kali Linux Rolling Distribution Base Image 193 [OK]

Let’s do the pull image for our machine, This step depends on the internet connection.

[email protected] ~ sudo docker pull kalilinux/kali-linux-docker

Using default tag: latest

latest: Pulling from kalilinux/kali-linux-docker

b2860afd831e: Pull complete

340395ad18db: Pull complete

d4ecedcfaa73: Pull complete

3f96326089c0: Pull complete

e5b4b7133863: Pull complete

Digest: sha256:0aa8342172aacbe79957f66e7029c1fb38e14765bf35eff30624f90cb813a56f

Status: Downloaded newer image for kalilinux/kali-linux-docker:latest

[email protected] ~ sudo docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

kalilinux/kali-linux-docker latest f321257d50f7 6 days ago 602.4 MB

To start the container, we can use the command:

[email protected] ~ sudo docker run –name WebPentest -t -d kalilinux/kali-linux-docker

[email protected] ~ sudo docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

a5fb073e53c8 kalilinux/kali-linux-docker “/bin/bash” 10 seconds ago Up 8 seconds WebPentest

Tools Installation

To perform the installation, we can make it out of the container, but I will show how to access the container and run like we’re in a VM. The following command gives us access to the container shell.

[email protected] ~ sudo docker exec -it WebPentest bash

[email protected]fb073e53c8:/#

After accessing the shell, we will update the container and install the tools that we use in our Web Penetration Test and install tools.

[email protected]:/# apt-get update

[email protected]:/# apt-get upgrade

[email protected]:/# apt-get install websploit w3af-console arachni nikto sqlmap websploit nmap

Once the installation is completed, you can execute commands normally inside the container.

[email protected]:/# nmap localhost

Starting Nmap 7.12 ( https://nmap.org ) at 2016-06-30 09:09 UTC

Nmap scan report for localhost (127.0.0.1)

Host is up (0.000010s latency).

Other addresses for localhost (not scanned): ::1

All 1000 scanned ports on localhost (127.0.0.1) are closed

Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds

Or run outside of container.

*Once you’ve completed those instructions you can disconnect, or detach, from the shell without exiting by using the escape sequence Ctrl-p + Ctrl-q

[email protected] ~ sudo docker exec -it WebPentest nikto

– Nikto v2.1.6

—————————————————————————

+ ERROR: No host specified

-config+ Use this config file

…….

+ requires a value

Note: This is the short help output. Use -H for full help text.

To save the changes made and save the image, use the commit

[email protected] ~ sudo docker commit -a “Junior Carreiro” -m “Install Web Pentest Tools” WebPentest

Conclusion

With the use of Docker containers, we can create the PenTest environments or audits according to our need, leaving separated by categories. We can also deliver the container that is used in a PenTest as part of the evidence that is presented to a customer or deliver the container to the customer to do an audit.

 

 

About the author: Júnior Carreiro

Member of DC-Labs Security Team

Founder BlackTieSecurity

https://br.linkedin.com/in/juniorcarreiro

https://twitter.com/_0x4a0x72

July 4, 2016

Leave a Reply

Be the First to Comment!

Notify of
avatar
wpDiscuz

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013