initial commit

Dockerfile

@@ -0,0 +1,61 @@
+FROM debian:jessie
+
+MAINTAINER opsxcq <opsxcq@thestorm.com.br>
+
+RUN apt-get update && \
+    apt-get upgrade -y && \
+    apt-get -y install \
+    git build-essential zlib1g zlib1g-dev \
+    libxml2 libxml2-dev libxslt-dev locate \
+    libreadline6-dev libcurl4-openssl-dev git-core \
+    libssl-dev libyaml-dev openssl autoconf libtool \
+    ncurses-dev bison curl wget xsel postgresql \
+    postgresql-contrib postgresql-client libpq-dev \
+    libapr1 libaprutil1 libsvn1 \
+    libpcap-dev libsqlite3-dev libgmp3-dev \
+    tor torsocks nasm vim nmap ntpdate\
+    && rm -rf /var/lib/apt/lists/*
+
+# Get Metasploit
+RUN cd /opt && \
+    git clone https://github.com/rapid7/metasploit-framework.git msf && \
+    cd msf && \
+    # Setup rvm
+    curl -sSL https://rvm.io/mpapis.asc | gpg --import && \
+    curl -L https://get.rvm.io | bash -s stable && \
+    /bin/bash -l -c "rvm requirements" && \
+    /bin/bash -l -c "rvm install 2.3.1" && \
+    /bin/bash -l -c "rvm use 2.3.1 --default" && \
+    /bin/bash -l -c "source /usr/local/rvm/scripts/rvm" && \
+    /bin/bash -l -c "gem install bundler" && \
+    /bin/bash -l -c "source /usr/local/rvm/scripts/rvm && which bundle" && \
+    /bin/bash -l -c "which bundle" && \
+    # Install metasploit deps
+    /bin/bash -l -c "BUNDLEJOBS=$(expr $(cat /proc/cpuinfo | grep vendor_id | wc -l) - 1)" && \
+    /bin/bash -l -c "bundle config --global jobs $BUNDLEJOBS" && \
+    /bin/bash -l -c "bundle install" && \
+    # Just add some easy links
+    for i in `ls /opt/msf/tools/*/*`; do ln -s $i /usr/local/bin/; done && \
+    ln -s /opt/msf/msf* /usr/local/bin
+
+# PosgreSQL setup
+COPY ./db.sql /tmp/
+RUN /etc/init.d/postgresql start && su postgres -c "psql -f /tmp/db.sql"
+
+USER root
+COPY ./database.yml /opt/msf/config/
+
+COPY main.sh /
+
+# Metasploit conf folders and a temp folder if you want to drop something there
+VOLUME /root/.msf4/
+VOLUME /tmp/data/
+
+# For backconnect shellcodes (or payloads as if you want to use fancy names)
+EXPOSE 4444
+
+# For browser exploits
+EXPOSE 443
+
+ENTRYPOINT ["/main.sh"]
+

README.md

@@ -1 +1,9 @@
-# docker-metasploit
+# Metasploit docker container
+
+## Build
+
+docker build -t metasploit:master .
+
+## Run
+
+docker run --rm -i -t -v /root/.msf4:/root/.msf4 -v /tmp/data:/tmp/data metasploit:master

database.yml

@@ -0,0 +1,9 @@
+production:
+    adapter: postgresql
+    database: msfdb
+    username: msf
+    password: secret
+    host: 127.0.0.1
+    port: 5432
+    pool: 75
+    timeout: 5

db.sql

@@ -0,0 +1,12 @@
+update pg_database set datallowconn = TRUE where datname = 'template0';
+\c template0
+update pg_database set datistemplate = FALSE where datname = 'template1';
+drop database template1;
+create database template1 with template = template0 encoding = 'UTF8';
+update pg_database set datistemplate = TRUE where datname = 'template1';
+\c template1
+update pg_database set datallowconn = FALSE where datname = 'template0';
+create user msf;
+alter user msf with encrypted password 'secret';
+alter user msf CREATEDB;
+\q

main.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+echo '[+] Initializing local clock'
+ntpdate -B -q 0.debian.pool.ntp.org
+source /usr/local/rvm/scripts/rvm
+echo '[+] Initializing postgres'
+service postgresql start
+echo '[+] Initializing tor'
+service tor start
+echo '[+] Updating msf'
+/opt/msf/msfupdate --git-branch master
+echo '[+] Well done, enjoy your shell'
+/bin/bash