【Linux】Kali Linux 渗透安全学习笔记（1） - Docker Kali 部署与安装软件

由于最近要做渗透和安全方面的工作，经网友们的推荐选定了 kali linux 作为实施平台。但 vm 直装的方式太过麻烦了，本次 kali linux 将采用 docker 镜像的方式进行部署使用。

直接使用 run 运行命令启动 rolling 镜像，若镜像不存在，docker 会自动进行 checkout到本地，如下图：

docker run -it kalilinux/kali-rolling:latest /bin/bash

启动容器并进入容器内部后发现了一个大问题...所有 apt update 都用不了，如下图：

┌──(root💀f7153892195d)-[/]
└─# apt-get update
Get:1 http://mirror.aktkn.sg/kali kali-rolling InRelease [41.2 kB]
Err:1 http://mirror.aktkn.sg/kali kali-rolling InRelease
  The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
Reading package lists... Done
W: GPG error: http://mirror.aktkn.sg/kali kali-rolling InRelease: The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
E: The repository 'http://http.kali.org/kali kali-rolling InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

apt update 用不了，apt install 就更加用不了了，想安装个 vim 都成问题怎么办呢？

┌──(root💀f7153892195d)-[/]
└─# vi
bash: vi: command not found

┌──(root💀f7153892195d)-[/]
└─# vim
bash: vim: command not found

通过在网上说可以通过更新签名可以解决

wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2022.1_all.deb
sudo dpkg -i kali-archive-keyring_2022.1_all.deb

我...我 tm 连 apt 都没有 wget、curl 又怎么可能会有嘛。

┌──(root💀f7153892195d)-[/]
└─# wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2018.1_all.deb
bash: wget: command not found

┌──(root💀f7153892195d)-[/]
└─# curl https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2018.1_all.deb
bash: curl: command not found

之后只能在宿主机先将这 kali-archive-keyring_2022.1_all.deb 先下载好了，之后通过 docker cp 拷贝到镜像里面，如下图：

yuanzhenhui@MacBook-Pro Downloads % docker cp kali-archive-keyring_2022.1_all.deb f7153892195d:/home
Successfully copied 7.17kB to f7153892195d:/home
yuanzhenhui@MacBook-Pro Downloads % docker exec -it f7153892195d /bin/bash
┌──(root💀f7153892195d)-[/]
└─# cd /home

┌──(root💀f7153892195d)-[/home]
└─# ls
kali-archive-keyring_2022.1_all.deb

接下来通过 apt install 对 deb 文件进行安装

┌──(root💀f7153892195d)-[/home]
└─# apt install ./kali-archive-keyring_2022.1_all.deb 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'kali-archive-keyring' instead of './kali-archive-keyring_2022.1_all.deb'
The following packages will be upgraded:
  kali-archive-keyring
1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/5140 B of archives.
After this operation, 1024 B disk space will be freed.
Get:1 /home/kali-archive-keyring_2022.1_all.deb kali-archive-keyring all 2022.1 [5140 B]
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 6801 files and directories currently installed.)
Preparing to unpack .../kali-archive-keyring_2022.1_all.deb ...
Unpacking kali-archive-keyring (2022.1) over (2020.2) ...
Setting up kali-archive-keyring (2022.1) ...
Installed kali-archive-keyring as a trusted APT keyring.

但问题又来了，apt update 虽然可以搞定了，但是国外源太慢了有什么办法可以更新成国内源呢？

这个时候最新版的 docker desktop 提供了良好的解决方法

点击 View files 之后会看到镜像内部的文档结构目录，找到自己需要修改的文件点击鼠标右键即可进行编辑，如下图：

在下方区域可以添加你需要的国内源即可，如下图：

完事之后就可以进行一次 apt update 了

┌──(root💀f7153892195d)-[/home]
└─# apt-get update
Get:1 http://mirrors.zju.edu.cn/kali kali-rolling InRelease [41.2 kB]
Ign:2 http://mirrors.zju.edu.cn/kali kali-rolling/main Sources                                                                                           
Get:3 http://mirrors.zju.edu.cn/kali kali-rolling/contrib Sources [77.6 kB]
Get:4 http://mirrors.zju.edu.cn/kali kali-rolling/non-free Sources [130 kB]
Get:5 http://mirrors.zju.edu.cn/kali kali-rolling/non-free amd64 Packages [218 kB]
Get:6 http://mirrors.zju.edu.cn/kali kali-rolling/main amd64 Packages [19.5 MB]
Get:7 http://mirrors.zju.edu.cn/kali kali-rolling/contrib amd64 Packages [114 kB]
Get:2 http://mirrors.zju.edu.cn/kali kali-rolling/main Sources [15.8 MB]                                                                                 
Fetched 35.8 MB in 1min 11s (506 kB/s)                                                                                                                   
Reading package lists... Done

之后 upgrade 和 dist-upgrade 更是少不了了，这里就不再细说。

为了做渗透、安全相关的工作，kali 的工具包也是必不可少的。但是作为初学者要怎么选呢？en...小孩子才会做选择，我全要了这个时候我们通过 apt search kali-linux 进行一次工具包全搜索，如下图：

┌──(root💀f7153892195d)-[/home]
└─# apt search kali-linux
Sorting... Done
Full Text Search... Done
kali-linux-core/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's core packages

kali-linux-default/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's default toolset

kali-linux-everything/kali-rolling,kali-rolling 2023.3.1 amd64
  Every tool in Kali Linux

kali-linux-firmware/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's default firmware files

kali-linux-headless/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's default headless tools

kali-linux-labs/kali-rolling,kali-rolling 2023.3.1 amd64
  Test environments for learning and practising on

kali-linux-large/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's extended default tool selection

kali-linux-nethunter/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali on NetHunter devices

kali-linux-wsl/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali on WSL

由于 docker 版本的 kali linux rolling 并没有安装任何工具的，所以这个时候我们选择全安装就完事儿了，这里我们选择 kali-linux-everything。

┌──(root💀f7153892195d)-[/home]
└─# apt install kali-linux-everything               
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  ...
0 upgraded, 3951 newly installed, 0 to remove and 0 not upgraded.
Need to get 10.3 GB of archives.
After this operation, 28.8 GB of additional disk space will be used.
Do you want to continue? [Y/n]

28.8 GB ...建议还是扩展一下 docker 磁盘的大小再安装会比较好。

经过漫长的安装终于是将所需的工具都安装好了，还是先打个镜像吧，以免一下子容器 remove 掉了之后又要重新做一遍。