Metasploit Framework console on Docker. (with workspace)

Image for post
Image for post

Summary

I am a security specialist. I love Linux and containers. I do not like Kali Linux and bloated software. I use Metasploit Framework on Docker with workspace. Although you can start using the MSF docker out of the box, for using workspace you need a database, here is how.

Containers are everywhere in my life

Over the past few years I started to like docker and containerization in general, before that I had some sort of resilient against containerization, I mean comparing to VM, I saw VM more secure and isolated. But now I have a different opinion. Although some of the security concerns about containers are true, at least for now, the benefits of containers are more appealing to me now.

MSF Console on Docker

You need MSF and Postgres docker, you also need to set up a docker network.

mkdir $HOME/.msf4
mkdir $HOME/.msf4/database

Network

You need a docker network to assign a fixed IP to each container. Let’s create a network with a subnet of 172.18.0.0/16 and we call it msf.

docker network create --subnet=172.18.0.0/16 msf

Database

Now we need the database, here we are going to use postgres 11 with alpine based os. Let’s assign it to network msf and give IP 172.18.0.2, you need to mount a volume to keep the data, you also need to assign value to postgres’s username, password and database name.

docker run --ip 172.18.0.2 --network msf --rm --name postgres -v "${HOME}/.msf4/database:/var/lib/postgresql/data" -e POSTGRES_PASSWORD=postgres -e POSTGRES_USER=postgres -e POSTGRES_DB=msf -d postgres:11-alpine

MSF

Now we can run MSF on docker, but for the first time, we need to set database URL (including username, password, and database name in url). You also need to mount the volume to save the data. Lastly, you need to map the range of ports that MSF is going to use.

docker run --rm -it --network msf --name msf --ip 172.18.0.3 -e DATABASE_URL='postgres://postgres:postgres@172.18.0.2:5432/msf' -v "${HOME}/.msf4:/home/msf/.msf4" -p 8443-8500:8443-8500 metasploitframework/metasploit-framework
docker run --rm -it -u 0 --network msf --name msf --ip 172.18.0.3 -v "${HOME}/.msf4:/home/msf/.msf4" -p 8443-8500:8443-8500 metasploitframework/metasploit-framework

MSF function in .bashrc

If you are using Linux you can use below function in your bashrc too. First, it is going to check if msf network exists, if not will create the network. Then it will check if Postgres docker is running. If not it will start the postgres docker. Lastly, it will start the MSF docker.

function msf-docker() {   if [ -z "$(docker network ls | grep -w msf)" ];   then       docker network create --subnet=172.18.0.0/16 msf   fi   if [ -z "$(docker ps -a | grep -w postgres)" ];   then       docker run --ip 172.18.0.2 --network msf --rm --name postgres -v "${HOME}/.msf4/database:/var/lib/postgresql/data" -e POSTGRES_PASSWORD=postgres -e POSTGRES_USER=postgres -e POSTGRES_DB=msf -d postgres:11-alpine   fi   docker run --rm -it -u 0 --network msf --name msf --ip 172.18.0.3 -v "${HOME}/.msf4:/home/msf/.msf4" -p 8443-8500:8443-8500 metasploitframework/metasploit-framework }

Written by

Software Security Engineer, citizen of the world with zero belief in supernatural, follower of the science.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store