Docker is becoming more and more popular with Hackers and Pentesters alike. Docker is a great way to run tools without the need for installing them from source. In this guide, I will show you how to install Docker on Kali Linux 2020.1 in the easiest possible way. Just follow along. This guide is fully compatible with the new non-root user per default that was introduced with Kali Linux 2020.1, learn more about this here.
Why use Docker?
When you are working as a Pentester, you most likely won't only be using the tools that are included with Kali Linux, but you are using a lot of different tools that you find on Github. The classic way of installing those tools was to git clone the repository and then using install scripts to locally install them in your /opt/ folder on Kali Linux.
I have recently seen a trend that more and more Git Repositories are offering a pre-configured Docker file that you just need download and run, without the need of installing anything at all. (Except, of course, the only thing is that you need to install Docker on Kali Linux).
Let's first install Docker on Kali Linux and then I am going to show you an example.
Configuring APT & Keys
First, as always, update APT:
sudo apt update
Then we need to add the official Docker PGP key like so:
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
Next, we configure APT so we will be able to download, install and update Docker.
echo 'deb [arch=amd64] https://download.docker.com/linux/debian buster stable' | sudo tee /etc/apt/sources.list.d/docker.list
If all went well, you should see something similar like below:
Install Docker on Kali Linux
I am following the official Docker documentation here, but a few of you pointed out that they have problems with it, so I try to break it down.
After adding Docker to APT, we need to update apt once more so we will be able to install Docker on Kali Linux:
sudo apt update
In case you have any old and/or outdated versions of Docker installed on your system, we make sure to get rid of them first:
sudo apt remove docker docker-engine docker.io
Once this is done, we are ready to install Docker on Kali Linux:
sudo apt install docker-ce -y
Finally, starting Docker:
sudo systemctl start docker
Now please note, if you do not do the optional step below, you need to run this command every time you want to use Docker again after you have restarted your Kali. Decide on your own.
Optional - Starting Docker automatically after a reboot
Do this at your own risk. I do not recommend doing this if you don't know what you're doing. I usually only start Docker when I actually need to use it.
sudo systemctl enable docker
Verifying the Installation
Let's see if Docker actually works now with a simple hello world, how classy.
sudo docker run hello-world
The "Unable to find image..." warning is normal, as you can see, Docker automatically updates the hello-world program and runs it successfully.
You now have successfully installed Docker on Kali Linux 2020.1. Now let me show you the afore promised example.
Using Docker as a Penetration Tester
As promised before, I'll show you a quick example of how to use Docker to run Pentesting Tools on Kali Linux. For this example, we use Amass, the popular Subdomain Enumeration Tool from OWASP. This is not a perfect example, as Amass recently became available via APT, but nevertheless it brings across the point and the info can be transferred to other tools that are not available via APT.
Now, if you wanted to install Amass the classical way from source, you would first need to install Golang, configure Golang, and then run through a couple of steps to install it the Go-Way.
Thanks to Docker, we don't have to worry about any of that.
All we do is:
sudo docker build -t amass https://github.com/OWASP/Amass.git
And to run Amass:
sudo docker run amass enum -d example.com
And that's really all there is to it.
Using Docker to run Penetration Testing Tools is becoming more and more popular and I see why. Knowing Docker can't do you any harm anyway, it's a great way to run stuff inside of a Container. I plan on doing a mini-series about Docker and Kali Linux in the near future, stay tuned for that.