docker search kalilinux
docker pull kalilinux/kali-last-release:amd64
docker images
root@fv-az502-105:/tmp# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
kalilinux/kali-last-release amd64 11e7ede56947 6 days ago 118MB
启动docker镜像:
docker run -it --cap-add=ALL --name kali --ip 172.17.0.9 --add-host=master:172.17.0.1 \
--hostname kali2022 -p 43389:3389 -v /sbin/busybox:/bin/busybox -v /sbin/busybox:/bin/ps 11e7ede56947
查看系统版本:
┌──(root㉿kali2022)-[/]
└─# cat /etc/os-release
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
VERSION="2022.4"
VERSION_ID="2022.4"
VERSION_CODENAME="kali-rolling"
ID=kali
ID_LIKE=debian
HOME_URL="https://www.kali.org/"
SUPPORT_URL="https://forums.kali.org/"
BUG_REPORT_URL="https://bugs.kali.org/"
ANSI_COLOR="1;31"
┌──(root㉿kali2022)-[/]
└─# uname -a
Linux kali2022 5.15.0-1033-azure #40~20.04.1-Ubuntu SMP Tue Jan 24 16:06:28 UTC 2023 x86_64 GNU/Linux
┌──(root㉿kali2022)-[/]
└─#
修改密码,升级包:
echo root:1|chpasswd;
export LANG=en_US.UTF-8;
export LANGUAGE=en_US.UTF-8;
export LC_ALL=en_US.UTF-8;
export DEBIAN_FRONTEND=noninteractive;
export APT_LISTCHANGES_FRONTEND=none;
apt update;\
apt dist-upgrade;\
apt autoremove;\
apt clean;
apt-get update ; apt-get upgrade;
apt-get install -y net-tools;
dpkg -L net-tools|grep -v share ;
apt-get install -y tcpdump ;
安装工具包:
# apt-get install kali-linux-everything #这是安装全部
apt-get install -y kali-tools-top10; # 3477MB,这是安装top 10工具,包含metasploit-framework
安装远程桌面的图形界面,方便打开wireshark:
echo "xterm -bg black -fg white -geometry 150x50+20+10 ;">~/.xsession;
chmod 777 ~/.xsession; cat ~/.xsession;
apt install -y xorg dbus-x11 x11-xserver-utils xterm xinit xorgxrdp ; \
which X && apt install -y xrdp ;
# 如下,启动远程桌面
which xrdp xrdp-sesman xrdp-sessman;\
setsid /usr/sbin/xrdp-sesman --nodaemon ;
setsid /usr/sbin/xrdp --nodaemon ;
直接运行wireshark不显示接口,但是tcpdump可以正常使用(抓eth0),如下命令可以间接使用wireshark.
echo "set -x;tcpdump -i eth0 -s0 -l -w - | wireshark -k -i -" > /bin/q.sh
. /bin/q.sh
┌──(root㉿kali2022)-[/]
└─# getcap /usr/bin/dumpcap
┌──(root㉿kali2022)-[/]
└─# getcap -v $(which tcpdump)
/usr/bin/tcpdump
┌──(root㉿kali2022)-[/]
└─# getcap -v /usr/bin/dumpcap
/usr/bin/dumpcap
┌──(root㉿kali2022)-[/]
└─#
![](https://i-blog.csdnimg.cn/blog_migrate/6aed477d890772cae7edaec567e849ee.png)
后来才发现启动的时候要加(--cap-add=ALL),这样的参数,wireshark才会显示eth0接口
docker run -it --cap-add=ALL --name kali --hostname kali2022 -p 43389:3389 11e7ede56947
![](https://i-blog.csdnimg.cn/blog_migrate/5812e531dd62cd68a0daf27cf0d2d319.png)
![](https://i-blog.csdnimg.cn/blog_migrate/9028414a420dad94254ed370022f1969.png)
![](https://i-blog.csdnimg.cn/blog_migrate/eb6577332bf92fd1da6bf3c0f0c4a9ca.png)