使用docker搭建***测试环境
骚年 运维少年
使用docker搭建***测试环境
一、说明
本文适合对Docker和***测试有一定了解的人员阅读。
二、准备靶机
本文以DVWA为例
- 查看有无DVWA的镜像
1[root@localhost ~]# docker search dvwa
2INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
3docker.io docker.io/citizenstig/dvwa Docker container for Damn Vulnerable Web A... 43 [OK]
4docker.io docker.io/garland/dvwa Damn Vulnerable Web Application in a Docke... 7 [OK]
5docker.io docker.io/infoslack/dvwa 7 [OK]
6docker.io docker.io/tleemcjr/dvwa Damn Vulnerable Web App (DVWA) built on Ma... 4
7docker.io docker.io/acgpiano/dvwa latest dvwa 2
8docker.io docker.io/benoitg/dvwa Damn Vulnerable Web Application https://gi... 2 [OK]
9docker.io docker.io/kebernexit/dvwa-php Damn Vulnerable Web Application (DVWA) PHP... 2
10docker.io docker.io/liniker/dvwa DVWA 2
11docker.io docker.io/astronaut1712/dvwa Docker for DVWA LAB: https://github.com/Ra... 1 [OK]
12docker.io docker.io/gjuniioor/dvwa Damn Vulnerable Web Application (DVWA) on ... 1 [OK]
13docker.io docker.io/jechoi/dvwa Instantly runnable DVWA to practice web at... 1
14docker.io docker.io/appsecframework/dvwa-nologin 0
15docker.io docker.io/aracloud/dvwa 0
16docker.io docker.io/c0ny1/dvwa dvwa镜像 0
17docker.io docker.io/dphanekham/dvwa Ubuntu 14.04 with DVWA running on it 0
18docker.io docker.io/frankspierings/dvwa 0
19docker.io docker.io/gaganld/dvwa-gagan 0
20docker.io docker.io/imfht/dvwa-nologin dvwa without login 0
21docker.io docker.io/intrusionexploitation/dvwa-wordpress2.2-bricks This is supporting docker image for Kali L... 0
22docker.io docker.io/ishangirdhar/dvwabricks Docker container for Bricks & DVWA web app... 0 [OK]
23docker.io docker.io/polyverse/dvwa Damn Vulnerable Web App 0 [OK]
24docker.io docker.io/rubenvanvreeland/dvwa 0
25docker.io docker.io/sagikazarmark/dvwa DVWA (Damn Vulnerable Web Application) Doc... 0 [OK]
26docker.io docker.io/sonic64/dvwa dvwa test environment 0
27docker.io docker.io/toneloc01/dvwa Damn Vulnerable Web Application based off ... 0
28[root@localhost ~]#- 下载STARS最多的镜像(好多层的说)
1[root@localhost ~]# docker pull citizenstig/dvwa
2Using default tag: latest
3Trying to pull repository docker.io/citizenstig/dvwa ...
4latest: Pulling from docker.io/citizenstig/dvwa
58387d9ff0016: Pull complete
63b52deaaf0ed: Pull complete
74bd501fad6de: Pull complete
8a3ed95caeb02: Pull complete
9790f0e8363b9: Pull complete
1011f87572ad81: Pull complete
11341e06373981: Pull complete
12709079cecfb8: Pull complete
1355bf9bbb788a: Pull complete
14b41f3cfd3d47: Pull complete
1570789ae370c5: Pull complete
1643f2fd9a6779: Pull complete
176a0b3a1558bd: Pull complete
18934438c9af31: Pull complete
191cfba20318ab: Pull complete
20de7f3e54c21c: Pull complete
21596da16c3b16: Pull complete
22e94007c4319f: Pull complete
233c013e645156: Pull complete
247b3eb1ac6cfe: Pull complete
25Digest: sha256:1c0ab894f0bf41351519c8388a282c0a178216e9ce8f0399a162472070379dc6
26Status: Downloaded newer image for docker.io/citizenstig/dvwa:latest
27[root@localhost ~]# - 查看镜像
1[root@localhost ~]# docker image ls
2REPOSITORY TAG IMAGE ID CREATED SIZE
3docker.io/citizenstig/dvwa latest d9c7999da701 12 months ago 466 MB- 运行容器
1[root@localhost ~]# docker run --rm -d -P --name ywsn-dvwa citizenstig/dvwa
2ac88b30b328af349a6ab19300d154d0e67eaa0d8e26ec52e26cb337618d83a6c
3[root@localhost ~]# -
参数说明:
- run:运行
- --rm:退出后删除容器
- -d:后台运行
- -P:随机映射端口
- --name:容器的名字
- 查看运行的容器
1[root@localhost ~]# docker container ls
2CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3ac88b30b328a citizenstig/dvwa "/run.sh" 10 seconds ago Up 7 seconds 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->3306/tcp ywsn-dvwa
4[root@localhost ~]# 可以看到80端口被随机映射到了32769端口,我们需要打开网页:宿主机的IP:32769即可访问dvwa网页。
三、准备***工具
本文已nmap为例,kali的镜像比较大,大家也可以用kali作为容器.
- 查看nmap镜像
1[root@localhost ~]# docker search nmap
2INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
3docker.io docker.io/uzyexe/nmap nmap container image (size: 14.93MB) 32 [OK]
4docker.io docker.io/instrumentisto/nmap Nmap ("Network Mapper") Docker Image 5 [OK]
5docker.io docker.io/jess/nmap 5
6docker.io docker.io/securecodebox/nmap A Docker image containing the NMAP securit... 5
7docker.io docker.io/k0st/nmap Nmap on minimum, modern and secure Alpine ... 4 [OK]
8docker.io docker.io/networkstatic/nmap Dockerized Nmap Port Scanner on Debian 4 [OK]
9docker.io docker.io/cyberwatch/nmap Docker Image with Nmap build from source 3
10docker.io docker.io/frapsoft/nmap nmap on Alpine Linux (6 MB) 2 [OK]
11docker.io docker.io/appsmanager/nmap 1
12docker.io docker.io/n4n0m4c/nmap docker nmap 1 [OK]
13docker.io docker.io/uleenucks/nmap 1
14docker.io docker.io/catalla/nmap-localhost Look for active IPs on localhost 0
15docker.io docker.io/dockerpinata/nmap 0
16docker.io docker.io/dockerpinata/nmap-ncat 0
17docker.io docker.io/functions/nmap 0
18docker.io docker.io/gvangool/nmap nmap in a container :) 0 [OK]
19docker.io docker.io/linosgian/nmap 0
20docker.io docker.io/marsmensch/nmap A Dockerfile for nmap https://nmap.org/ us... 0
21docker.io docker.io/n4n0m4c/nmapxml2ddb 0
22docker.io docker.io/sammascanner/nmap Nmap Scanner Will run and then save the r... 0 [OK]
23docker.io docker.io/ssarioglu/nmap Nmap Scanner 0 [OK]
24docker.io docker.io/tomkukral/nmap 0
25docker.io docker.io/voyat/nmap Image Docker pour Nmap 0 [OK]
26docker.io docker.io/weshigbee/nmap Container with nmap for scanning docker ne... 0 [OK]
27docker.io docker.io/whiteadam/nmap Alpine Linux image with nmap, libssl, and ... 0 [OK]
28[root@localhost ~]# - 下载nmap镜像
1[root@localhost ~]# docker pull uzyexe/nmap
2Using default tag: latest
3Trying to pull repository docker.io/uzyexe/nmap ...
4latest: Pulling from docker.io/uzyexe/nmap
5a3ed95caeb02: Pull complete
677c6c00e8b61: Pull complete
73aaade50789a: Pull complete
800cf8b9f3d2a: Pull complete
97ff999a2256f: Pull complete
10d2ba336f2e44: Pull complete
11dfda3e01f2b6: Pull complete
12a49f12444284: Pull complete
13b12991d094a3: Pull complete
14Digest: sha256:97fec7626949e70385c1bb451626967f9109e90fbe0e69947e18623b87c1c517
15Status: Downloaded newer image for docker.io/uzyexe/nmap:latest
16[root@localhost ~]# - 使用容器
该容器的镜像直接运行,容器后面直接跟随选项即可,更多使用功能可以查看官网
1[root@localhost ~]# docker run --rm uzyexe/nmap -O 172.17.0.2
2
3Starting Nmap 7.60 ( https://nmap.org ) at 2019-06-26 02:42 GMT
4Nmap scan report for 172.17.0.2
5Host is up (0.00034s latency).
6Not shown: 998 closed ports
7PORT STATE SERVICE
880/tcp open http
93306/tcp open mysql
10MAC Address: 02:42:AC:11:00:02 (Unknown)
11Device type: general purpose
12Running: Linux 3.X|4.X
13OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
14OS details: Linux 3.2 - 4.8
15Network Distance: 1 hop
16
17OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
18Nmap done: 1 IP address (1 host up) scanned in 24.13 seconds
19[root@localhost ~]#微信公众号:运维少年