ARL灯塔系统搭建

前言

ARL（Asset Reconnaissance Lighthouse）资产侦查灯塔，是一个良好的资产收集系统，旨在为渗透测试人员以及安全团队基于企业的网络安全能快速查找到指定企业资产中的脆弱点，降低企业被利用及威胁可能性的风险

实验环境

系统：centos7 主机名: localhost ip: 192.168.31.230
为了不影响运行，系统配置至少2核4G

1. docker容器部署虚拟化平台

   安装docker环境依赖

   cd /etc/yum.repos.d/ //进入yum源存放位置
   

   yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo //下载阿里的镜像yum源

   

   yum install docker-ce docker-ce-cli contaninerd.io

   docker-ce-cli 作用是 docker 命令行工具包，containerd.io 作用是容器接口相关包
   

有关kali的docker安装

1.修改更新源:kali命令窗口执行下面命令
  sudo vim /etc/apt/sources.list

#中科大
deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
 
#阿里云
deb http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
deb-src http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
保存 wq后退出

2.添加docker GPG密钥 ,在kali的命令窗口执行
echo 'deb https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/debian/ buster stable' | sudo tee /etc/apt/sources.list.d/docker.list

3.更新源
apt-get update && apt-get upgrade

4.卸载docker(之前的旧版本，如果之前没有安装，就不需要卸载)
apt-get remove docker docker-engine docker.io

5.安装docker
apt install docker-ce docker-ce-cli

6.验证是否安装成功
docker --version

安装docker-compose

安装docker-compose

  ```cd /usr/local/bin/```

  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213092023576-674059759.png)

  ```wget https://github.com/docker/compose/releases/download/1.25.0-rc4/docker-compose-Linux-x86_64 //下载docker-compose```

    ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213092205109-905967626.png)

    这里下载有点慢直接在本机下载完拉进虚拟机
    docker-compose  链接：https://pan.baidu.com/s/1-OMStcRCr79fJY4jiXUGlA?pwd=n1hr 

  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213092639744-1728534556.png)

  `mv docker-compose-Linux-x86_64 docker-compose`

  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213092933541-709564775.png)

  `chmod +x docker-compose `

   ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213093043058-1469080730.png)

  `docker-compose -v`

   ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213093128908-1907166505.png)

  `service docker start`

  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213093216468-329435002.png)


  > centos7配置代理

    vi /etc/profile  //编辑配置文件
    //一般都不需要这一步
    //在该配置文件的最后添加代理配置
    export http_proxy='http://ip:port'    //代理服务器ip地址和端口号
    export https_proxy='http://ip:port'   //代理服务器ip地址和端口号

    // 退出profile文件并保存
    source /etc/profile     // 使配置文件生效

  > 搭建ARL灯塔系统

    1、拖取镜像
          
  `docker pull tophant/arl`
    ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213095523885-346500647.png) 

  拉取镜像成功

  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213095724109-977853460.png)


    2、下载ARL系统docker

  `git clone https://github.com/TophantTechnology/ARL`
  
  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213100134357-1939762875.png)


  `cd /ARL/docker  //此处必须进入看到docker-compose.yml启动文件`
  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213100239158-1907541885.png)

  `docker volume create --name=arl_db`
  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213100545170-1149287480.png)

  `vi docker-compose.yml  //把80端口开放 删掉“5003：80”前面的# 在5003:443前面加#注释`

  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213101841826-735955743.png)


  `docker-compose up -d //启动`
    ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213101010777-1632329994.png)

  `docker-compose ps  //查看docker运行`
    ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213101956843-460566992.png)

 `默认访问端口是 5003   默认用户密码 admin/arlpass`

  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213102222515-1002240019.png)

  ![](https://img2023.cnblogs.com/blog/2913000/202212/2913000-20221213102259901-251844265.png)


    关闭ARL

    docker-compose down