The team behind the popular pentesting Kali Linux distro has released Kaboxer, a tool to help penetration testers use older applications that don’t work on modern operating systems, apps that need to run in isolation, and applications that are hard to package properly.
The team has already “Kaboxed” several apps, including Firefox Developer Edition (as an example of how the tool works for a complex large GUI application) and Zenmap (the official Nmap GUI, as an example of an app that relies on deprecated libraries not available in Kali Linux).
“We hope to start to include more tools into Kali Linux that were previously not packable, and have you not realize that you are using them via Kaboxer,” the team noted.
Kaboxer, which is short for “Kali Applications Boxer,” packages apps in Docker containers.
The team chose to start with Docker because it’s widely used and benefits from a large ecosystem of images, but might add support for other containerization solutions at a later date.
“Docker containers can be configured in many ways to achieve the various integrations that we need with the host system or even between multiple containers. The value of Kaboxer is in how it makes it easy to tie together Docker containers with the host system, through the usual docker features such as mount points and port redirections, but also through integration with desktop menu entries,” they also pointed out.
“The idea of Kaboxer is to prepare ready-to-run application images, make them available online in a Docker registry and then let users fetch those images and start/stop containers to run the applications. All those steps are handled with the Kaboxer command line tool.”
A step-by-step guide on how to package applications with Kaboxer is available here.
Aside from benefiting Kali Linux users, Kaboxer is also a game changer for the Kali development team, and can be a boon for tool authors who wan their software included in Kali and other Debian packagers (Kaboxed applications can be made available in other Debian-based systems, as well).
The only downside to using Kaboxer is that the containerized apps are larger than they generally are.
“While the installed package will be small, its installation will download the required container which will consume up to several hundreds of megabytes even for a simple application,” the team explained, and noted that for this reason, kaboxed apps won’t be included in Kali’s default installation.