Dockernymous - A Script Used To Practice A Whonix Similar Gateway/Workstation Surroundings Amongst Docker Containers


Dockernymous is a get-go script for Docker that runs together with configures 2 private Linux containers inwards lodge human action equally a anonymisation workstation-gateway laid up.
It's aimed towards experienced Linux/Docker users, safety professionals together with penetration testers!
The gateway container acts equally a Anonymizing Middlebox (see https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy) together with routes ALL traffic from the workstation container through the Tor Network.
The thought was to exercise a whonix-like setup (see https://www.whonix.org) that runs on systems which aren't able to efficiently run 2 hardware virtualized machines or don't convey virtualization capacities at all. 

Requirements:
Host (Linux):
  • docker
  • vncviewer
  • xterm
  • curl
Gateway Image:
  • Linux (e.g. Alpine, Debian )
  • tor
  • procps
  • ncat
  • iptables
Workstation Image:
  • Linux (e.g. Kali)
  • ‎xfce4 or roughly other desktop environs (for vnc access)
  • tightvncserver

Instructions:
1. Host
To clone the dockernymous repository type:
git clone https://github.com/bcapptain/dockernymous.git
Dockernymous needs an upward together with running Docker environs together with a non-default docker network. Let's exercise one:
docker network exercise --driver=bridge --subnet=192.168.0.0/24 docker_internal
2. Gateway (Alpine):
Get a lightweight gateway Image! For illustration Alpine:
docker delineate alpine
Run the image, update the packet list, install iptables & tor:
docker run -it alpine /bin/sh apk add together --update tor iptables iproute2 exit
Feel gratuitous to farther customize the gateway for your needs earlier you lot extit.
To brand this permanent you lot convey to exercise a novel icon from the gateway container nosotros simply laid up. Each fourth dimension you lot run dockernymous a novel container is created from that icon together with disposed on exit:
docker commit [Container ID] my_gateway
Get the container ID past times running:
docker ps -a
3. Workstation (Kali Linux):
Get an icon for the Workstation. For example, Kali Linux for penetration testing:
docker delineate kalilinux/kali-linux-docker
Update together with install the tools you lot would similar to role (see https://www.kali.org/news/kali-linux-metapackages/).
docker run -it kalilinux/kali-linux-docker /bin/bash apt-get update apt-get dist-upgrade apt install kali-linux-top10
Make certain the tightvncserver together with whorl packages are installed which is the illustration alongside close Kali Metapackages.
apt-get install tightvncserver apt-get install curl
Install xfce4 for a minimal graphical Desktop:
$ apt-get install xfce4  $ apt-get construct clean $ exit
As alongside the Gateway, to brand this permanent you lot convey to exercise an icon from that customized container. Each fourth dimension you lot run dockernymous a novel container is created together with disposed on exit.
$ docker commit [Container ID] my_workstation
Get the container ID past times running:
$ docker ps -a
4. Run dockernymous In illustration you lot changed the names for the images to something dissimilar (defaults are: "docker_internal" (network), "my_gateway" (gateway), "my_workstation" (you justice it)) opened upward dockernymous.sh alongside your favorite editor together with update the actual names inwards the configuration section.
Everything should last prepare past times now, let's laissez passer on it a try! Run Dockernymus (don't forget to 'cd' into the cloned folder):
bash dockernymous.sh
or grade it executable once:
chmod +x dockernymous.sh 
together with e'er run it with:
./dockernymous.sh
I'm happy for feedback. Please retrieve that dockernymous is even together with hence nether development. The script is pretty messy, yet together with hence consider it equally a alpha phased projection (no versioning yet).