What is Docker?
Docker is a container platform that is similar to a Hypervisor like Virtualbox. Docker uses less storage and RAM and are portable.
Docker can run on: - Linux - Windows - Mac OS
In this article I will go over how to set up a penetration testing lab entirely in docker
It will consist of two types of containers.
- Attacker Machine
- Target Machine
Installation on Linux
The Convenience Script
Update: You can install Docker quickly and non interactively when you use the convenience scripts provided by Docker at get.docker.com
Installation is then done by :
curl -fsSL https://get.docker.com -o get-docker.sh sh get-docker.sh
Debian based distros
Anything that uses
apt to install software is Debian based.
Find a complete list here
To install on Ubuntu :
$ sudo apt install docker.io
Docker on Windows
To run docker in windows, install Docker desktop.
Docker Desktop is an awesome app with a graphical interface. It can run Linux containers from windows. However, there's one major deal-breaker.
Docker Desktop cannot co-exist with VirtualBox or VMware, because it requires Hyper-V to run Linux containers😤1.
Hyper-V is Microsoft's hardware virtualization product
As a workaround. * Use Docker Toolbox 👨💻 * Learn Hyper-V 📚 * Install Linux 🤷♀️
This is also the same reason WSL cannot co-exist with VMware/Virtualbox.
Now I'm starting to see why people hate Microsoft. They lock users to their ecosystem.
After you have installed docker, run this command as a test
$ sudo docker run hello-world
If it completes successfully, you can follow along
The network will be called
vulnerable. It will have a 10.0.0/24 subnet
Create it with this command
$ sudo docker network create vulnerable --attachable --subnet 10.0.0.0/24
For this, I will use Parrot OS. It's docker images are better Kali Linux Images.
First download the Parrot OS Docker image. This command will take a while depending on your internet connection.
$ docker pull parrotsec/security:latest
Create and run the container .
sudo docker run \ --name parrot \ -it \ --hostname parrot \ --network vulnerable \ --ip="10.0.0.2" \ --env DISPLAY=$DISPLAY \ -v /dev/shm:/dev/shm \ --device /dev/snd \ --device /dev/dri \ --mount type=bind,src=/tmp/.X11-unix,dst=/tmp/.X11-unix \ parrotsec/security:latest \ /bin/bash
All tools available in Parrot OS are now an
Use this command to restart the parrot OS container after a reboot.
$ sudo docker start -a parrot
This is a very vulnerable test machine. It is what I recommend for anyone starting out.
Open another terminal and pull the metasploitable image. The image is around 500MB.
$ docker pull tleemcjr/metasploitable2
To run a metasploitable container:
docker run \ -it \ --network vulnerable \ --ip="10.0.0.3" \ --name metasploitable \ --hostname metasploitable2 \ tleemcjr/metasploitable2 \ bash
You should see a terminal prompt like this
Start the vulnerable services
[email protected]:/# services.sh
You can now access metasploitable from 10.0.0.3
If you want to stop the container, close the terminal with
CTRL + D
Run this command to start metasploitable again
$ sudo docker start -a parrot
Then start the vulnerable services.
[email protected]:/# services.sh
Guides & Tutorials
There are tons of free guides out there on metasploitable.
- The Easiest Metasploit Guide You’ll Ever Read
- Metasploit Unleashed
- Metasploitable 2 Exploitability Guide
- Youtube Tutorials
If you don't know what guide to use, I recommend this one.
More vulnerable containers 🧑💻
You can extend the lab with any of these containers depending on your learning goal.
This container focusses on web application security.
To create and start the juiceshop container for the first time
docker run -d \ --name juiceshop \ --network vulnerable \ --ip="10.0.0.6" \ bkimminich/juice-shop
Check if it is running
$ docker ps
Access the web interface from this URL
Stop the container when you're done
docker stop juiceshop
Start the container again
docker start juiceshop
OWASP Webgoat 🐐
Webgoat is a ctf-style vulnerable container focused on web application security.
Create and run the container for the first time
docker run -d \ --name webgoat \ --network vulnerable \ --ip="10.0.0.4" \ -e TZ=$(cat /etc/timezone) \ webgoat/goatandwolf
Access Webgoat and Webwolf from these URLs
To stop the container
docker stop webgoat
To Start the container again.
docker start webgoat
If you can't access the url, check if it is running.
$ docker ps -a
Why I use docker for a pentest lab
Two Operating systems make my computer painfully slow. Containers aren't resource-intensive and perform well. This fits my use case.
If you have RAM to spare then it's really not that much of a difference.
When not to use Docker
If you want to run Windows containers from a linux host, you are out of luck. You can run linux containers on Windows though
Common Docker Commands
Stop a container:
$ sudo docker stop containerName
Start a container
$ sudo docker start containerName
List running and stopped containers
$ sudo docker ps -a
Spawn a bash shell in a running container
$ sudo docker exec -it containerName bash
Docker has tab completion for each of these commands.
Graphical apps inside docker
Sometimes you may want to run a GUI tool like firefox or burpsuite.
The Parrot OS commands above are already set for running graphical apps. You only need to install these packages
$ apt install hicolor-icon-theme \ libcanberra-gtk* libgl1-mesa-dri \ libgl1-mesa-glx libpangox-1.0-0 \ libpulse0 libv4l-0 fonts-symbola \
You can run a few commands to avoid some errors encountered when running GUI apps
Burp Suite is a web app pentesting tool for monitoring http requests and responses.
To install and run burpsuite inside the parrot os container.
# sudo apt update # sudo apt install burpsuite # java -jar -Xmx2G /usr/bin/burpsuite
You can then point your browser to use
10.0.0.2:8080 as the proxy and burp will intercept everything
Firefox, is a free and open-source web browser.
To install and run firefox:
$ apt install firefox ca-certificates
- Illustrations from Freepik
This was originaly posted on my blog at ianmuchina.com
Jess Frazelle has written an awesome blog post with details on running graphical apps inside Docker containers. She's also given this awesome Talk/Demo on running various applications and retro games inside docker containers.
Docker requires a Linux kernel to run Linux containers on Windows. Docker accomplishes this by running a Linux Virtual Machine inside Hyper-V. This is still more resource-efficient than full VM's. Plus there's the added benefit of running both Windows and Linux containers. This is not possible on Linux ↩