Public | Automated Build

Last pushed: 2 hours ago
Short Description
An image of the famous Metasploit-Framework tool for pentesting.
Full Description

Metasploit Framework dockerfile

Purpose

This Dockerfile builds a Debian-based Docker container with Metasploit-Framework installed.

A quick and easy way to deploy Metasploit on any box, including Linux, MacOS or Windows!

MSF is started automatically with:

  • all dependencies installed,
  • automatic updates at startup,
  • a connection with the local Postgres database,
  • volumes, to share data and get access to your custom Metasploit scripts.

It also includes:

  • tmux, to use multiple windows (msfconsole, shell, etc.) inside the container;
  • nmap, the famous network scanner (along with ncat);
  • nasm, to support custom encoders;
  • a configuration file to get an improved prompt in Metasploit, with timestamping and sessions/jobs status.

Use

The image is built every day by Docker Hub, upon the Dockerfile of my github repository.

The image is based on Ubuntu LTS and the nighly builds Metasploit repository.

Also note that the image is signed (trusted content) so that the integrity of each layer in the image is checked.

You can get the image with this simple command:

docker pull phocean/msf

This command will download the image and you should have it available in your local image repository:

docker images

Run

Now, you can enjoy a neat msf prompt with this command:

docker run --rm -i -t -p 9990-9999:9990-9999 -v /home/<USER>/.msf4:/root/.msf4 -v /tmp/msf:/tmp/data --name msf phocean/msf

From there, you can start msfconsole, tmux or any other Metasploit tool (msfvenom, pattern_offset.rb, etc.).

Explanations:

  • We map the port range from 9990 to 9999 to our host, to catch reverse shells back.
  • We mount the local .msf4 folder, where you can set your prompt and put custom scripts and modules, to /root/.msf4 inside the container (if you want to make some changes at runtime, beware to do it from your host, not from within the container).
  • Similarly, we mount a /tmp/data folder to exchange data (a dump from a successful exploit, for instance).

Of course, it is up to you to adjust it to your taste or need.

You can also give it full access to the host network:

Note that this can be risky as all services on your host, including those that listen on localhost, would be reachable from within the container, in case it is compromise.

docker run --rm -it --net=host --hostname msf -v /home/<USER>/.msf4:/root/.msf4 -v /tmp/msf:/tmp/data --name msf phocean/msf

When you need extra terminals besides, use an alias such as:

docker exec -it msf /bin/bash

At any time, you can exit, which only stops (suspend) the container.

Because of the --rm, the container itself is not persistent.

Persistency is however partially made throught the mounting of your local folders (history, scripts).
So if you want to restart a session, just re-run the docker.

I find it more convenient, but if, for some reason, you prefer to keep the container, just remove the --rm and then you can restart the stopped container anytime:

docker restart msf
docker attach msf
# Later:
docker rm msf

Keep it up-to-date

The image is built daily from Docker Hub, so for example I use a crontab entry to keep it up-to-date:

*/5 * * * *     root      docker pull phocean/msf

Alternatively, you can keep all your images (not only phocean/msf) with such a command:

/usr/bin/docker images | awk '(NR>1) && ($2!~/none/) {print $1":"$2}' | xargs -L1 docker pull 2>&1 > /dev/null

Finally, you can choose to build it manually with the steps described below.

Build

If for some reason, including trust, you prefer to build the container, just use this command:

docker build -t phocean/msf .

Alternatively, you can use the provided start.sh script.

Docker will download the Debian image and then execute the installation steps.

Be patient, the process can be quite long the first time.

Note that you may want to:

  • copy the contrib/config file to the ~/.msf4 folder to get a nice prompt.
  • customize the conf/tmux file, if you plan to use this tool.

The configuration of Tmux maps the keyboard as in Screen (CTRL-A). It also makes a few cosmetic changes to the status bar.

Note that you could adjust the init script to automatically launch Tmux with a msf window and a bash one, for instance. I don't make it the default, because I don't want to bother people who don't need/want Tmux.*

Contributors

Thanks to contributors that helped this project:

Docker Pull Command
Owner
phocean