Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
104 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
FROM debian:jessie | ||
|
||
MAINTAINER opsxcq <opsxcq@thestorm.com.br> | ||
|
||
RUN apt-get update && \ | ||
apt-get upgrade -y && \ | ||
apt-get -y install \ | ||
git build-essential zlib1g zlib1g-dev \ | ||
libxml2 libxml2-dev libxslt-dev locate \ | ||
libreadline6-dev libcurl4-openssl-dev git-core \ | ||
libssl-dev libyaml-dev openssl autoconf libtool \ | ||
ncurses-dev bison curl wget xsel postgresql \ | ||
postgresql-contrib postgresql-client libpq-dev \ | ||
libapr1 libaprutil1 libsvn1 \ | ||
libpcap-dev libsqlite3-dev libgmp3-dev \ | ||
tor torsocks nasm vim nmap ntpdate\ | ||
&& rm -rf /var/lib/apt/lists/* | ||
|
||
# Get Metasploit | ||
RUN cd /opt && \ | ||
git clone https://github.com/rapid7/metasploit-framework.git msf && \ | ||
cd msf && \ | ||
# Setup rvm | ||
curl -sSL https://rvm.io/mpapis.asc | gpg --import && \ | ||
curl -L https://get.rvm.io | bash -s stable && \ | ||
/bin/bash -l -c "rvm requirements" && \ | ||
/bin/bash -l -c "rvm install 2.3.1" && \ | ||
/bin/bash -l -c "rvm use 2.3.1 --default" && \ | ||
/bin/bash -l -c "source /usr/local/rvm/scripts/rvm" && \ | ||
/bin/bash -l -c "gem install bundler" && \ | ||
/bin/bash -l -c "source /usr/local/rvm/scripts/rvm && which bundle" && \ | ||
/bin/bash -l -c "which bundle" && \ | ||
# Install metasploit deps | ||
/bin/bash -l -c "BUNDLEJOBS=$(expr $(cat /proc/cpuinfo | grep vendor_id | wc -l) - 1)" && \ | ||
/bin/bash -l -c "bundle config --global jobs $BUNDLEJOBS" && \ | ||
/bin/bash -l -c "bundle install" && \ | ||
# Just add some easy links | ||
for i in `ls /opt/msf/tools/*/*`; do ln -s $i /usr/local/bin/; done && \ | ||
ln -s /opt/msf/msf* /usr/local/bin | ||
|
||
# PosgreSQL setup | ||
COPY ./db.sql /tmp/ | ||
RUN /etc/init.d/postgresql start && su postgres -c "psql -f /tmp/db.sql" | ||
|
||
USER root | ||
COPY ./database.yml /opt/msf/config/ | ||
|
||
COPY main.sh / | ||
|
||
# Metasploit conf folders and a temp folder if you want to drop something there | ||
VOLUME /root/.msf4/ | ||
VOLUME /tmp/data/ | ||
|
||
# For backconnect shellcodes (or payloads as if you want to use fancy names) | ||
EXPOSE 4444 | ||
|
||
# For browser exploits | ||
EXPOSE 443 | ||
|
||
ENTRYPOINT ["/main.sh"] | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,9 @@ | ||
# docker-metasploit | ||
# Metasploit docker container | ||
|
||
## Build | ||
|
||
docker build -t metasploit:master . | ||
|
||
## Run | ||
|
||
docker run --rm -i -t -v /root/.msf4:/root/.msf4 -v /tmp/data:/tmp/data metasploit:master |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
production: | ||
adapter: postgresql | ||
database: msfdb | ||
username: msf | ||
password: secret | ||
host: 127.0.0.1 | ||
port: 5432 | ||
pool: 75 | ||
timeout: 5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
update pg_database set datallowconn = TRUE where datname = 'template0'; | ||
\c template0 | ||
update pg_database set datistemplate = FALSE where datname = 'template1'; | ||
drop database template1; | ||
create database template1 with template = template0 encoding = 'UTF8'; | ||
update pg_database set datistemplate = TRUE where datname = 'template1'; | ||
\c template1 | ||
update pg_database set datallowconn = FALSE where datname = 'template0'; | ||
create user msf; | ||
alter user msf with encrypted password 'secret'; | ||
alter user msf CREATEDB; | ||
\q |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
#!/bin/bash | ||
|
||
echo '[+] Initializing local clock' | ||
ntpdate -B -q 0.debian.pool.ntp.org | ||
source /usr/local/rvm/scripts/rvm | ||
echo '[+] Initializing postgres' | ||
service postgresql start | ||
echo '[+] Initializing tor' | ||
service tor start | ||
echo '[+] Updating msf' | ||
/opt/msf/msfupdate --git-branch master | ||
echo '[+] Well done, enjoy your shell' | ||
/bin/bash |