แชร์ผ่าน


Setting up Kali Linux in Docker on Windows 10

This blog is updated at https://ciberesponce.com

 

A few times now, I find myself wondering why I need a full blown VM. I like need to quickly get my tools up and running on any hardware I find myself on. Most of the time that is a fresh installed Windows 10 on my Surface Book—I like messing things up to a point of no return… what can I say?

As I illustrated the beauty of "Bash on Ubuntu on Windows" in the Azure Security Center's SQL-Injection Playbook, I realized there really must be a better way to bring Kali Linux over to Windows as well. As many know, Kali is a customized Linux distribution, based on Debian. I could, in theory, install Ubuntu and install the Kali repositories and go from there—in addition, I like to stay away from multiple repositories from multiple parties on the same packages. Possible, but a configuration nightmare to maintain and troubleshoot. Kali's official documentation seems to agree with me.

The next best thing is Containers. In the Windows world, this requires Windows 10 Anniversary Edition+. You'll be able to enable Containers, Install Docker, and pull a Kali Linux image all in 10 minutes or less (download speeds may vary ).

Installing the Containers Feature and Installing Docker

First, we must enable the "Containers" feature. Run (ctrl+r) "optionalfeatures".

And make sure this "Containers" option is checked off.

Once that completes, follow these instructions to install docker: https://docs.docker.com/docker-for-windows/install/. Grab the Stable channel Windows MSI and install it. Once you get it to install, you need to log out and log back in. NOTE: Although Docker stated it just needed a log-out/log-in, in order for the Docker service to run on my machine it required a reboot.

After logging back in, in your notifications, you should get a "Docker is starting…".

Pull Official Kali Linux Docker Image

We will be following the guidance here: https://www.kali.org/news/official-kali-linux-docker-images/

Open up your favorite command line interface (CLI). Then type "docker pull kalilinux/kali-linux-docker". This will pull the image from the Docker Store.

Now, let us enter an interactive bash session with that image by typing "docker run -t -I kalilinux/kali-linux-docker /bin/bash"

We are now in our fresh install of Kali. Since this install is meant to be the minimal, you need to grab the packages you actually care about. This helps keep the image small but does require a good Internet connection to get up and running.

Before installing any package, let's upgrade our Kali Linux and remove all packages we no longer need via "apt update && apt full-upgrade && apt auto-remove && apt-autoclean"

Installing the Metasploit Framework

Lastly, let us install the go-to package for most pentesters… Metasploit. A simple command of "apt install metasploit-framework ruby" will do the trick.

Just start up the PostgresSQL database that Metasploit uses, initialize the database, and to msfconsole we go!

Happy Hunting,

Andrew (@ciberesponce)

Comments

  • Anonymous
    September 02, 2017
    The comment has been removed
  • Anonymous
    September 02, 2017
    Why don't you just commit the container after installing metasploit? Or better yet, create an automated build on dockerhub that allows you to pull down a metasploit container whenever needed?
    • Anonymous
      September 02, 2017
      The comment has been removed
  • Anonymous
    September 02, 2017
    Could you also create a docker file to run the installs at creation of the container?
    • Anonymous
      September 05, 2017
      The comment has been removed
  • Anonymous
    September 22, 2017
    > A few times now, I find myself wondering why I need a full blown VM. You realize that you are running a full blown VM when you install Docker for Windows... The only differ is that you do not see it because its auto installed ( unless you look at the 2GB memory usage ).
    • Anonymous
      September 22, 2017
      The git-like features that Docker brings to the table in the "virtualization" world (you are absolutely correct that its a VM, in fact you can even see it in Hyper-V Admin if you enable that), are to me worth it. Of course you could argue that you can do that via snapshots and what not in Hyper-V/ESX. As for Windows vs Linux in terms of Docker implementation, how Hyper-V does VBS/containment vs LXC, I'm not expert in that but I'd certainly be curious on the security differences there.So, in summary, great point :)
  • Anonymous
    November 02, 2017
    Need help. I follow the instruction above and everything when as is listed. However, I can't make it to run. Here is the commands, I invoking, by the way is on windows 10: "docker run -t -i kalilinux/msf" and "docker run -t -i kalilinux/msf /bin/bash" none of those work. What am I missing thanks.
    • Anonymous
      March 02, 2018
      Are you getting an error message? I'd recommend you ask this question to Stack Overflow for the best audience that can help you!
  • Anonymous
    December 10, 2017
    The comment has been removed
    • Anonymous
      March 02, 2018
      Docker doesn't support GUI. There is no reason though on why you couldn't host services in there and access them via the host computer from the browser. You would just need to play with the ports and docker configuration, of course.
  • Anonymous
    December 10, 2017
    The comment has been removed
    • Anonymous
      December 11, 2017
      when you make File system changes (which you are doing with apt/apt-get), make sure you make commits back to the Docker container. If not, each time you run from the same container, the changes won't be there. What I do is make the OS-level changes I want, commit that back and each customer/test always starts from that good clean (updated and all-inclusive) docker container).
    • Anonymous
      March 02, 2018
      The comment has been removed
  • Anonymous
    December 17, 2017
    The comment has been removed
    • Anonymous
      March 02, 2018
      The comment has been removed