无须更换源,安装docker-compose
apt install docker.io
docker -v
docker-compose #提示没有,输入y安装
mkdir -p /etc/docker
vi /etc/docker/daemon.json #更换dockerhub国内源
┌──(root㉿kali)-[/home/kali/vulhub-master/tomcat/CVE-2017-12615]
└─# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://5j2dr5y5.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=cgroupfs"],
"live-restore": true,
"log-driver":"json-file",
"log-opts": {"max-size":"500m", "max-file":"3"},
"storage-driver": "overlay2"
}
git clone https://github.com/vulhub/vulhub.git #失败的话需要在宿主机下载zip传入虚拟机┌──(root㉿kali)-[/home/kali/vulhub-master]
└─# pwd
/home/kali/vulhub-master
┌──(root㉿kali)-[/home/kali/vulhub-master] #vulhub内包含多个漏洞,供信息安全工程师学习
└─# ls
LICENSE base django ffmpeg gogs jetty magento nginx phpmyadmin saltstack thinkphp yapi
*******vulhub操作使用
以tomcat上传漏洞为例,进入漏洞所在目录,每个漏洞都会有一个环境启动文件,用docker-compose启动与停止。
构造环境(创建容器) docker-compose up -d
删除环境(删除容器) docker-compose down
┌──(root㉿kali)-[/home/kali/vulhub-master/tomcat/CVE-2017-12615]
└─# pwd
/home/kali/vulhub-master/tomcat/CVE-2017-12615
┌──(root㉿kali)-[/home/kali/vulhub-master/tomcat/CVE-2017-12615]
└─# docker-compose up -d
Creating network "cve-2017-12615_default" with the default driver
Building tomcat
Sending build context to Docker daemon 26.11kB
Step 1/3 : FROM vulhub/tomcat:8.5.19
******
┌──(root?kali)-[/home/kali/vulhub-master/tomcat/CVE-2017-12615]
└─# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1f3eaeb337bd cve-2017-12615_tomcat "catalina.sh run" 6 seconds ago Up 4 seconds 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp cve-2017-12615_tomcat_1 
测试结束记得删除环境 docker-compose down
┌──(root㉿kali)-[/home/kali/vulhub-master/tomcat/CVE-2017-12615]
└─# docker-compose down
Stopping cve-2017-12615_tomcat_1 ... done
Removing cve-2017-12615_tomcat_1 ... done
Removing network cve-2017-12615_default
┌──(root㉿kali)-[/home/kali/vulhub-master/tomcat/CVE-2017-12615]
└─# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES参考文档: