docker
/
kali-desktop
mirror of https://github.com/lukaszlach/kali-desktop
1
0
Fork 0
Code Issues Releases Wiki Activity

task: initial commit

This commit is contained in:
Łukasz Lach 2018-08-15 09:42:32 +02:00
parent a8cd0f9635
commit 5e1cdae0f4
14 changed files with 289 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored Normal file
View File

@ -0,0 +1,4 @@
.idea
entrypoint.sh
home/
etc/cont-init.d/02-wallpaper

20
Dockerfile Normal file
View File

@ -0,0 +1,20 @@
FROM kalilinux/kali-linux-docker
ARG KALI_DESKTOP
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y \
curl sudo apt-transport-https gnupg \
x11vnc xvfb novnc dbus-x11 \
kali-defaults kali-desktop-${KALI_DESKTOP} && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
EXPOSE 5900/tcp 6080/tcp
ENV DISPLAY :1
ENV KALI_DESKTOP ${KALI_DESKTOP}
ENTRYPOINT ["/init"]
ARG S6_OVERLAY_VERSION=1.21.4.0
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-amd64.tar.gz /tmp/
RUN gunzip -c /tmp/s6-overlay-amd64.tar.gz | tar -xf - -C / && \
rm -f /tmp/s6-overlay-amd64.tar.gz
COPY etc/ /etc

20
Dockerfile.kde Normal file
View File

@ -0,0 +1,20 @@
FROM kalilinux/kali-linux-docker
ARG KALI_DESKTOP=kde
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y \
curl sudo apt-transport-https gnupg \
x11vnc xvfb novnc dbus-x11 \
kali-defaults kali-desktop-${KALI_DESKTOP} && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
EXPOSE 5900/tcp 6080/tcp
ENV DISPLAY :1
ENV KALI_DESKTOP ${KALI_DESKTOP}
ENTRYPOINT ["/init"]
ARG S6_OVERLAY_VERSION=1.21.4.0
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-amd64.tar.gz /tmp/
RUN gunzip -c /tmp/s6-overlay-amd64.tar.gz | tar -xf - -C / && \
rm -f /tmp/s6-overlay-amd64.tar.gz
COPY etc/ /etc

20
Dockerfile.lxde Normal file
View File

@ -0,0 +1,20 @@
FROM kalilinux/kali-linux-docker
ARG KALI_DESKTOP=lxde
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y \
curl sudo apt-transport-https gnupg \
x11vnc xvfb novnc dbus-x11 \
kali-defaults kali-desktop-${KALI_DESKTOP} && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
EXPOSE 5900/tcp 6080/tcp
ENV DISPLAY :1
ENV KALI_DESKTOP ${KALI_DESKTOP}
ENTRYPOINT ["/init"]
ARG S6_OVERLAY_VERSION=1.21.4.0
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-amd64.tar.gz /tmp/
RUN gunzip -c /tmp/s6-overlay-amd64.tar.gz | tar -xf - -C / && \
rm -f /tmp/s6-overlay-amd64.tar.gz
COPY etc/ /etc

20
Dockerfile.xfce Normal file
View File

@ -0,0 +1,20 @@
FROM kalilinux/kali-linux-docker
ARG KALI_DESKTOP=xfce
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y \
curl sudo apt-transport-https gnupg \
x11vnc xvfb novnc dbus-x11 \
kali-defaults kali-desktop-${KALI_DESKTOP} && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
EXPOSE 5900/tcp 6080/tcp
ENV DISPLAY :1
ENV KALI_DESKTOP ${KALI_DESKTOP}
ENTRYPOINT ["/init"]
ARG S6_OVERLAY_VERSION=1.21.4.0
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-amd64.tar.gz /tmp/
RUN gunzip -c /tmp/s6-overlay-amd64.tar.gz | tar -xf - -C / && \
rm -f /tmp/s6-overlay-amd64.tar.gz
COPY etc/ /etc

7
Dockerfile.xfce-top10 Normal file
View File

@ -0,0 +1,7 @@
FROM lukaszlach/kali-desktop:xfce
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y kali-linux-top10 && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*

41
Makefile Normal file
View File

@ -0,0 +1,41 @@
DOCKER_IMAGE_NAME ?= lukaszlach/kali-desktop
# gnome (creates new displays, does not work)
# kde (heaviest and slow in browser, too much effects)
# lxde
# xfce (most lightweight)
KALI_DESKTOPS := xfce lxde kde
KALI_DESKTOP ?= xfce
build: build-auto
docker build --build-arg KALI_DESKTOP="${KALI_DESKTOP}" -t docker-kali .
docker tag docker-kali ${DOCKER_IMAGE_NAME}:${KALI_DESKTOP}
docker tag docker-kali ${DOCKER_IMAGE_NAME}:$$(docker run --entrypoint '' docker-kali bash -c '. /etc/os-release; echo "$$VERSION";')-${KALI_DESKTOP}
${MAKE} list
build-auto:
echo ${KALI_DESKTOPS} | xargs -n1 -I{} bash -c "sed 's/\(^ARG KALI_DESKTOP\)/\1={}/g' Dockerfile > Dockerfile.{}"
list:
docker images | grep ${DOCKER_IMAGE_NAME}
push:
docker images --format '{{.Repository}}:{{.Tag}}' | \
grep '${DOCKER_IMAGE_NAME}' | \
xargs -n1 docker push
run:
docker rm -f docker-kali || true
docker run -v $$(pwd)/etc/services.d:/etc/services.d:ro -v $$(pwd)/etc/cont-init.d:/etc/cont-init.d:ro -it --name docker-kali -p 5900:5900 -p 6080:6080 -e USER=kali -v $$(pwd)/home/kali:/home/kali --privileged docker-kali
run-prod:
docker rm -f docker-kali || true
docker run -it --name docker-kali --network host --privileged docker-kali
stop:
docker kill docker-kali
cli:
docker exec -it docker-kali bash
run-cli:
docker run -it --entrypoint '' docker-kali bash

116
README.md Normal file
View File

@ -0,0 +1,116 @@
# lukaszlach / kali-desktop
[![Docker pulls](https://img.shields.io/docker/pulls/lukaszlach/kali-desktop.svg?label=docker+pulls)](https://hub.docker.com/r/lukaszlach/kali-desktop)
[![Docker stars](https://img.shields.io/docker/stars/lukaszlach/kali-desktop.svg?label=docker+stars)](https://hub.docker.com/r/lukaszlach/kali-desktop)
Kali Desktop provides [Docker images](https://hub.docker.com/r/lukaszlach/kali-desktop/) with [Kali Linux](https://www.kali.org/) and a VNC server. This project allows you to pick Kali Linux version, favorite desktop environment, and run it on any system - Linux, MacOS or Windows - to access remotely and execute commands using a VNC client **or a web browser**.
![](https://user-images.githubusercontent.com/5011490/44137821-0af8d0e8-a072-11e8-8962-cd21a1283a04.png)
* Kali Linux 2018.2
* Xfce - `:xfce`
* LXDE - `:lxde`
* KDE - `:kde`
* Kali Linux 2018.2 with Top10 tools pre-installed
* Xfce - `:xfce-top10`
## Running
All required services and dependencies are inside the Docker images so only web browser and one command are needed to start `kali-desktop`:
![](https://user-images.githubusercontent.com/5011490/44146922-0dff2d6c-a092-11e8-875a-2e2ba16dd0bd.gif)
However the most common case is `kali-desktop` running with host network in privileged mode, so tools like network sniffing work properly and with full speed without Docker network filtering the traffic. See all available Docker image tags on [Docker Hub](https://hub.docker.com/r/lukaszlach/kali-desktop/tags/).
```bash
# run on host network
docker run -d --network host --privileged lukaszlach/kali-desktop:xfce
# run on Docker network
docker run -d -p 5900:5900 -p 6080:6080 --privileged lukaszlach/kali-desktop:xfce
```
After the container is up you can access Kali Linux Desktop under http://localhost:6080, the hostname can differ if you are doing this on a remote server. `vnc_auto.html` will connect you automatically, `vnc.html` allows some connection tuning.
> Docker for Mac works inside a small virtual machine which IP you must use to access the exposed ports or use service like [Dinghy](https://github.com/codekitchen/dinghy).
If you want to customize the container behavior you can pass additional parameters:
```bash
docker run -d \
--network host --privileged \
-e RESOLUTION=1280x600x24 \
-e USER=kali \
-e PASSWORD=kali \
-e ROOT_PASSWORD=root \
-v /home/kali:/home/kali \
--name kali-desktop \
lukaszlach/kali-desktop:xfce
```
Run parameters:
* `--network host` - optional but recommended, use the host network interfaces, if you do not need to use this option you have to manually publish the ports by passing `-p 5900:5900 -p 6080:6080`
* `--privileged` - optional but recommended
* `-e RESOLUTION` - optional, set streaming resolution and color depth, default `1280x600x24`
* `-e USER` - optional, work as a user with provided name, default `root`
* `-e PASSWORD` - optional, provide a password for USER, default `kali`
* `-e ROOT_PASSWORD` - optional, provide password for root, default `root`
* `-v /home/kali:/home/kali` - optional, if USER was provided it is a good idea to persist user settings, work files and look-and-feel
Exposed ports:
* `5900/tcp` - VNC
* `6080/tcp` - noVNC, web browser VNC client
## Extending
Create `Dockerfile.xfce-web` and modify the image as desired, below example installs Kali Linux web application assessment tools:
```
FROM lukaszlach/kali-desktop:xfce
RUN apt-get update && \
apt-get install -y kali-linux-web \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
```
Build the image:
```bash
docker build \
-f Dockerfile.xfce-web \
-t kali-desktop:xfce-web \
.
```
Run the image:
```bash
docker run --network host --privileged kali-desktop:xfce-web
```
## Licence
MIT License
Copyright (c) 2018 Łukasz Lach <llach@llach.pl>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

6
TODO.md Normal file
View File

@ -0,0 +1,6 @@
# lukaszlach / kali-desktop
## Todo
* Allow to enable / disable VNC shared mode
* VNC password by environment variable

14
etc/cont-init.d/01-init Executable file
View File

@ -0,0 +1,14 @@
#!/usr/bin/with-contenv bash
set -e
USER=${USER:-root}
HOME=/root
if [ "$USER" != "root" ]; then
useradd --create-home --shell /bin/bash --user-group --groups sudo $USER
if [[ "$PASSWORD" == "" ]]; then
PASSWORD=kali
fi
HOME="/home/$USER"
echo "$USER:$PASSWORD" | chpasswd
fi
chown -R "$USER:$USER" "$HOME"
echo "root:${ROOT_PASSWORD:-root}" | chpasswd

9
etc/services.d/gui/run Executable file
View File

@ -0,0 +1,9 @@
#!/usr/bin/with-contenv bash
set -ex
USER=${USER:-root}
GUI_COMMAND=$( ( which startlxde || which startkde || which startxfce4 || which gdm3 )2>/dev/null )
if [[ "$USER" != "root" ]]; then
exec su -c "$GUI_COMMAND" "$USER"
else
exec "$GUI_COMMAND"
fi

3
etc/services.d/websockify/run Executable file
View File

@ -0,0 +1,3 @@
#!/usr/bin/with-contenv bash
set -e
exec websockify --web=/usr/share/novnc/ 6080 localhost:5900

3
etc/services.d/x11vnc/run Executable file
View File

@ -0,0 +1,3 @@
#!/usr/bin/with-contenv bash
set -e
exec x11vnc -display "$DISPLAY" -xkb -forever -shared -repeat -listen 0.0.0.0 -nopw -reopen

6
etc/services.d/xvfb/run Executable file
View File

@ -0,0 +1,6 @@
#!/usr/bin/with-contenv bash
set -e
if [[ "$RESOLUTION" == "" ]]; then
RESOLUTION=1280x600x24
fi
Xvfb "$DISPLAY" -screen 0 "$RESOLUTION"