# 安装Docker部分(略)
# 更新docker源为中国国内源。
在/etc/docker下编辑或新建daemon.json:
vi /etc/docker/daemon.json
添加内容:
{
"registry-mirrors": [
"https://kfwkfulq.mirror.aliyuncs.com",
"https://2lqq34jg.mirror.aliyuncs.com",
"https://pee6w651.mirror.aliyuncs.com",
"https://registry.docker-cn.com",
"http://hub-mirror.c.163.com"
],
"dns": ["114.114.114.114","8.8.8.8"]
}
# 拉取Docker Kali镜像
docker pull kalilinux/kali-linux-docker
# 创建kali容器
docker run -id -v /data_backup/kali_linux/_data:/root --restart=always --name=kali2020 -p 2222:22 -p 4444:4500 a1765e8e381e
-v 指定家目录让一些想保留的数据存储在本地目录下
-p 映射kali22端口到外面的2222
4500端口(研究中)
最后一串是images的名字
# 修改root口令
password root
# 备份及替换本地源
cp /etc/apt/sources.list{,.bak}
>> 加入下面信息(选择一个适合你的即可,我这里用的阿里云)
# 中科大
deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
# 阿里云
deb http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
deb-src http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
# 清华大学
deb http://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
deb-src https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
# 163
deb http://mirrors.163.com/debian wheezy main non-free contrib
deb-src http://mirrors.163.com/debian wheezy main non-free contrib
deb http://mirrors.163.com/debian wheezy-proposed-updates main non-free contrib
deb-src http://mirrors.163.com/debian wheezy-proposed-updates main non-free contrib
deb-src http://mirrors.163.com/debian-security wheezy/updates main non-free contrib
# 东软大学
deb http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib
deb-src http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib
# 官方源
deb http://http.kali.org/kali kali-rolling main non-free contrib
deb-src http://http.kali.org/kali kali-rolling main non-free contrib
# 更新软件列表
apt-get update && apt-get upgrade
# 安装常用工具
apt-get -y install vim git python net-tools openssh-server
# 修改ssh配置文件,允许root远程登陆
/etc/ssh/sshd_config
>> 修改如下内容
PermitRootLogin yes
PS: 这里建议利用物理机防火墙,限定死允许远程过来的IP主机地址。防止别人利用Root账号
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.X.X" port protocol="tcp" port="2222" accept"
firewall-cmd --list-rich-rule
参考资料:
https://www.secshi.com/40391.html