Metasploit en Contenedores.
Gracias a Brian quien me recomendó ver esto, estoy probando un contenedor con Metasploit.
Debido a la complejidad para preparar un entorno desde cero, bajé una imágen y la puse a correr. Instala postgresql, ruby, metasploit y otros componentes necesarios.
sudo docker run --rm -it -p 443:443 -v ~/.msf4:/root/.msf4 -v /tmp/msf:/tmp/data remnux/metasploit
Unable to find image 'remnux/metasploit:latest' locally
latest: Pulling from remnux/metasploit
04cf3f0e25b6: Pull complete
d5b45e963ba0: Pull complete
a5c78fda4e14: Pull complete
193d4969ca79: Pull complete
d709551f9630: Pull complete
1f25a1bb3176: Pull complete
32cbc8e77c38: Pull complete
9707c72ed4d0: Pull complete
592bbe533650: Pull complete
8d25bbc5564d: Pull complete
bee7a92a8ebe: Pull complete
58ba86fae4eb: Pull complete
91d9c75fcf28: Pull complete
220d3151e9ca: Pull complete
5bdfaa013ef3: Pull complete
7a09535bcd76: Pull complete
e45f0be4a46e: Pull complete
06bd944ec068: Pull complete
ffd22526b3f0: Pull complete
b02c2a07c2a4: Pull complete
Digest: sha256:29e449ddc3ff026bba2030d65331530834b6ba7718d625c76e416c7457c5be7c
Status: Downloaded newer image for remnux/metasploit:latest
ruby-2.3.3 is not installed.
To install do: 'rvm install ruby-2.3.3'
* Starting PostgreSQL 9.3 database server [ OK ]
[*]
[*] Attempting to update the Metasploit Framework...
[*]
[*] Checking for updates via git
[*] Note: Updating from bleeding edge
fatal: 'upstream' does not appear to be a git repository
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
[*] Attempting to add remote 'upstream' to your local git repository.
[*] Added remote 'upstream' to your local git repository.
HEAD is now at f0dca7ab Land #7692, print_error for error_sql_injection
Already on 'master'
Your branch is up-to-date with 'origin/master'.
Resolving dependencies...
Using rake 12.0.0
Using i18n 0.7.0
Using json 1.8.3
Using minitest 5.10.1
Using thread_safe 0.3.5
........
Using metasploit-model 2.0.3
Using rspec-rails 3.5.2
Using metasploit_data_models 2.0.10
Using metasploit-credential 2.0.8
Using metasploit-framework 4.13.7 from source at `.`
Bundle complete! 14 Gemfile dependencies, 119 gems now installed.
Use `bundle show [gemname]` to see where a bundled gem is installed.
Se actualiza y queda funcionando.
root@fc62c3c6f0cd:/tmp/data# msfconsole
Call trans opt: received. 2-19-98 13:24:18 REC:Loc
Trace program: running
wake up, Neo...
the matrix has you
follow the white rabbit.
knock, knock, Neo.
(`. ,-,
` `. ,;' /
`. ,'/ .'
`. X /.'
.-;--''--.._` ` (
.' / `
, ` ' Q '
, , `._ \
,.| ' `-.;_'
: . ` ; ` ` --,.._;
' ` , ) .'
`._ , ' /_
; ,''-,;' ``-
``-..__``--`
http://metasploit.com
=[ metasploit v4.13.7-dev-f0dca7ab ]
+ -- --=[ 1607 exploits - 914 auxiliary - 277 post ]
+ -- --=[ 458 payloads - 39 encoders - 9 nops ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
msf >
Un ejemplo
msf > use auxiliary/scanner/ssh/ssh_version
msf auxiliary(ssh_version) > show options
Module options (auxiliary/scanner/ssh/ssh_version):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS yes The target address range or CIDR identifier
RPORT 22 yes The target port
THREADS 1 yes The number of concurrent threads
TIMEOUT 30 yes Timeout for the SSH probe
msf auxiliary(ssh_version) > set RHOSTS 172.17.0.1
RHOSTS => 172.17.0.1
msf auxiliary(ssh_version) > run
[*] 172.17.0.1:22 - SSH server version: SSH-2.0-OpenSSH_7.9p1 Ubuntu-10
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
https://www.cvedetails.com/vulnerability-list/vendor_id-97/product_id-585/Openbsd-Openssh.html
La imágen mide mas de 12.2 gb tal como lo corrimos, el parámetro “–rm” borrará el contenedor al salir del mismo.
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
remnux/metasploit latest 3e61fa3d4c63 2 years ago 1.27GB