The preferred choice for millions of developers that are building containerized apps. Docker Desktop is a tool for MacOS and Windows machines for the building and sharing of containerized applications and microservices. Access Docker Desktop and follow the guided onboarding to build your first containerized application in minutes. Running kali linux on docker docker pull kalilinux/kali-linux-docker docker run -ti kalilinux/kali-linux-docker docker ps -a docker stop docker start docker attach Sign up for free to join this conversation on GitHub. Already have an account? Kali Linux It provides a Kali Linux container with the latest full metapackage pre-installed ready to work! Integrated with docker-compose and standalone builds Be patient, this will install all Kali tools (just for the first install, at image generation time).
- Title(CN): 在Docker中运行Kali Linux并安装桌面环境及VNC
- Title(JP): Dockerを使ってKali Linux及びデスクトップ環境とVNC環境を構築
- Author: dog2
- Environment:Mac OS(Windows)
- Needs ➡ HOWTO
- run Kali Linux in docker ➡ using kali linux official docker image
- install Kali Desktop Environment and VNC service for kali so it can be accessed from the host machine
- ➡ choose one kali desktop env from e17/gnome/i3/kde/lxde/mate/xfce and install
- ➡ installing vnc server
tightvncserver
- it's better to access VNC without installing VNC client
- ➡ on
Mac OS
, the pre-installed appScreen Sharing
can be used as a VNC client - ➡ use novnc so that we can use browser as an VNC client
- ➡ on
- pull docker image
- run container
notice that if your host OS is Linux, you can as well use the host network mode of docker
--network host
instead of the port mapping above, it will not only become simple in next steps but also be useful to optimize performance.It is sad that host network mode can not work on Windows and Mac according to docker doc:
The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
- go into container
- update
kalilinux/kali-bleeding-edge
is a small size image, so there is nothing in it but some essential linux components. You should install all the kali pentest tools by your self. As written in here, the available installations are(the New
column):Old | New | Notes |
---|---|---|
kali-linux-full | kali-linux-large | Our previous default tools for AMD64/i386 images |
kali-linux-all | kali-linux-everything | Every metapackage and tool listed here |
kali-linux-top10 | kali-tools-top10 | The most commonly used tools |
kali-desktop-live | kali-desktop-live (same) | Used during a live session when booted from the image |
I chose
kali-linux-everything
:and it took me 4 hours to finish it and the container size came out to be 15GB+ ?
As written in here, the available Desktop Environment are
Old | New | Notes |
---|---|---|
kali-desktop-common | kali-desktop-core | Any key tools required for a GUI image |
new | kali-desktop-e17 | Enlightenment (WM) |
kali-desktop-gnome | kali-desktop-gnome (same) | GNOME (DE) |
new | kali-desktop-i3 | i3 (WM) |
kali-desktop-kde | kali-desktop-kde (same) | KDE (DE) |
kali-desktop-lxde | kali-desktop-lxde (same) | LXDE (WM) |
new | kali-desktop-mate | MATE (DE) |
kali-desktop-xfce | kali-desktop-xfce (same) | XFCE (WM) |
old version of offical kali image used
kali-desktop-gnome
as default desktop env, but the newests version has changed into kali-desktop-xfce
, its has smaller size and is friendly to low-cost machines.so I ran
old version of kali might use
vnc4server
as vncserver but it has gone in the new kali, now through apt install we have no choice but tightvncserver
.run
vncpasswd
for the first time to initiate your VNC passwordthen run the vncserver, before it you need to set bash environment variable
the default port of vnc server is
5900
, note that my mac is host machine so that the port is 25900
, which was mapped when ran docker run
command at the beginning. The password was the one you set when running vncpasswd
.so now I can access it from my mac through
Screen Sharing
, you can try with your VNC client to connect to 127.0.0.1:25900
, you will got ittunnel vncserver on port
5900
into WebSockets vpc server on port 5901
then access http://127.0.0.1:25901/vnc.html through your browser and your will get into noVNC, and setting the WebSocket
Host
to 127.0.0.1
and Port
to 25901
so that we can connect to VNC server. The password was the one you set when running vncpasswd
.- How To Install and Access TightVNC Remote Desktop In Linux
- Major Metapackage Makeover
- Kali In The Browser (noVNC)
- 当 Kali 遇见 Docker
- 【备忘录】树莓派安装Kali Linux并安装VNC
- Dockerを使ってKali Linuxの環境を構築した時のメモ
Like most people I have been running an instance of Kali in a virtual machine. I am typically on my Surface Pro 4 using Windows 10 and using VMWare Workstation. This workflow has been working fine for sometime now, however I have been wanting something that is a bit more natural, quick and easy to use. Sometimes when you need to quickly spin up a tool in can be cumbersome to have to boot up the full VM to get it running.
Recently I have found Docker as a way to containerise a Kali instance. Spinning up a Docker Container is extremely quick and can provide you instance access to all your tools inside a command prompt of your host operating system. This post will take you through setting up and configuring an instance of Kali Linux in Docker on Windows 10.
Installing Docker for Windows.
On Windows 10 (Anniversary Edition), you will firstly need to enable the use of containers. Using, Win + r, enter ‘optionalfeatures’ to access the ‘Turn Windows Features on or off’ prompt. Tick the box next to Containers and then click ‘Ok’.Browse to Dockers home page and download the Docker for Windows Community Edition.After Downloading, follow the bouncing ball to install Docker. It will see you need to log out of your account and back in, and you will need to make sure you are an administrator to make sure the installation goes smoothly.
Running Docker
When you run docker for the first time, if you do not have Hyper-V enabled it will ask you to turn it on. For those that are also running VMWare Workstation or VirtualBox this will mean that these Virtual Machine applications will not run. This is one downside to running Docker, however, you can turn Hyper-V off, reboot and then run your Virtual Machine software as normal (when you go to run Docker again, it will again prompt you to turn back on Hyper-V).
Installing Kali
Now that docker is running, open up your prefered command prompt (cmd.exe, PowerShell, I am using Cmder which is great!) and run the following command:
This will download the offical Kali Linux Docker image to your computer. Once downloaded you can run the container with the following command:
The ‘-it’ option allows you to open an interactive session with the container.
You will now be presented with the command prompt of your Kali instance.
![Kali docker windows Kali docker windows](https://www.kali.org/wp-content/uploads/2015/05/kali-linux-docker-images-798x284.png)
Installing Tools
The kali instance you download has no tools installed at all. This allows you to full customise the Kali instance to contain as many tools as you want/need. The first thing to do, is to update the repositories, upgrade whats there and remove what we dont need:
You have a number of options for installing Tools. You can install the individual tools that you need yourself. Or you can install Kali’s meta-packages. These packages allow you to install the tools within Kali in customised packages for specific purposes. If you are not sure, the best option is to simply install the kali-linux-full package as it contains all the tools you would get if you downloaded and installed the .iso for Kali. To do this run the following:
Now, there are other options to install the Kali tools such as the Katoolin script, however, using the offical Kali docker image with the metapackages gives you the extra ‘goodies’ that Kali has other than just the tools. This includes all the things you find in /usr/share/ such as wordlists, password files, directory brute forcing files, Webshells etc, etc..
Committing the Image
Now you can exit your container by simplying type ‘exit’. To view your active container type:
Now, we can re-enter our container by typing:
Note that - ‘a8c6b00c02ca’ is the container ID, this ID will be specific to your container and will change for every container you create.
After re-starting your container, you can enter it by typing:
This method will work well if you only have to have the one Kali container open. However, if you are like me you will have multiple terminal open at once, which means we need to commit our current container to an image, so that we can load multiple containers off that one image. To do this type:
This will create a new image ‘kali’ from our container. We can view the images we have in Docker by running the following command:
From here, we can now remove our container using the commands:
Starting Kali Containers
Now that we have our new image, we can start a new container with the following command:
The option ‘–rm’ means that our kali container will be removed as soon as we exit it. This is beneficial as if we didn’t remove it automatically we could potentially have multiple containers building up on our system chewing up hard disk space and resources. I will often only omit the ‘–rm’ option when I am making system changes that I want to persist in my Kali Docker image (following the process described above).
From here I can spin up as many containers as I need to get my work done.
Connecting to ports
Using tools such as netcat and metasploit where I have listeners set up and waiting to catch a shell, I need to enable that port via my docker image. Therfore, if I know I am going to be using a port in my docker instance I need to enable it when I run docker. i.e.
This maps port 4444 in my docker instance to the port 4444 on my host machine. So, when I set up my reverse listener on a target I want to direct it to the IP address of my host machine, not the IP address of my docker instance.
Issues
Kafka Docker Image
Using Kali in Docker is far from perfect. I have not been able to get Kali’s GUI applications to run successfully after trying different X-server options such as XMing and Cygwin/X. This has not stopped me however, and for the majority of GUI tools that I use such as Wireshark, BurpSuit, OWASP ZAP, Dirbuster and Ettercap all have Windows versions that I can use.
Docker for Windows currently does not support USB passthrough, therefore I cannot connect my Alfa Wireless card or RTL-SDR to take advantage of the tools Kali has available for these devices. This means I either need to find Windows alternatives or boot into my Kali VM to use these devices.
Kali Docker Gui
Conclusion
Kali On Docker
I have become a huge fan of this set up with Docker. It is quick and seemless to open up a Kali command prompt and start hacking away. I have found it particularly useful whilst working my through the machines on Hack the Box. However when doing Vulnhub VM’s, I need to either put the VMs on my ESXI server at home or I need to use my Kali VM.