Metasploit Framework console on Docker. (with workspace)

Nima Saed
Nima Saed
Sep 20 · 3 min read

Summary

I am a security specialist. I love Linux and containers. I do not like Kali Linux and bloated software. I use Metasploit Framework on Docker with workspace. Although you can start using the MSF docker out of the box, for using workspace you need a database, here is how.

Containers are everywhere in my life

Over the past few years I started to like docker and containerization in general, before that I had some sort of resilient against containerization, I mean comparing to VM, I saw VM more secure and isolated. But now I have a different opinion. Although some of the security concerns about containers are true, at least for now, the benefits of containers are more appealing to me now.

I have started using docker wherever I can in my job or even personal life. I use docker to build my automated security testing platform at work, I use them for building my security testing tools, I run my services such as OpenVPN and Plex on docker at home. They are everywhere in my life.

I do not like to use Kali Linux because of 1. I don’t like to run VM all the time. 2. Kali Linux is bloated. 3. There are so many tools that I don’t even use. Instead, I use Arch Linux as my daily driver with a very minimum number of packages installed, I use Blackarch strap on my Arch Linux to get security tools or build the tools on docker if possible.

One of the tools that I use is Metasploit Framework, and thanks to Rapid7 team there is a docker for MSF which is getting updates every day or even sometimes twice a day. Although you can start using the MSF docker out of the box, for using workspace you need a database.

MSF Console on Docker

You need MSF and Postgres docker, you also need to set up a docker network.

First, create a directory in your home directory for MSF files. You also need a directory to keep Postgres data, let’s keep it in the same place with MSF files.

mkdir $HOME/.msf4
mkdir $HOME/.msf4/database

Network

You need a docker network to assign a fixed IP to each container. Let’s create a network with a subnet of 172.18.0.0/16 and we call it msf.

docker network create --subnet=172.18.0.0/16 msf

Database

Now we need the database, here we are going to use postgres 11 with alpine based os. Let’s assign it to network msf and give IP 172.18.0.2, you need to mount a volume to keep the data, you also need to assign value to postgres’s username, password and database name.

docker run --ip 172.18.0.2 --network msf --rm --name postgres -v "${HOME}/.msf4/database:/var/lib/postgresql/data" -e POSTGRES_PASSWORD=postgres -e POSTGRES_USER=postgres -e POSTGRES_DB=msf -d postgres:11-alpine

MSF

Now we can run MSF on docker, but for the first time, we need to set database URL (including username, password, and database name in url). You also need to mount the volume to save the data. Lastly, you need to map the range of ports that MSF is going to use.

docker run --rm -it --network msf --name msf --ip 172.18.0.3 -e DATABASE_URL='postgres://postgres:postgres@172.18.0.2:5432/msf' -v "${HOME}/.msf4:/home/msf/.msf4" -p 8443-8500:8443-8500 metasploitframework/metasploit-framework

Save database setting

You can save database setting in MSF. To do so, inside MSF console execute db_save. Now you can run MSF docker without setting database URL.

docker run --rm -it -u 0 --network msf --name msf --ip 172.18.0.3 -v "${HOME}/.msf4:/home/msf/.msf4" -p 8443-8500:8443-8500 metasploitframework/metasploit-framework

MSF function in .bashrc

If you are using Linux you can use below function in your bashrc too. First, it is going to check if msf network exists, if not will create the network. Then it will check if Postgres docker is running. If not it will start the postgres docker. Lastly, it will start the MSF docker.

function msf-docker() {   if [ -z "$(docker network ls | grep -w msf)" ];   then       docker network create --subnet=172.18.0.0/16 msf   fi   if [ -z "$(docker ps -a | grep -w postgres)" ];   then       docker run --ip 172.18.0.2 --network msf --rm --name postgres -v "${HOME}/.msf4/database:/var/lib/postgresql/data" -e POSTGRES_PASSWORD=postgres -e POSTGRES_USER=postgres -e POSTGRES_DB=msf -d postgres:11-alpine   fi   docker run --rm -it -u 0 --network msf --name msf --ip 172.18.0.3 -v "${HOME}/.msf4:/home/msf/.msf4" -p 8443-8500:8443-8500 metasploitframework/metasploit-framework }

If you need help with any of these, drop me a message.

Nima Saed

Written by

Nima Saed

Software Security Engineer @Quintiq, citizen of the world with zero belief in supernatural, follower of the science.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade