Solution de erdnaxe pour Docker et Netcat

intro misc

16 juin 2024

Installation de Docker sur Kali Linux

Nous allons suivre les instructions officielles disponibles ici mais en adaptant le nom de la distribution. Docker est officiellement distribué au format DEB pour Debian et Ubuntu. Parce que Kali Linux Rolling est basé sur Debian, il faut adapter l’adresse du dépôt pour pointer la dernière version de Debian stable (ici bookworm).

On commence par ouvrir un émulateur de terminal.

Kali Linux start menu

Une fois le terminal accessible, commençons par mettre à jour la liste des paquets de la distribution :

┌──(kali㉿kali)-[~]
└─$ sudo apt update
[sudo] password for kali:
Get:1 http://kali.download/kali kali-rolling InRelease [41.5 kB]
Get:2 http://kali.download/kali kali-rolling/main amd64 Packages [19.9 MB]
Get:3 http://kali.download/kali kali-rolling/main amd64 Contents (deb) [47.3 MB]
Get:4 http://kali.download/kali kali-rolling/contrib amd64 Packages [114 kB]
Get:5 http://kali.download/kali kali-rolling/contrib amd64 Contents (deb) [270 kB]
Get:6 http://kali.download/kali kali-rolling/non-free amd64 Packages [192 kB]
Get:7 http://kali.download/kali kali-rolling/non-free amd64 Contents (deb) [862 kB]
Get:8 http://kali.download/kali kali-rolling/non-free-firmware amd64 Packages [33.1 kB]
Get:9 http://kali.download/kali kali-rolling/non-free-firmware amd64 Contents (deb) [16.9 kB]
Fetched 68.7 MB in 29s (2,333 kB/s)
261 packages can be upgraded. Run 'apt list --upgradable' to see them.

┌──(kali㉿kali)-[~]
└─$

Après avoir tapé son mot de passe (commande sudo), l’outil apt met à jour la liste des dépendances et nous indique que 261 mises à jour sont disponibles. Nous pouvons donc lancer un sudo apt upgrade pour appliquer ces mises à jour avant de continuer.

Une fois le système à jour, nous vérifions que les certificats HTTPS et l’outil curl sont bien présents :

┌──(kali㉿kali)-[~]
└─$ sudo apt install ca-certificates curl
ca-certificates is already the newest version (20240203).
curl is already the newest version (8.7.1-5).
curl set to manually installed.
Summary:
  Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0

┌──(kali㉿kali)-[~]
└─$

Nous ajoutons ensuite les clés de signature de Docker. Ces clés permettent de vérifier l’authenticité des sources de paquets provenant de docker.com.

┌──(kali㉿kali)-[~]
└─$ sudo install -m 0755 -d /etc/apt/keyrings

┌──(kali㉿kali)-[~]
└─$ sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc

┌──(kali㉿kali)-[~]
└─$ sudo chmod a+r /etc/apt/keyrings/docker.asc

Nous pouvons enfin ajouter la source de paquets officielle de Docker. Attention ! Il faut pointer Debian Stable (en 2024 nous sommes à bookworm).

┌──(kali㉿kali)-[~]
└─$ echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian bookworm stable" | \
      sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

┌──(kali㉿kali)-[~]
└─$ sudo apt update
Get:2 https://download.docker.com/linux/debian bookworm InRelease [43.3 kB]
Get:1 http://ftp.free.fr/pub/kali kali-rolling InRelease [41.5 kB]
Get:3 https://download.docker.com/linux/debian bookworm/stable amd64 Packages [24.3 kB]
Get:4 https://download.docker.com/linux/debian bookworm/stable amd64 Contents (deb) [1,340 B]
Get:5 http://ftp.free.fr/pub/kali kali-rolling/main amd64 Packages [19.9 MB]
Get:6 http://ftp.free.fr/pub/kali kali-rolling/main amd64 Contents (deb) [47.3 MB]
Get:7 http://ftp.free.fr/pub/kali kali-rolling/contrib amd64 Packages [115 kB]
Get:8 http://ftp.free.fr/pub/kali kali-rolling/contrib amd64 Contents (deb) [271 kB]
Fetched 67.7 MB in 43s (1,581 kB/s)
0 packages can be upgraded.

Installons maintenant Docker :

┌──(kali㉿kali)-[~]
└─$ sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Installing:
  containerd.io docker-buildx-plugin docker-ce docker-ce-cli docker-compose-plugin

Installing dependencies:
  docker-ce-rootless-extras libslirp0 pigz slirp4netns

Suggested packages:
  aufs-tools cgroupfs-mount | cgroup-lite

Summary:
  Upgrading: 0, Installing: 9, Removing: 0, Not Upgrading: 263
  Download size: 121 MB
  Space needed: 434 MB / 64.7 GB available

Continue? [Y/n] Y
Get:1 https://download.docker.com/linux/debian bookworm/stable amd64 containerd.io amd64 1.6.33-1 [30.0 MB]
Get:2 http://archive-4.kali.org/kali kali-rolling/main amd64 pigz amd64 2.8-1 [62.7 kB]
Get:3 http://http.kali.org/kali kali-rolling/main amd64 libslirp0 amd64 4.7.0-1+b1 [64.0 kB]
Get:4 http://http.kali.org/kali kali-rolling/main amd64 slirp4netns amd64 1.2.1-1+b1 [38.9 kB]
Get:5 https://download.docker.com/linux/debian bookworm/stable amd64 docker-buildx-plugin amd64 0.14.1-1~debian.12~bookworm [29.6 MB]
Get:6 https://download.docker.com/linux/debian bookworm/stable amd64 docker-ce-cli amd64 5:26.1.4-1~debian.12~bookworm [14.6 MB]
Get:7 https://download.docker.com/linux/debian bookworm/stable amd64 docker-ce amd64 5:26.1.4-1~debian.12~bookworm [25.3 MB]
Get:8 https://download.docker.com/linux/debian bookworm/stable amd64 docker-ce-rootless-extras amd64 5:26.1.4-1~debian.12~bookworm [9,316 kB]
Get:9 https://download.docker.com/linux/debian bookworm/stable amd64 docker-compose-plugin amd64 2.27.1-1~debian.12~bookworm [12.5 MB]
Fetched 121 MB in 50s (2,408 kB/s)
Selecting previously unselected package pigz.
(Reading database ... 391122 files and directories currently installed.)
Preparing to unpack .../0-pigz_2.8-1_amd64.deb ...
Unpacking pigz (2.8-1) ...
Selecting previously unselected package containerd.io.
Preparing to unpack .../1-containerd.io_1.6.33-1_amd64.deb ...
[...]
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /usr/lib/systemd/system/docker.socket.
Processing triggers for libc-bin (2.38-10) ...
Processing triggers for man-db (2.12.1-1) ...
Processing triggers for kali-menu (2023.4.7) ...

┌──(kali㉿kali)-[~]
└─$ sudo docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

┌──(kali㉿kali)-[~]
└─$

Bonus : activation du mode “rootless”

Par défaut le service Docker tourne en tant que root. Cela veut dire qu’un docker-compose.yml malveillant peut escalader en privilèges sur la machine.

Nous suivons les instructions de la documentation officielle pour activer le mode “rootless” (sans root) :

┌──(kali㉿kali)-[~]
└─$ sudo apt install uidmap
Upgrading:
  login passwd

Installing:
  uidmap

Installing dependencies:
  libsubid4

Summary:
  Upgrading: 2, Installing: 2, Removing: 0, Not Upgrading: 0
  Download size: 1,965 kB
  Space needed: 599 kB / 64.2 GB available

Continue? [Y/n] Y
Get:1 http://http.kali.org/kali kali-rolling/main amd64 login amd64 1:4.13+dfsg1-5 [590 kB]
Get:2 http://http.kali.org/kali kali-rolling/main amd64 passwd amd64 1:4.13+dfsg1-5 [974 kB]
Get:3 http://http.kali.org/kali kali-rolling/main amd64 libsubid4 amd64 1:4.13+dfsg1-5 [212 kB]
Get:4 http://http.kali.org/kali kali-rolling/main amd64 uidmap amd64 1:4.13+dfsg1-5 [189 kB]
Fetched 1,965 kB in 1s (1,668 kB/s)
(Reading database ... 391386 files and directories currently installed.)
[...]
Processing triggers for kali-menu (2023.4.7) ...
Processing triggers for libc-bin (2.38-10) ...

┌──(kali㉿kali)-[~]
└─$ dockerd-rootless-setuptool.sh install
[INFO] Creating /home/kali/.config/systemd/user/docker.service
[INFO] starting systemd service docker.service
+ systemctl --user start docker.service
+ sleep 3
+ systemctl --user --no-pager --full status docker.service
● docker.service - Docker Application Container Engine (Rootless)
     Loaded: loaded (/home/kali/.config/systemd/user/docker.service; disabled; preset: enabled)
     Active: active (running) since Sun 2024-06-16 09:25:16 EDT; 3s ago
       Docs: https://docs.docker.com/go/rootless/
[...]
Created symlink /home/kali/.config/systemd/user/default.target.wants/docker.service → /home/kali/.config/systemd/user/docker.service.
[INFO] Installed docker.service successfully.
[INFO] To control docker.service, run: `systemctl --user (start|stop|restart) docker.service`
[INFO] To run docker.service on system startup, run: `sudo loginctl enable-linger kali`

[INFO] Creating CLI context "rootless"
Successfully created context "rootless"
[INFO] Using CLI context "rootless"
Current context is now "rootless"

[INFO] Make sure the following environment variable(s) are set (or add them to ~/.bashrc):
export PATH=/usr/bin:$PATH

[INFO] Some applications may require the following environment variable too:
export DOCKER_HOST=unix:///run/user/1000/docker.sock


┌──(kali㉿kali)-[~]
└─$

Vous devriez maintenant être en mesure de lancer Docker sans utiliser sudo :

┌──(kali㉿kali)-[~]
└─$ docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

┌──(kali㉿kali)-[~]
└─$

Résolution du challenge

Nous suivons les instructions données sous la description de l’épreuve « Docker et Netcat » :

kali

Pour arrêter les conteneurs Docker lancés, il suffit de faire CTRL + C dans la fenêtre de l’émulateur de terminal ayant lancé la commande docker compose up.