Skip to content
docker lab

Docker Lab For Ethical Hacking in 2023

Published by tomkraz on 10 March 2022

When learning to do Capture the Flag (CTF) challenges, pen-testing or Ethical Hacking you regularly come across commands you would like to test. For sure you don’t want to be doing this against any production environment or even your test lab. I find the easiest solution is to use your own Docker Lab. You don’t have to be an expert to use docker. Just find somewhere to save the commands and you are good to go.

I will cover just the basics of Docker in this Write up and hope you find it useful. If you want to find out more, head on over to Docker web site

What is Docker?

Docker is an open source platform for building, deploying, and managing containerized applications. With just a few commands we can spin up “WordPress”, “Jenkins”, “FTP”, “SSH”, “MySQL” and many many more servers. We can do this with ease and we can get rid of them just as quickly. It can keep our data independent from the docker container or, if we don’t care, our data can be disposable. It’s all your choice as our Docker Lab is for spinning up something quickly and not for keeping anything permanent.

Lab Setup

As usual I will be using my BlackArch linux install that I did as part of my CTF beginners series. You can use any modern Linux Distribution for this, but I will focus on Arch Linux commands.

Install Docker

Installing Docker in ArchLinux is a breeze, 

sudo pacman -S docker

Start and enable Docker

For my laptop I dont like to have docker running all the time, consuming resources, only when I choose to. 

sudo systemctl start docker

However if you are ok with leaving it running all the time you can use the below command. 

sudo systemctl enable -now docker

Add a user to docker Group

In order to have access to docker without all the sudo stuff it’s best to add your user to the docker group. (you have to re-login after this step)

usermod -G docker <username goes here>

Lets create a Docker lab

FTP lab

FTP is an old technologies, in fact it’s around since the early 1970s and is wildly insecure. However it pops up quite often in CTF challenges and if you take a look at netlas.io (see my write up) you can find many instances of it across the internet. I most certainly don’t encourage you to use it for transporting your data but it can be fun to play with.

It’s important that you create a ftp directory so your data becomes independent to the container. 

mkdir -p ~/docker/ftp

Anything we put into this directory will be available in the ftp server. 

docker run -it -d --rm --name ftplab \
-p 21:21 -p 21000-21010:21000-21010 \
-e USERS="testuser|letmein" \
-v ~/docker/ftp:/ftp \
delfer/alpine-ftp-server

Lets break down this command

  • run -it -d, run a interactive docker container and demonize it.
  • –rm, once the container is stopped its deleted.
  • –name ftplab, Name of container so it can be recognized later .
  • -e USERS=”testuser|letmein”, create some users for the ftp server.
  • -p 21:21 -p 21000-21010:21000-21010, ports to be forward from docker container to the localhost.
  • -v ~/docker/ftp:/ftp, mounts our newly created ftp directory into the container.
  • delfer/alpine-ftp-server, name of the docker ftp image on docker.com.

Run docker ps to ensure the container is running.

You can now use FTP on your local host by typing, 

ftp 127.0.0.1

ssh lab

SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users a secure way to access a computer over an unsecured network.

The options for ssh docker image are less than that as the ftp. Only the ports to run ssh on must be specified. 

 docker run -d -p 2222:22 arvindr226/alpine-ssh

But we don’t know the root password I hear you say. This is true, but we can change it with the below code. 

➜  docker docker exec -it some_sshd /bin/bash
bash-4.3# passwd root
Changing password for root
New password: 
Bad password: too weak
Retype password: 
passwd: password for root changed by root
bash-4.3#

After all this is done you can connect to the ssh server with the command 

ssh 127.0.0.1 -p 2222

WordPress lab

WordPress is an open-source content management system which is incredibly popular among bloggers (me included). It can be really useful to have your own “WordPress” install to play with. I utilized it in my hydra article.

First we make our directory so to save the database and the “html” documents. 

mkdir -p ~/docker/wordpress 
cd ~/docker/workpress

Pull down the docker image

docker pull workpress

And the main command to launch it. 

docker run \
--name some_wordpress \
-p 8080:80 \
-v $(pwd)/wordpress:/var/www/html \
-d \
--rm wordpress

Open it up in “firefox” on http://127.0.0.1:8080 and Bingo we have a WordPress site.

Conclusion

I hope you found my mini introduction to my docker lab interesting. Leave some comments below if you thought it was of value.

Published inCTFDockerGetting Started With CTF ChallengesPen-Testing

Comments are closed.