The indisputable reality of the pentesting world is the preeminence of PowerShell, PowerShell has brought windows to a new level never seen before and transformed windows from being the exploited to the world of the exploiter; which has created a minor but still annoying dilemma of what platform to use, or more importantly how to use both platforms simultaneously. Windows has released PowerShell core in Linux, which makes life slightly easier, but there are certain functionalities that can only be done in windows, for different reasons; which leave most pentesters with two or three vms to do their work from, which can be quite cumbersome. This Blog aims to solve that dilemma by proposing a simple solution, to run a docker Kali image in windows. Why not run windows in Kali, because docker windows only works on windows, as such it seems the only viable solution.
The following setup has instructions on how to set up your Kali-Linux rolling environment in Windows. I have created a few PowerShell scripts to speed up the process. Please note this guide does not cover how to install windows. Also, I am assuming there is a basic understanding on how docker works.
What do I need?
* Preferred hypervisor/Virtual Machine Software (VMWare, Virtual Box, etc etc)
* VM with processor virtualization enabled with Windows 10/Windows Server 2019+ installed (Windows server 16 has problems supporting WSL) with VMWare tools or equivalent.
We are going to use windows server 2019 for this setup, in saying that it should work in windows 10.
1. Ensure you have an admin and an user with no privileges on your machine.
2. Log in as the administrator user for the following steps
3. Install WSL/Hyper-V
3.1 In the Configure the Local Server window, click on Add roles and features
3.2 Click Next for the following two screens
3.3 Select the server (as I only have one, simply click Next) and click Next
3.4 Select Hyper-V,
3.5 a pop up opens, click on add features, Click Next
3.6 Scroll down and look for “Windows Subsystem for Linux” tick, and click next
3.7 Click next for the next four screens (select defaults for Hyper-V)
3.8 Tick on Restart the destination server automatically, then Yes on the pop up window
3.9 Click on Install
3.10 Wait for the installation to finish
3.11 Click closed when finished
3.12 To make life easier, install your preferred browser.
4. Install Docker
4.1 Open your prefer browser and go to the official site (https://www.docker.com/products/docker-desktop) and download docker for windows
4.2 Open the docker installer
4.3 Ensure “install Hyper-V services/Enable Hper-V Windows Features” is selected and follow the install instructions
4.4 Restart Docker
4.5 On a PowerShell terminal Check the installation with
docker run -d -p 80:80 docker/getting-started
5. Setup docker permissions
5.1 Ensure your non-admin user is part of the docker-users group as follows:
5.2 To add in PowerShell type:
Add-LocalGroupMember -Group “docker-users” -Member “username”
5.3 To check its been added:
Get-LocalGroupMember -Group “docker-users”
6. Log off the admin account and into the user account
7. Setup Kali
7.1 Start docker
7.2 Clone repo
7.3 open a PowerShell terminal
7.4 navigate to the kali folder and execute
7.5 The installation will take a few hours, please ensure you respond to the prompts as the installation progresses.
8. Install VNCViewer for windows
9. Once the kali build is completed run the docker container by executing:
10. Connect to the VNC server at http://127.0.0.1:5903,
11. Once connected via VNCViewer check kali installation by executing on a terminal and nmap scan of target server
12. To stop the contaner, in PowerShell, in the kali folder execute
13. To update, add features to the image, I would recommend putting the command in the docker file contained within kali\dockerfile_update\ and executing in a PowerShell terminal:
After testing the Kali docker image, you might want to install the docker windows core image, that way you can keep your windows installation clean.
Finally, I would like to thank my good friend Nic for reviewing and helping me with this post.
The purpose of this article is to help Cyber Security Professionals with their legal activities. Please ensure before performing any Security Related activity that you have been given permission by the applications owners.
Any actions and or activities related to the material contained within this Article is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this Article to break the law.
Hope this helps!