In this article, I will demonstrate how to create a light weight ParrotOS hacking lab with Kasm Workspaces for pentesting purposes.
Kasm Workspaces
Kasm workspaces is a docker streaming platform that lets you run docker containers straight from your web browser. It is very easy to setup, and adding new docker images is even more easier. You can spawn up containers of the installed images/apps with just a click of the button! Additionally, Kasm supports many other features like session sharing, ability to pause your containers, modify the docker configs of individual images, custom branding, progressive web apps (PWA), etc. The community version of Kasm is free to use and we will be using it to create our browser-based hacking lab with ParrotOS.
Check out Kasm: https://kasmweb.com/
Installing Kasm
Kasm works on Linux. You can either install Kasm on a cloud instance (like I did in this article) or on your local machine. In this tutorial, I will install Kasm on my local Ubuntu machine.
Check out the system requirements for installing Kasm workspaces: https://kasmweb.com/docs/latest/install/system_requirements.html
Kasm can be installed in three simple steps,
Step 1. Download Kasm
cd /tmp
curl -O https://kasm-static-content.s3.amazonaws.com/kasm_release_1.13.1.421524.tar.gzStep 2. Extract the tar.gz file
tar -xf kasm_release_1.13.1.421524.tar.gzStep 3. Run the installation script
sudo bash kasm_release/install.shAnd that's it! Kasm Workspaces is now installed on your computer.
Your default Kasm credentials will be printed on your console. You can save them for later use.
Now go to https://127.0.0.1 and you will see the Kasm login page. Simply login with your default credentials.
A more detailed (and official) installation guide can be found here: https://kasmweb.com/docs/latest/install/single_server_install.html
Installing ParrotOS inside Kasm
To install ParrotOS in Kasm, follow these steps:
Step 1. Go to "Workspaces" in your Admin dashboard.
Step 2. Click on "Workspace Registry"
Step 3. Install ParrotOS
It takes 15-20 minutes to download the docker image of ParrotOS. Once it is installed, you can see it listed in your Workspaces tab.
Launch a new session of ParrotOS and you now have yourself a browser-based ParrotOS hacking lab!
Make your hacking lab run as root
We need our container to run as root so that we have root privileges inside the hacking lab.
To do this, go to "Workspaces" in your Admin dashboard, and select "Edit" under ParrotOS.
In the Docker Run config override, add this JSON and save the config:
{
"hostname": "kasm",
"user": "root"
}Now whenever you create a new session of your hacking lab, it spawns up as root user.
Installing additional tools
Since every time you launch a new session of ParrotOS, a brand new container is spawned up, you will loose all the tools that you manually installed in your lab (other than the ones that come pre-installed with ParrotOS). To fix this, you can add the following config to your Docker Exec Config:
{
"first_launch": {
"cmd": "bash -c 'apt install openvpn && apt install someothertool'"
}
}In the above config, we are using "apt install openvpn" command to install openvpn. Similarly, you can use the bash commands of your choice to install the tools that you need. You can also append multiple installation commands with &&
This makes sure that every time you launch a session of ParrotOS, all the tools that you need will be pre-installed.
And that's how you create your own browser-based ParrotOS hacking lab with Kasm workspaces for free of cost!
Make sure to leave a like if you enjoyed reading this post :)