The "/tmp/msf" directory on the host can store other data you may wish to keep, such as the artifacts you might obtain from the targeted systems. ![]() The idea is to use the "~/.msf4" directory for Metasploit Framework configuration files. To ensure that relevant data persists across container invocations, I used the "-v" parameter to map the directories on my host to the corresponding locations inside the container. The "-it" parameter allows you to interact with the container using an interactive shell. In this example, I directed Docker to run the application "remnux/metasploit" in a transient container, which will disappear once you've exited it (that's what "-rm" is for). To make use of the Metasploit Framework Docker image, all you need is a sufficiently-powerful system that is connected to the Internet and that has Docker installed on it. When you run a command like the one below on such a host, it will automatically download the image from the REMnux repository and launch it: sudo docker run -rm -it -p 443:443 -v ~/.msf4:/root/.msf4 -v /tmp/msf:/tmp/data remnux/metasploit How to Launch the Metasploit Framework Docker Container Command-line capabilities of Metasploit Framework are very powerful and lend themselves well to penetration testing tasks that involve running the tool on a remote system. It lacks the web-based interface that you can get if you install the free Community edition, which you would need to register with Rapid 7. ![]() The container provides the command-line Metasploit Framework version of the tool. ![]() The following instructions and examples demonstrate how you can start using this Metasploit Docker container in a lab as well as on a publicly-accessible server. The Docker image "remnux/metasploit" is available as part of the REMnux collection, thanks to the configuration efforts of Jean Christophe Baptiste. Metasploit Framework is a powerful open source tool for penetration testing. Whether you're looking to use it for work or are merely interested in experimenting with it, you can run Metasploit Framework in a Docker container without having to deal with the pain of installing the code and its dependencies.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |