RUN apt-get update & apt-get upgrade -y & apt-get dist-upgrade -y The easiest way to create a docker image is to start out with a dockerfile and work from it, a simple pentesting one for me starts with Kali Linux then adding additional tools. You can verify if the Docker daemon is running on your server by running below commands: service docker status Once you're all setup with docker, you can start to create & build docker images, either by running the pre-built images I've provided or create your own. Simply run the script as root, and it will do the hard work for you, downloading docker and the relevant dependencies.
If you're not as far as getting a Virtual Machine (VM) setup, you can do this pretty easily I actually did a post a few months back how to do such a thing!. In the DockerAttack repo I've helpfully included a script for Unix OSes that use APT as the package installer, the script pulls all the info needed to install docker and run it as a service: #!/bin/bashĪpt-get install -y apt-transport-https ca-certificatesĪpt-key adv -keyserver hkp://:80 \ Right, so there are about a million guides out there on how to setup Docker. Allowing you to create temporary containers of data for different purposes, an image can be deployed quicker than a bash script and can be run on top of different platforms.
It's basically a way to create mini virtual machines on the fly that contain all the tools you specify. So if you've not read the post linked above, well here's a too long didn't read on docker. What this post aims to be: My take on docker, how to setup env, run your first image, run the images in DockerAttack & how to fix/modify them.What this post isn't: Anything new, revolutionary new stuff or witchcraft.I produced a repo of images for this purpose called DockerAttack which is going to continue to grow with some bits and pieces over the next few months. Frankly if it wasn't for m0rv4i's post on how it all works, I don't think I'd have gotten into it.Īnyway here's my take on using docker for disposable attack images, basically leveraging docker images for Bug Bounties & Pentesting.
For those of you who follow me on Twitter and the Internet, you might have seen recently I've been playing around with Docker.
0 kommentar(er)
