SSJ is a silly little script that makes use of Docker installed on your everyday Linux distribution (Ubuntu, Debian, etc.) and magically arms it with hundreds of penetration testing and forensics tools.
SSJ pulls a Docker image that uses Kali Linux base image,kalilinux/kali with kali-linux-large and kali-linux-headless metapackages installed over it. It uses the kali.download/kali mirror and kali-last-snapshot branch. You can run GUI applications like Burpsuite, Wireshark, Ettercap, etc. from within the container on your everyday Linux distribution by using --privileged container capabilities and adding a universal access control to xhost on your host Linux distribution. This script creates a .desktop file (the Application Launcher) for you that initiates the docker run command to run the container. So, the only thing you need to do is, find SSJ in you applicaiton drawer or menu and click on it to launch it. A terminator window will popup with all your pentesting and forensics tools in it. Execute burpsuite to fire up the proxy, wireshark to fire up the packet analyzer and like that, you have access to hundreds of tools and packages that are there in Kali Linux (particularly the kali-linux-large and kali-linux-headless metapackages), right on your everyday Linux distribution. Also, contrary to virtual machines, that are either networked behind a virtual NAT or bridged along with the host operating system, SSJ utilizes the host network stack as it is (using --net=host) which means that the SSJ container will have direct access to all the network interfaces as the host Linux distribution and will also share the same IP addresses.
- Internet.
curl,wget&iputils-pingmust be installed.- Docker must be installed and the user must be present in the
dockergroup.
curl -sL https://raw.githubusercontent.com/thirdbyte/ssj/main/install.sh | bash
(This takes variable time depending upon your Internet speed. It pulls the Docker image from Docker Hub that weighs around 4G.)
- Reboot.
- Access the application drawer/menu on your Linux distribution to find SSJ.
- Launch SSJ.
- A
terminatorterminal will pop up. - Use this terminal to launch any tool by executing them using their respective package names. For an example:
msfconsole,burpsuite,wireshark, etc. - You can save any file in the
/rootdirectory inside the container and find it at$HOME/.ssjon your host Linux distribution.
Tested on: Ubuntu 20.04.1 LTS (GNOME), Linux Mint 20 Ulyana (Cinnamon)
Notice: The screenshots underneath represent xfce4-terminal which is now replaced with terminator.
- Add Tools: A convenient script that lets you add more tools to SSJ that are not a part of either the
kali-linux-largeorkali-linux-headlessmetapackage.
Since SSJ uses kali-last-snapshot branch of Kali Linux repositories, you don't need to update it until a new snapshot version (2020.1, 2020.2, 2020.3, etc.) of Kali Linux gets released. Once, a new version gets released, redo the installation and if you are using Add Tools plugin, you'll need to re-execute the add-tools script as well.
- Since the container runs with the root user privileges, the files created in the
/rootdirectory have the owner set to root. On the host Linux distribution, this directory is$HOME/.ssj. All the files and sub directories inside$HOME/.ssjwill require the root user of the host Linux distribution in case any data needs to be written to or deleted from this directory.
- SSJ uses Docker's
--privilegedcontainer capabilities and--net=hostnetworking. It also adds a universal access control toxhostfor making GUI applications work, but immidiately closes it once SSJ'sterminatoris exited. This might allow any application to access the X server or GUI of your host Linux distribution in particular for the time SSJ is running which can be a security or a privacy concern for many. - Audio ouput does not work as of now.
curl -sL https://raw.githubusercontent.com/thirdbyte/ssj/main/uninstall.sh | bashsudo rm -rf $HOME/.ssj/
This script was created out of curiosity. This might solve a lot of problems. This might create new ones as well. It comes with no commitments whatsoever. You may do anything you wish to do with this script and are solely responsible for it. You can still feel free to file issues in case you experience any of them. Cheers!