On my soul quest to create a fully featured penetration testing Docker container, I came across a few issues.
- Docker doesn't run graphical applications on it's own
- The network proxy won't work unless the
8080
port is exposed - You can't just install Burp Suite with
apt-get install burpsuite
Apart from these issues, there isn't a maintained Burp Suite Community repository in the Docker Hub or on GitHub. I did manage to find a maintained Burp Suite Professional Docker repo on GitHub which I ended up forking.
Setup
To make this Docker container run GUI applications, we can make use of an X Server. On macOS, I used XQuartz which was as simple as running
brew install --cask xquartz
For accepting connections on local host, one setting needs to be changed. In the XQuartz settings, enable XQuartz
> Preferences
> Security
> Allow connections from network clients
.
Now the X Server can be started by running this command:
xhost + 127.0.0.1
Note that you need to run this command from your host terminal, not the XQuartz terminal.
I won't go into covering how to run a local X Server on Windows or Linux, because Google does exist.
Running Burp Suite
From Docker Hub
The prebuilt container can be retrieved from Docker Hub.
docker pull hexcowboy/burpsuite
docker image tag hexcowboy/burpsuite burpsuite
Building the image
First, clone this GitHub repository on your host:
git clone https://github.com/hexcowboy/docker-burp-suite-community.git && cd docker-burp-suite-community
Then, build the Docker image using the following command.
docker build -t burpsuite .
While building the image, the latest JAR (Java ARchive) of Burp Suite Community is pulled from the PortSwigger portal.
Using Burp Suite Community
docker run --rm \
-p 8080:8080 \
burpsuite
This command will run the container, expose port 8080 on the host to port 8080 on the container, and delete the container afterwards. You should see a new window open up in your X Server if you followed the setup instructions above.
Verify that the proxy is working by running the following command on your host:
curl -x http://127.0.0.1:8080 http://example.com
Conclusion
Software can easily be Dockerized. Burp Suite Community could likely take 5+ minutes to install manually, but by pulling a prebuilt Docker image it can take just seconds.
The future of the west is Dockerized.