kali-linux for docker on macOS
Translated from:
macOS上使用kali-linux for docker
macOS上使用kali-linux for docker
0x0 Docker profile
Docker is an open source application container engine that lets developers package their applications and dependencies into a portable container that can then be distributed to any popular Linux machine and virtualized. Containers are completely sandboxed, with no interfaces to each other (iphone-like apps). With little performance overhead, it is easy to run on machines and data centers. Most importantly, they do not depend on any language, framework, or system.
Docker noteworthy features
File System Isolation: each process container runs in a completely separate root file system.Resource Isolation: system resources, such as CPU and memory, can be allocated to different containers using cgroup.Network Isolation: each process container runs in its own network space, virtual interfaces, and IP addresses.Logging: Docker will collect and record the standard stream (stdout/stderr/stdin) for each process container for real-time or batch retrieval.Change Management: changes to the container file system can be committed to a new image and reused to create more containers without the need for templates or manual configuration.Interactive Shell: Docker can assign a virtual terminal and associate it with standard input from any container.
In short, docker is a container for installing a system or application. It does not need to bother setting up, nor does it need to deal with one dependency after another, and it will not affect the original system. It can boldly try any system or application that it wants to install.
0x1 The Docker for Mac
Docker on macOS systems have two kinds of operation mode, reference Docker for Mac vs. Docker Toolbox :
Docker for Mac HyperKit based on lightweight macOS virtualization solutions, one can only run a VM:Docker Toolbox based on VirtualBox VM virtualization solutions, support for multiple virtual machine:
Docker for Mac and Docker Toolbox can share, but as a result of Docker Toolbox increased virtualbox overhead, so it is recommended to use more official Docker for Mac, can get the same smooth experience under Linux.
0x2 Using Docker for Mac
0x21 installation Docker for Mac
First go to the website to download Docker for Mac (registration required) installation, after installation is complete to start the app:
0x22 Using a docker
Docker app is a background service that includes docker. All functions need its support. After starting the app and logging in, the status is as follows:
Kitematic, need through the Launchpad open:
Use keywords
kali retrieval, there are more containers, but only the first kalilinux mirror is kali the official release of container. Kali official to just 1 X version, and basically an empty system (without metasploit tool etc.), all tools need to be yourself through apt - get installation. That’s why docker has so many good images, some containing metasploit, some containing w3af.
Click
CREATE download after a successful, start the container, click EXEC can pop-up kali shell:
0x3 Use the Kali Linux Docker container
0x31 Installation tools
Kali official to just empty system, all start after need
Update the source:
apt-get installation tools, such as:Update the source:
apt-get update
apt-get upgrade
Install vim:
apt-get install vim
Install nmap:
apt-get install nmap
Install metasploit,Than macOS install metasploit much simpler:
apt-get install metasploit-framework
Metasploit installed after the completion of the execution
msfconsole can use:0x32 Save the changes
Docker modified container needs to commit to save, save it will create a new image, if you do not save directly exit, will not modify the container, the benefits in a configuration, directly used later. However, it is not recommended to commit every time you use it, because every change makes the image more bloated:
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
88f6988cdb9f kalilinux/kali-linux-docker:latest "bash" 11 minutes ago Up 11 minutes kali-linux-docker
$ docker commit 88f6988cdb9f kali_01
//docker commit <container id> <new id>
After the completion of the commit can be
docker images and docker inspect kali_01 to view your saved image:$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
kali_01 latest 6721b15ccaa8 21 seconds ago 3.09GB
kalilinux/kali-linux-docker latest f26f3ae90aee 5 weeks ago 1.57GB
$ docker inspect kali_01
[
{
"Id": "sha256:6721b15ccaa81de9737554fc00f13f8fb08fe5597ce291569087b39497a5ccf4",
"RepoTags": [
"kali_01:latest"
],
"RepoDigests": [],
"Parent": "sha256:f26f3ae90aeef2c8448eadf63123a194de7417311b0808f50941bad2e61e3172",
...
Use the saved image:
$ docker run -t -i kali_01
0x4 Docker’s common command
The following common docker commands are sorted out. If you only use kali instead of system architecture and operation and maintenance, it is basically enough:
docker run -t -i <image> //Create a container with the image
docker pull image //Pull the mirror
docker images //View available images
docker ps //View the running container
docker ps -a //View all containers
docker stop <container id> //Stop the container
docker start <container id> //Start the container
docker attach <container id> //Attach the container
docker commit <container id> <new id> //Create a new image
docker rm <container id> //Remove the container
docker rmi <image name> //Remove the mirror
docker cp <containerId>:/file/path/within/container /host/path/target //Copy files from the Docker container to the host
0 评论:
发表评论