README.md 8.5 KB
Newer Older
1
# Docker images for Parrot OS
2

3
Docker is a powerful technology that allows users to run containers universally on any host platform.
4

5
Docker uses template images, and allows the user to start several instances of the same template, destroy them, or build new custom templates on top of them.
6

7
Parrot uses docker to allow its users to use its vast arsenal of tools on any platform supported by docker.
8

Lorenzo "Palinuro" Faletra's avatar
Lorenzo "Palinuro" Faletra committed
9 10
[Parrot Core](#parrotseccore)

Francesco Bonanno's avatar
Francesco Bonanno committed
11
[Parrot Security](#parrotsecsecurity)
Lorenzo "Palinuro" Faletra's avatar
Lorenzo "Palinuro" Faletra committed
12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

[Nmap](#parrotsectools-nmap)

[Metasploit](#parrotsectools-metasploit)

[Social Engineering Toolkit](#parrotsectools-set)

[Beef-XSS](#parrotsectools-beef)

[Bettercap](#parrotsectoos-bettercap)

[SQLMap](#parrotsectools-sqlmap)

[Builder Container](#parrotsecbuild)



Lorenzo "Palinuro" Faletra's avatar
Lorenzo "Palinuro" Faletra committed
29
[skip to usage examples](#general-usage-instructions-and-examples)
30

31
# Available Templates
32

33
Whether you want to have a container full of tools, or several smaller containers with a tiny selection of tools, or even a clean Parrot environment to build yor custom stack on, this is the right place where to learn how to take advantage of the Parrot Docker workspace.
34

35
## parrotsec/core
36

37 38
Core system with just the Parrot basics.
You can use it as a start point to create your custom containers.
39

40
available flavors:
41

Francesco Bonanno's avatar
Francesco Bonanno committed
42
**parrotsec/core:latest** based on parrot rolling (debian testing) amd64
43

Francesco Bonanno's avatar
Francesco Bonanno committed
44
**parrotsec/core:rolling-amd64** based on parrot rolling (debian testing) amd64
45

Francesco Bonanno's avatar
Francesco Bonanno committed
46
**parrotsec/core:rolling-i386** based on parrot rolling (debian testing) i386
47

Francesco Bonanno's avatar
Francesco Bonanno committed
48
**parrotsec/core:lts-amd64** based on parrot lts (devuan stable) amd64
49

Francesco Bonanno's avatar
Francesco Bonanno committed
50
**parrotsec/core:lts-i386** based on parrot lts (devuan stable) i386
51

Francesco Bonanno's avatar
Francesco Bonanno committed
52
**parrotsec/core:lts-arm64** based on parrot lts (devuan stable) arm64
53

Francesco Bonanno's avatar
Francesco Bonanno committed
54
**parrotsec/core:lts-armhf** based on parrot lts (devuan stable) armhf
55

56
launch the container:
57

58
`docker run --rm -ti --network host -v $PWD/work:/work parrotsec/core:lts-amd64`
59 60


Francesco Bonanno's avatar
Francesco Bonanno committed
61
## parrotsec/security
62

63
This container includes a huge collection of tools that can be used via command line from inside a docker container.
64

65
Some tools with graphical interface were excluded for obvious reasons.
66

67
This container ships with the following metapackages:
68

69 70 71
* parrot-pico
* parrot-mini
* parrot-tools-cloud
72

73
available flavors:
74

75
**parrotsec/security:latest** built over parrotsec/core:rolling-amd64
76

77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
**parrotsec/security:rolling** built over parrotsec/core:rolling-amd64

**parrotsec/security:lts** built over parrotsec/core:lts-amd64

Launch the container:

`docker run --rm -ti --network host -v $PWD/work:/work parrotsec/security`


## parrotsec/tools-*

This is a curated selection of smaller docker containers that contain only specific tools, alone or in cherry-picked collections.

Containers with shared tools are stacked on top of each other (when possible) to minimize storage waste and maximize layers reuse.

available templates:

### parrotsec/tools-nmap
based on parrotsec/core:rolling-amd64
provides the following packages:
* nmap
* ncat
* ndiff
* dnsutils
* netcat
* telnet

104 105 106 107 108 109 110 111 112
usage: 
`docker run --rm -ti parrotsec/tools-nmap <nmap options>`

examples:

`docker run --rm -ti parrotsec/tools-nmap -F 192.168.1.1`

`docker run --rm -ti parrotsec/tools-nmap -Pn 89.36.210.176`

113 114 115 116 117 118 119
### parrotsec/tools-metasploit
based on parrotsec/tools-nmap:latest
provides the following packages:
* parrot-pico
* metasploit-framework
* postgresql

120 121 122 123
usage:

`docker run --rm -ti --network host -v $PWD/msf:/root/ parrotsec/tools-metasploit`

124 125 126 127 128
### parrotsec/tools-set
based on parrotsec/tools-metasploit:latest
provides the following packages:
* set

129 130 131 132
usage:

`docker run --rm -ti --network host -v $PWD/set:/root/.set parrotsec/tools-set`

133 134 135 136 137
### parrotsec/tools-beef
based on parrotsec/core:rolling-amd64
provides the following packages:
* beef-xss

138 139
usage:

Francesco Bonanno's avatar
Francesco Bonanno committed
140
`docker run --rm --network host -ti -v $PWD/beef:/var/lib/beef-xss parrotsec/tools-beef`
141

142 143 144 145 146
### parrotsec/tools-bettercap
based on parrotsec/core:rolling-amd64
provides the following packages:
* bettercap

147 148 149 150
usage:

`docker run --rm -ti parrotsec/tools-bettercap`

Lorenzo "Palinuro" Faletra's avatar
Lorenzo "Palinuro" Faletra committed
151
### parrotsec/tools-sqlmap
152 153 154 155
based on parrotsec/core:rolling-amd64
provides the following packages:
* sqlmap

156 157 158 159 160 161
usage:
`docker run --rm -ti parrotsec/tools-sqlmap <sqlmap options>`

example:
`docker run --rm -ti parrotsec/tools-sqlmap -u parrotsec.org --wizard`

162

Francesco Bonanno's avatar
Francesco Bonanno committed
163
## parrotsec/build
164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201

This container is used internally by the Parrot Build Platform to test and build the distro packages.

Even if it is not meant to be used directly by users, it contains all the tools to work on debian packaging and properly test package builds in clean and disposable environments.

This container ships with the following packages:

* git-buildpackage
* ubuntu-dev-tools
* devscripts
* debhelper
* dh-apparmor
* dh-autoreconf
* dh-buildinfo
* dh-cargo
* dh-consoledata
* dh-di
* dh-exec
* dh-golang
* dh-linktree
* dh-lisp
* dh-lua
* dh-make
* dh-make-golang
* dh-make-perl
* dh-metainit
* dh-perl6
* dh-php
* dh-python
* dh-runit
* dh-strip-nondeterminism
* dh-sysuser
* dh-vim-addon
* dh-virtualenv
* kernel-wedge

Available flavors:

Francesco Bonanno's avatar
Francesco Bonanno committed
202
**parrotsec/build:latest** based on parrotsec/core:rolling-amd64
203

Francesco Bonanno's avatar
Francesco Bonanno committed
204
**parrotsec/build:rolling-amd64** based on parrotsec/core:rolling-amd64
205

Francesco Bonanno's avatar
Francesco Bonanno committed
206
**parrotsec/build:rolling-i386** based on parrotsec/core:rolling-i386
207

Francesco Bonanno's avatar
Francesco Bonanno committed
208
**parrotsec/build:lts-amd64** based on parrotsec/core:lts-amd64
209

Francesco Bonanno's avatar
Francesco Bonanno committed
210
**parrotsec/build:lts-i386** based on parrotsec/core:lts-i386
211

Francesco Bonanno's avatar
Francesco Bonanno committed
212
**parrotsec/build:lts-arm64** based on parrotsec/core:lts-arm64
213

Francesco Bonanno's avatar
Francesco Bonanno committed
214
**parrotsec/build:lts-armhf** based on parrotsec/core:lts-armhf
215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304


Example usage:

```
git clone https://nest.parrot.sh/packages/tools/metasploit-framework
cd metasploit-framework
<make your modfications to the package here>
cd ..
docker run --rm -ti -v $PWD:/build/ parrotsec/build:rolling-amd64 - bash

cd /build/metasploit-framework
apt build-dep .
debuild -us -uc
exit
```


# General Usage Instructions and Examples

## Launch a container:
`docker run --name pcore-1 -ti parrotsec/core`
	NOTE: the pcore-1 name is arbitrary and can be customized

## Stop the container:
`docker stop pcore-1`

## Resume a previously-stopped container:
`docker start pcore-1`

## Remove a container after use:
`docker rm pcore-1`

## List all the instantiated containers:
`docker ps -a`

## Start multiple containers:
on terminal 1 -> `docker run --name pentest1 -ti parrotsec/security`
on terminal 2 -> `docker run --name pentest2 -ti parrotsec/security`
on terminal 3 -> `docker run --name msf-listener -ti parrotsec/tools-metasploit`

## Remove all the containers:
`docker rm $(docker ps -qa)`

## Start a container and automatically remove it on exit:
`docker run --rm -ti parrotsec/core`

## Use Volumes to share files with the host:
It is a good practice to not keep persistent docker containers, but to remove them on every use and make sure to save important files on a docker volume.

The following command creates a **work** folder inside the current directory and mounts it in /work inside the container.

`docker run --rm -ti -v $PWD/work:/work parrotsec/core`

## Use Volumes to share files across multiple containers:
on terminal 1 -> `docker run --name pentest -ti -v $PWD/work:/work parrotsec/security`
on terminal 2 -> `docker run --rm --network host -v $PWD/work:/work -ti parrotsec/security`
on terminal 3 -> `docker run --rm -v $PWD/work:/work -ti parrotsec/tools-metasploit`

## Open a port from the container to the host
Every docker container has its own network space connected to a virtual LAN.

All the traffic from within the docker container will be NATted by the host computer.

If you need to expose a port to other machines outside your local computer, use the following exaple:

`docker run --rm -p 8080:80 -ti parrotsec/core`

Note that the first port is the port that will be opened on your host, and the second one is the container port to bind to.

Here a reference usage of the -p flag:

**-p <host port>:<container port>** `-p 8080:80`
**-p <host port>:<container port>/<proto>** `-p 8080:80/tcp`
**-p <address>:<host port>:<container port>** `-p 192.168.1.30:8080:80` (in case of multiple adresses on host network)

## Use network host instead of docker NAT
Every docker container has its own network space connected to a virtual LAN.

All the traffic from within the docker container will be NATted by the host computer.

If you need to make the docker container share the same networking space of the host machine, then use the **--network host** flag as shown below

`docker run --rm --network host -ti parrotsec/core`

	NOTE 1: every port opened in the container will be opened on the host as well.

	NOTE 2: you can perform packet sniffing on the host network.

	NOTE 3: iptables rules applied inside the container will take effect on the host as well.