Vulhub is a collection of vulnerability environments based on docker and docker-compose. Enter the corresponding directory and execute a statement to start a new vulnerability environment, making vulnerability recurrence easier and allowing security researchers to focus more on the principle of the vulnerability itself.
Vulhub official website
Github project
Install Vulhub on CentOS7.9 (other Linux environment installation process is similar, as long as docker and docker-compose environment are installed):
1. Install docker compose
① Install the specified version of docker-compose:
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
(Specify a docker-compose version, here is 1.29.2)
② Create a soft connection, you can use docker-compose in any directory:
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
③ Add permissions:
chmod +x /usr/local/bin/docker-compose
④ Check the docker-compose version, if the following figure appears, the installation is successful:
docker-compose --version
Two, install docker
① Install docker:
curl -sSL https://get.daocloud.io/docker | sh
② start docker
systemctl start docker
③ Check whether docker is successfully installed:
docker run hello-world
3. Install git
① install git
yum -y install git
② Check whether git is installed
git --version
4. Install the vulhub shooting range
①Download the project and unzip it, enter the directory
wget https://github.com/vulhub/vulhub/archive/master.zip -O vulhub-master.zip
unzip vulhub-master.zip
cd vulhub-master
5. Run a Vulnerability Environment
① Enter the directory of a vulnerability/environment (take tomcat8 as an example)
cd /vulhub-master/tomcat/tomcat8
② Automatic compilation environment (some environments do not need to compile)
docker-compose build
③ Start the whole environment
docker-compose up -d
④ View the currently running docker container
docker ps
⑤ Access to the vulnerable environment
⑥ After using the vulnerable environment, delete the entire environment
docker-compose down -v