【Linux】Kali Linux 渗透安全学习笔记(1) - Docker Kali 部署与安装软件

由于最近要做渗透和安全方面的工作,经网友们的推荐选定了 kali linux 作为实施平台。但 vm 直装的方式太过麻烦了,本次 kali linux 将采用 docker 镜像的方式进行部署使用。

直接使用 run 运行命令启动 rolling 镜像,若镜像不存在,docker 会自动进行 checkout到本地,如下图:

bash 复制代码
docker run -it kalilinux/kali-rolling:latest /bin/bash

启动容器并进入容器内部后发现了一个大问题...所有 apt update 都用不了,如下图:

bash 复制代码
┌──(root💀f7153892195d)-[/]
└─# apt-get update
Get:1 http://mirror.aktkn.sg/kali kali-rolling InRelease [41.2 kB]
Err:1 http://mirror.aktkn.sg/kali kali-rolling InRelease
  The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
Reading package lists... Done
W: GPG error: http://mirror.aktkn.sg/kali kali-rolling InRelease: The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
E: The repository 'http://http.kali.org/kali kali-rolling InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

apt update 用不了,apt install 就更加用不了了,想安装个 vim 都成问题怎么办呢?

bash 复制代码
┌──(root💀f7153892195d)-[/]
└─# vi
bash: vi: command not found

┌──(root💀f7153892195d)-[/]
└─# vim
bash: vim: command not found

通过在网上说可以通过更新签名可以解决

bash 复制代码
wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2022.1_all.deb
sudo dpkg -i kali-archive-keyring_2022.1_all.deb

我...我 tm 连 apt 都没有 wget、curl 又怎么可能会有嘛。

bash 复制代码
┌──(root💀f7153892195d)-[/]
└─# wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2018.1_all.deb
bash: wget: command not found

┌──(root💀f7153892195d)-[/]
└─# curl https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2018.1_all.deb
bash: curl: command not found

之后只能在宿主机先将这 kali-archive-keyring_2022.1_all.deb 先下载好了,之后通过 docker cp 拷贝到镜像里面,如下图:

bash 复制代码
yuanzhenhui@MacBook-Pro Downloads % docker cp kali-archive-keyring_2022.1_all.deb f7153892195d:/home
Successfully copied 7.17kB to f7153892195d:/home
yuanzhenhui@MacBook-Pro Downloads % docker exec -it f7153892195d /bin/bash
┌──(root💀f7153892195d)-[/]
└─# cd /home

┌──(root💀f7153892195d)-[/home]
└─# ls
kali-archive-keyring_2022.1_all.deb

接下来通过 apt install 对 deb 文件进行安装

bash 复制代码
┌──(root💀f7153892195d)-[/home]
└─# apt install ./kali-archive-keyring_2022.1_all.deb 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'kali-archive-keyring' instead of './kali-archive-keyring_2022.1_all.deb'
The following packages will be upgraded:
  kali-archive-keyring
1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/5140 B of archives.
After this operation, 1024 B disk space will be freed.
Get:1 /home/kali-archive-keyring_2022.1_all.deb kali-archive-keyring all 2022.1 [5140 B]
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 6801 files and directories currently installed.)
Preparing to unpack .../kali-archive-keyring_2022.1_all.deb ...
Unpacking kali-archive-keyring (2022.1) over (2020.2) ...
Setting up kali-archive-keyring (2022.1) ...
Installed kali-archive-keyring as a trusted APT keyring.

但问题又来了,apt update 虽然可以搞定了,但是国外源太慢了有什么办法可以更新成国内源呢?

这个时候最新版的 docker desktop 提供了良好的解决方法

点击 View files 之后会看到镜像内部的文档结构目录,找到自己需要修改的文件点击鼠标右键即可进行编辑,如下图:

在下方区域可以添加你需要的国内源即可,如下图:

完事之后就可以进行一次 apt update 了

bash 复制代码
┌──(root💀f7153892195d)-[/home]
└─# apt-get update
Get:1 http://mirrors.zju.edu.cn/kali kali-rolling InRelease [41.2 kB]
Ign:2 http://mirrors.zju.edu.cn/kali kali-rolling/main Sources                                                                                           
Get:3 http://mirrors.zju.edu.cn/kali kali-rolling/contrib Sources [77.6 kB]
Get:4 http://mirrors.zju.edu.cn/kali kali-rolling/non-free Sources [130 kB]
Get:5 http://mirrors.zju.edu.cn/kali kali-rolling/non-free amd64 Packages [218 kB]
Get:6 http://mirrors.zju.edu.cn/kali kali-rolling/main amd64 Packages [19.5 MB]
Get:7 http://mirrors.zju.edu.cn/kali kali-rolling/contrib amd64 Packages [114 kB]
Get:2 http://mirrors.zju.edu.cn/kali kali-rolling/main Sources [15.8 MB]                                                                                 
Fetched 35.8 MB in 1min 11s (506 kB/s)                                                                                                                   
Reading package lists... Done

之后 upgrade 和 dist-upgrade 更是少不了了,这里就不再细说。

为了做渗透、安全相关的工作,kali 的工具包也是必不可少的。但是作为初学者要怎么选呢?en...小孩子才会做选择,我全要了这个时候我们通过 apt search kali-linux 进行一次工具包全搜索,如下图:

bash 复制代码
┌──(root💀f7153892195d)-[/home]
└─# apt search kali-linux
Sorting... Done
Full Text Search... Done
kali-linux-core/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's core packages

kali-linux-default/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's default toolset

kali-linux-everything/kali-rolling,kali-rolling 2023.3.1 amd64
  Every tool in Kali Linux

kali-linux-firmware/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's default firmware files

kali-linux-headless/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's default headless tools

kali-linux-labs/kali-rolling,kali-rolling 2023.3.1 amd64
  Test environments for learning and practising on

kali-linux-large/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali's extended default tool selection

kali-linux-nethunter/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali on NetHunter devices

kali-linux-wsl/kali-rolling,kali-rolling 2023.3.1 amd64
  Kali on WSL

由于 docker 版本的 kali linux rolling 并没有安装任何工具的,所以这个时候我们选择全安装就完事儿了,这里我们选择 kali-linux-everything。

bash 复制代码
┌──(root💀f7153892195d)-[/home]
└─# apt install kali-linux-everything               
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  ...
0 upgraded, 3951 newly installed, 0 to remove and 0 not upgraded.
Need to get 10.3 GB of archives.
After this operation, 28.8 GB of additional disk space will be used.
Do you want to continue? [Y/n]

28.8 GB ...建议还是扩展一下 docker 磁盘的大小再安装会比较好。

经过漫长的安装终于是将所需的工具都安装好了,还是先打个镜像吧,以免一下子容器 remove 掉了之后又要重新做一遍。

相关推荐
青草地溪水旁21 分钟前
进程“悄悄话”函数——`socketpair`
linux·进程间通信
Li zlun24 分钟前
MySQL 性能监控与安全管理完全指南
数据库·mysql·安全
能不能别报错25 分钟前
K8s学习笔记(十五) pause容器与init容器
笔记·学习·kubernetes
风为你而吹37 分钟前
【玩泰山派】4、制作ubuntu镜像-(6)使用鲁班猫的sdk去制作镜像
linux·运维·ubuntu
ᖰ・◡・ᖳ42 分钟前
JavaScript:神奇的ES6之旅
前端·javascript·学习·es6
running thunderbolt43 分钟前
项目---网络通信组件JsonRpc
linux·服务器·c语言·开发语言·网络·c++·性能优化
YoungLime1 小时前
DVWA靶场之十:DOM 型 XSS(DOM Based Cross Site Scripting (XSS))
网络·安全·web安全
小马学嵌入式~1 小时前
堆排序原理与实现详解
开发语言·数据结构·学习·算法
递归不收敛1 小时前
吴恩达机器学习课程(PyTorch适配)学习笔记:1.4 模型评估与问题解决
pytorch·学习·机器学习
又是忙碌的一天1 小时前
前端学习 JavaScript
前端·javascript·学习