Skip to content

Instantly share code, notes, and snippets.

@jo-makar
Last active January 23, 2023 06:59
Show Gist options
  • Save jo-makar/122ee12779d1a7eeed3d23628ae64dc0 to your computer and use it in GitHub Desktop.
Save jo-makar/122ee12779d1a7eeed3d23628ae64dc0 to your computer and use it in GitHub Desktop.
Metasploit framework as a docker container including persistent database storage
FROM debian:10
RUN apt-get update && \
apt-get install -y curl gnupg2 nmap postgresql postgresql-client
# Ref: https://docs.rapid7.com/metasploit/installing-the-metasploit-framework/#installing-the-metasploit-framework-on-linux
RUN cd /root && curl -o msfinstall https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb && chmod +x msfinstall
RUN cd /root && ./msfinstall
# Ref: https://www.offensive-security.com/metasploit-unleashed/using-databases/
RUN /etc/init.d/postgresql start; \
su - -c 'msfdb --component database --use-defaults init' postgres; \
su - -c 'msfdb --component database stop' postgres; /etc/init.d/postgresql stop
VOLUME /var/lib/postgresql
# Support vi-mode key bindings
RUN /opt/metasploit-framework/embedded/bin/gem install readline
RUN cd /opt/metasploit-framework/embedded/framework && mv Gemfile Gemfile.orig && \
awk "{print \$0} /^gem 'sqlite3'/ {print \"gem 'readline'\"}" Gemfile.orig >Gemfile && \
diff Gemfile.orig Gemfile; true
RUN echo set editing-mode vi >/root/.inputrc
CMD /etc/init.d/postgresql start; su - -c 'msfdb --component database start' postgres; \
msfconsole -L -y /var/lib/postgresql/.msf4/database.yml; \
su - -c 'msfdb --component database stop' postgres; /etc/init.d/postgresql stop
docker build -t metasploit:$(date +%Y%m%d) .
docker volume create metasploit-postgresql
docker run -it -v metasploit-postgresql:/var/lib/postgresql metasploit:<date>
docker exec -it $(docker ps -f ancestor=metasploit:<date> -q) bash
docker ps -f status=exited -f status=dead [-f ancestor=metasploit:<date>] -q | xargs -r docker rm -v
https://docs.docker.com/storage/volumes/#backup-a-container
https://docs.docker.com/storage/volumes/#restore-container-from-backup
https://www.offensive-security.com/metasploit-unleashed/using-databases/
notably db_{export,import} for backup and restore
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment