docker/README.md
This folder contains files related to running Metasploit inside Docker.
To run msfconsole
./docker/bin/msfconsole
or
docker-compose build
docker-compose run --rm --service-ports -e MSF_UID=$(id -u) -e MSF_GID=$(id -g) ms
To run msfvenom
./docker/bin/msfvenom
or
docker-compose build
docker-compose run --rm --no-deps -e MSF_UID=$(id -u) -e MSF_GID=$(id -g) ms ./msfvenom
You can pass any command line arguments to the binstubs or the docker-compose command and they will be passed to msfconsole or msfvenom. If you need to rebuild an image (for example when the Gemfile changes) you need to build the docker image using docker-compose build or supply the --rebuild parameter to the binstubs.
By default we expose port 4444.
If you want to expose more ports, or have LHOST prepopulated with a specific
value; you'll need to setup a local docker-compose override for this.
Create docker-compose.local.override.yml with:
version: '3'
services:
ms:
environment:
# example of setting LHOST
LHOST: 10.0.8.2
# example of adding more ports
ports:
- 8080:8080
Make sure you set LHOST to valid hostname that resolves to your host machine.
Now you need to set the COMPOSE_FILE environment variable to load your local
override.
echo "COMPOSE_FILE=./docker-compose.yml:./docker-compose.override.yml:./docker-compose.local.override.yml" >> .env
Now you should be able to get reverse shells working