Use docker to build a test environment
Sao Nian Operation and Maintenance Youth
Use docker to build a test environment
1. Description
This article is suitable for people who have a certain understanding of Docker and VPN testing.
Second, prepare the target machine
This article takes DVWA as an example
- Check if there is a DVWA mirror
1[root@localhost ~]# docker search dvwa
2INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
3docker.io docker.io/citizenstig/dvwa Docker container for Damn Vulnerable Web A... 43 [OK]
4docker.io docker.io/garland/dvwa Damn Vulnerable Web Application in a Docke... 7 [OK]
5docker.io docker.io/infoslack/dvwa 7 [OK]
6docker.io docker.io/tleemcjr/dvwa Damn Vulnerable Web App (DVWA) built on Ma... 4
7docker.io docker.io/acgpiano/dvwa latest dvwa 2
8docker.io docker.io/benoitg/dvwa Damn Vulnerable Web Application https://gi... 2 [OK]
9docker.io docker.io/kebernexit/dvwa-php Damn Vulnerable Web Application (DVWA) PHP... 2
10docker.io docker.io/liniker/dvwa DVWA 2
11docker.io docker.io/astronaut1712/dvwa Docker for DVWA LAB: https://github.com/Ra... 1 [OK]
12docker.io docker.io/gjuniioor/dvwa Damn Vulnerable Web Application (DVWA) on ... 1 [OK]
13docker.io docker.io/jechoi/dvwa Instantly runnable DVWA to practice web at... 1
14docker.io docker.io/appsecframework/dvwa-nologin 0
15docker.io docker.io/aracloud/dvwa 0
16docker.io docker.io/c0ny1/dvwa dvwa镜像 0
17docker.io docker.io/dphanekham/dvwa Ubuntu 14.04 with DVWA running on it 0
18docker.io docker.io/frankspierings/dvwa 0
19docker.io docker.io/gaganld/dvwa-gagan 0
20docker.io docker.io/imfht/dvwa-nologin dvwa without login 0
21docker.io docker.io/intrusionexploitation/dvwa-wordpress2.2-bricks This is supporting docker image for Kali L... 0
22docker.io docker.io/ishangirdhar/dvwabricks Docker container for Bricks & DVWA web app... 0 [OK]
23docker.io docker.io/polyverse/dvwa Damn Vulnerable Web App 0 [OK]
24docker.io docker.io/rubenvanvreeland/dvwa 0
25docker.io docker.io/sagikazarmark/dvwa DVWA (Damn Vulnerable Web Application) Doc... 0 [OK]
26docker.io docker.io/sonic64/dvwa dvwa test environment 0
27docker.io docker.io/toneloc01/dvwa Damn Vulnerable Web Application based off ... 0
28[root@localhost ~]#
- Download the most images of STARS (good multi-layered)
1[root@localhost ~]# docker pull citizenstig/dvwa
2Using default tag: latest
3Trying to pull repository docker.io/citizenstig/dvwa ...
4latest: Pulling from docker.io/citizenstig/dvwa
58387d9ff0016: Pull complete
63b52deaaf0ed: Pull complete
74bd501fad6de: Pull complete
8a3ed95caeb02: Pull complete
9790f0e8363b9: Pull complete
1011f87572ad81: Pull complete
11341e06373981: Pull complete
12709079cecfb8: Pull complete
1355bf9bbb788a: Pull complete
14b41f3cfd3d47: Pull complete
1570789ae370c5: Pull complete
1643f2fd9a6779: Pull complete
176a0b3a1558bd: Pull complete
18934438c9af31: Pull complete
191cfba20318ab: Pull complete
20de7f3e54c21c: Pull complete
21596da16c3b16: Pull complete
22e94007c4319f: Pull complete
233c013e645156: Pull complete
247b3eb1ac6cfe: Pull complete
25Digest: sha256:1c0ab894f0bf41351519c8388a282c0a178216e9ce8f0399a162472070379dc6
26Status: Downloaded newer image for docker.io/citizenstig/dvwa:latest
27[root@localhost ~]#
- View mirror
1[root@localhost ~]# docker image ls
2REPOSITORY TAG IMAGE ID CREATED SIZE
3docker.io/citizenstig/dvwa latest d9c7999da701 12 months ago 466 MB
- Run the container
1[root@localhost ~]# docker run --rm -d -P --name ywsn-dvwa citizenstig/dvwa
2ac88b30b328af349a6ab19300d154d0e67eaa0d8e26ec52e26cb337618d83a6c
3[root@localhost ~]#
-
Parameter Description:
- run: run
- --rm: delete the container after exiting
- -d: run in the background
- -P: random mapping port
- --name: the name of the container
- View running containers
1[root@localhost ~]# docker container ls
2CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3ac88b30b328a citizenstig/dvwa "/run.sh" 10 seconds ago Up 7 seconds 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->3306/tcp ywsn-dvwa
4[root@localhost ~]#
It can be seen that port 80 is randomly mapped to port 32769. We need to open the web page: the host's IP: 32769 can access the dvwa web page.
Three, prepare *** tools
This article uses nmap as an example. The image of kali is relatively large, and you can also use kali as a container.
- View nmap mirror
1[root@localhost ~]# docker search nmap
2INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
3docker.io docker.io/uzyexe/nmap nmap container image (size: 14.93MB) 32 [OK]
4docker.io docker.io/instrumentisto/nmap Nmap ("Network Mapper") Docker Image 5 [OK]
5docker.io docker.io/jess/nmap 5
6docker.io docker.io/securecodebox/nmap A Docker image containing the NMAP securit... 5
7docker.io docker.io/k0st/nmap Nmap on minimum, modern and secure Alpine ... 4 [OK]
8docker.io docker.io/networkstatic/nmap Dockerized Nmap Port Scanner on Debian 4 [OK]
9docker.io docker.io/cyberwatch/nmap Docker Image with Nmap build from source 3
10docker.io docker.io/frapsoft/nmap nmap on Alpine Linux (6 MB) 2 [OK]
11docker.io docker.io/appsmanager/nmap 1
12docker.io docker.io/n4n0m4c/nmap docker nmap 1 [OK]
13docker.io docker.io/uleenucks/nmap 1
14docker.io docker.io/catalla/nmap-localhost Look for active IPs on localhost 0
15docker.io docker.io/dockerpinata/nmap 0
16docker.io docker.io/dockerpinata/nmap-ncat 0
17docker.io docker.io/functions/nmap 0
18docker.io docker.io/gvangool/nmap nmap in a container :) 0 [OK]
19docker.io docker.io/linosgian/nmap 0
20docker.io docker.io/marsmensch/nmap A Dockerfile for nmap https://nmap.org/ us... 0
21docker.io docker.io/n4n0m4c/nmapxml2ddb 0
22docker.io docker.io/sammascanner/nmap Nmap Scanner Will run and then save the r... 0 [OK]
23docker.io docker.io/ssarioglu/nmap Nmap Scanner 0 [OK]
24docker.io docker.io/tomkukral/nmap 0
25docker.io docker.io/voyat/nmap Image Docker pour Nmap 0 [OK]
26docker.io docker.io/weshigbee/nmap Container with nmap for scanning docker ne... 0 [OK]
27docker.io docker.io/whiteadam/nmap Alpine Linux image with nmap, libssl, and ... 0 [OK]
28[root@localhost ~]#
- Download nmap image
1[root@localhost ~]# docker pull uzyexe/nmap
2Using default tag: latest
3Trying to pull repository docker.io/uzyexe/nmap ...
4latest: Pulling from docker.io/uzyexe/nmap
5a3ed95caeb02: Pull complete
677c6c00e8b61: Pull complete
73aaade50789a: Pull complete
800cf8b9f3d2a: Pull complete
97ff999a2256f: Pull complete
10d2ba336f2e44: Pull complete
11dfda3e01f2b6: Pull complete
12a49f12444284: Pull complete
13b12991d094a3: Pull complete
14Digest: sha256:97fec7626949e70385c1bb451626967f9109e90fbe0e69947e18623b87c1c517
15Status: Downloaded newer image for docker.io/uzyexe/nmap:latest
16[root@localhost ~]#
- Use container
The image of the container runs directly, and you can follow the options directly after the container. You can check the official website for more functions.
1[root@localhost ~]# docker run --rm uzyexe/nmap -O 172.17.0.2
2
3Starting Nmap 7.60 ( https://nmap.org ) at 2019-06-26 02:42 GMT
4Nmap scan report for 172.17.0.2
5Host is up (0.00034s latency).
6Not shown: 998 closed ports
7PORT STATE SERVICE
880/tcp open http
93306/tcp open mysql
10MAC Address: 02:42:AC:11:00:02 (Unknown)
11Device type: general purpose
12Running: Linux 3.X|4.X
13OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
14OS details: Linux 3.2 - 4.8
15Network Distance: 1 hop
16
17OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
18Nmap done: 1 IP address (1 host up) scanned in 24.13 seconds
19[root@localhost ~]#
WeChat Official Account: Operation and Maintenance Youth