Note: This is updated version of my previous blog, which goes by the similar title.
I wanted to use pentesting tools provided in Kali-Linux. I use a Fedora machine as my primary desktop, I can install some of those tools locally, but then I wanted to keep these things separate. So I use Kali Linux in a VM. It was all good, until the point when I was not able to run wireless pentesting tools from VM.
This is because VM does not get direct access to the host’s wifi card. The way it works VMs get connected to a bridge setup by your hypervisor via ethernet interface. So VM never deals with how the host is connected to outside world, be it wired or wireless connection.
The VM can get a wireless interface using USB connected wifi device. But then you need to have one to utilize it. To get around this problem, and use your host machine’s interface, we can use containers. Containers give you isolation similar to VM(not exactly) and since container is again a process mapped onto your operating system it has access to everything on your machine(if run in privileged
mode) and container can also see the host’s network stack if run with specific flag(--net="host"
).
So lets get started
Install docker for your system:
- For Fedora instructions.
- For CentOS instructions.
- For Ubuntu instructions.
- For Debian instructions.
- Others locate your OS here.
Create Dockerfile which looks like this:
$ cat Dockerfile FROM kalilinux/kali-linux-docker RUN apt-get -y update && \ apt-get -y upgrade && \ apt-get install -y aircrack-ng pciutils
Here we are using official kali-linux docker image, then installing tools required.
Create a docker image using above Dockerfile
$ docker build -t mykali .
Now that you have all the bits required to get started, spin up the container:
$ docker run -it --net="host" --privileged --name aircrack mykali bash root@user:/#
Once inside the container, identify your wireless interface:
# ip a [SNIP] 3: wlp9s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 40:f0:2f:57:3d:37 brd ff:ff:ff:ff:ff:ff inet 10.9.68.109/23 brd 10.9.69.255 scope global dynamic wlp9s0 valid_lft 1373sec preferred_lft 1373sec inet6 fe80::bf7e:dc5d:337:131c/64 scope link valid_lft forever preferred_lft forever [SNIP]
On my machine it is wlp9s0
.
Enable monitor mode on that wireless interface.
# airmon-ng start wlp9s0 Your kernel supports rfkill but you don't have rfkill installed. To ensure devices are unblocked you must install rfkill. PHY Interface Driver Chipset phy0 wlp9s0 ?????? Qualcomm Atheros AR9485 Wireless Network Adapter (rev 01) (mac80211 monitor mode vif enabled for [phy0]wlp9s0 on [phy0]wlp9s0mon) (mac80211 station mode vif disabled for [phy0]wlp9s0)
Observe the new interface created wlp9s0mon
# ip a [SNIP] 9: wlp9s0mon: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UNKNOWN group default qlen 1000 link/ieee802.11/radiotap 40:f0:2f:57:3d:37 brd ff:ff:ff:ff:ff:ff
Start capturing raw 802.11 frames on the newly created interface running on monitor mode:
# airodump-ng wlp9s0mon
Let this process continue to run here.
Start another terminal window, we need another bash instance in container
$ docker exec -it aircrack bash root@dhcp35-70:/#
Now that you have everything setup, start doing stuff here, in this terminal window. If you wanted more softwares in the container, edit Dockerfile above and create image accordingly.
To stop the monitoring mode:
# airmon-ng stop wlp9s0mon Your kernel supports rfkill but you don't have rfkill installed. To ensure devices are unblocked you must install rfkill. PHY Interface Driver Chipset phy0 wlp9s0mon ?????? Qualcomm Atheros AR9485 Wireless Network Adapter (rev 01) (mac80211 station mode vif enabled on [phy0]wlp9s0) (mac80211 monitor mode vif disabled for [phy0]wlp9s0mon)
And, finally, since wireless interface was put to monitoring mode we should stop monitoring before we exit continer. Doing this is important because the Guest OS will not get access to wireless card unless monitoring process by Docker container is not stopped. Now the interface wlp9s0
has appeared back, because airmon-ng was stopped.
# ip a [SNIP] 8: wlp9s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 40:f0:2f:57:3d:37 brd ff:ff:ff:ff:ff:ff inet 10.9.68.109/23 brd 10.9.69.255 scope global dynamic wlp9s0 valid_lft 3581sec preferred_lft 3581sec inet6 fe80::bf7e:dc5d:337:131c/64 scope link valid_lft forever preferred_lft forever
Please comment if any doubts.
‘docker build -t mykali . ‘ fails with the following message
/bin/sh: 1 : yum : not found
Just to let you know I am trying to create kali inage using instructions in this blog. My host machine is windows 7 enterprise, My guest is centos 7 running in wmware workstation 12. I changed apt-get to yum.
Please let me know is it possible to create an image inside a vm and then move it outside of the centos 7 vm as an independent vm?
sorry for strange questions . I’m very new to linux and to dockers (especially)
Many thanks
Sam
LikeLike
Thanks for taking time, first thing: you need to have a host machine running linux be it any. And then you run docker on the host machine. Then the docker image we are creating is debian based so you have to keep it apt-get.
I think this helps.
LikeLike
Thank you so much for the information. I was just wondering if there is any way to convert the docker created image to an iso file…
Anyway thankyou so much for posting such a great article. Really learned a lot for it.
Be blessed
Sam
LikeLiked by 1 person
When i run the container my adapters are not listed.Neither ethernet nor Wifi. I’m running kali 2.0 on vmware 12 pro. ( and also i cant see wifi option in kali )
LikeLike
You will have to have a Linux running on real hardware, having kali in virtualized environment won’t help. If you are running linux distro that is not Kali and want to use Kali tools without polluting your local environment then using containers will help you.
LikeLike
hi
i have a problem with the dockerfile when i type cat dockerfile i got this message
cat: Dockerfile: No such file or directory
i created it but this message appear what can i do ? thanks in advance
LikeLike
You will need to create a file named as
Dockerfile
, I didcat
just to show the contents of the file.LikeLike
i have aprob;em in Docker file when i type cat docker
this message appears
cat: Dockerfile: No such file or directory
LikeLike
I’ve followed this and tried a bunch of different methods. However, I still get this error after trying to do anything with the airmon-ng commands: ls: cannot access ‘/sys/class/ieee80211/’: No such file or directory
It’s acting like my container cannot access my wifi interface on my card. I’m running docker on a mac powerbook. Can you give me a pointer about what I am missing? Thanks
LikeLike
I’m trying to get aircrack to work but am having an issue trying to connect directly to the wireless interface on my NIC on my powerbook. I’ve followed both of your tutorials and something just isn’t right and I can’t pinpoint what it is. I’ve gotten plenty of other apps within Kali Linux to run, but am having the issue trying to get this connected so that I can run apps that require access to the wireless interface. I get this error when I do anything with airmon-ng : ls: cannot access ‘/sys/class/ieee80211/’: No such file or directory
Any pointers would be appreciated.
LikeLike
macOS does not again support containers natively, the docker environment you get on the macOS is again run in a virtual machine running very minimalistic linux OS that can run docker. So again for this to work you need to have a any linux as natively installed operating system.
LikeLiked by 1 person
Thanks for the guide! But please, put this notice right on the top. Us having only a toyOS at hand will waste a lot of time until we finally get to this comment 😀
LikeLiked by 1 person
Hello. I have been looking for an article like this for a while. I followed everything, but when I try to do anything with airmon-ng I get:
‘ls: cannot access ‘/sys/class/ieee80211/’: No such file or directory’
the driver from my host machine is not being transferred to the container, I think. I have been trying to get this set up for months and was disappointed when I was this close. Can you please give any help. I appreciate it. Thanks.
LikeLike
Hey John, can you tell me what OS on host are you running(just post result of uname -a) and what is version of docker you are using?
LikeLike
OS X. I did some research and I believe it is a result of OS X not supporting containers so docker runs in its own VM. The only solution I came up with is using the deprecated way to run docker (boot2docker) in which I could attach things to the VM via virtualbox. Do you know of any way to interact with the Docker VM? I actually own a USB wifi driver to but can’t figure out how to use with docker on OS X (access the device in a container on OS X). I know you can use it with virtualbox but I prefer Docker over virtualbox . I am using Docker version 1.12.3, build 6b644ec. Thanks!
LikeLike
There is no way to follow above steps on OS X, you need a machine with base OS as a Linux running actual Linux kernel. Docker for OS X runs in a VM.
I am not sure how to access the Docker VM from outside. If you really wanna use docker just create a VM based on any modern Linux distro and install docker in it. Then you can give access of your USB wifi device to that VM and from there do things.
The VM which runs docker for OS X is optimised one and it has minimal Linux Kernel and some stuff to run docker daemon. I don’t think you can do everything you want on that VM.
LikeLike
i wanna know if that could work on a virtual machine in android phone?? i have kali linux on my samsung grand prime and am trying to access wlan cause it doesn’t show inside the VNC viewer..if i can’t use this method do u know if an external wlan could work and be read on the emulated kali linux.
thanks for u thread.
LikeLike
First thing I have never run VM on an android device, I don’t know if that is possible, if yes please also tell me how did you achieve that. And then need to see how host’s wifi card is exposed inside the VM.
Currently all virtualization solutions expose external hardware on host be it ethernet or wifi, internally as ethernet only. So your VM has no direct access to wifi on host as wifi.
LikeLike
where actually tu run the docker ? im running kali on virtual box . my main os was windows
LikeLike
this blog won’t help you in that case, it was mainly if your base operating system was linux!
LikeLike
Great tutorial Surajd!
LikeLiked by 1 person
The thing is if my host machine was running a linux based operating system i would not be using a virtual box to create another linux based system and use penetration testing applications on it (aircrack in my case )??
That is if I am using a windows based system i can never use this method, so it basically drops down to buying a wireless adapter.
LikeLike
‘airmon-ng start xxx’ returns no value. I have followed all the steps correctly.
‘ip a’ shows eth0, eth1, dummy0 and docker0. I tried all but no success.
LikeLike
Are you sure your wifi device is enabled on the host machine?
LikeLike
Hello! Thanks for the great guide! Would this work if after I built the docker image (docker build -t mykali .), I moved the image to an external USB with
and edited /etc/default/docker to read
Could I then cd into the USB drive and spin up the container from within the USB drive?
I am trying to run this container while saving as much space as possible on my internal hard drive.
LikeLike
Yes that could work, follow this user guide here https://forums.docker.com/t/how-do-i-change-the-docker-image-installation-directory/1169
LikeLike
Great, thanks! And I found this guide helpful too https://blog.adriel.co.nz/2018/01/25/change-docker-data-directory-in-debian-jessie/ that was a bit more update
LikeLike
When I get to
airmon-ng start docker0
it only says
PHY Interface Driver Chipset
and airodump doesnt work
LikeLike
when I try to put docker0 in monitoring mode, it doesnt work, all I get is
irmon-ng start docker0
PHY Interface Driver Chipset
and airodump wont work with it
LikeLike