start
action
This action can be used to start a container. At least one Exegol image is required to create and start a container and enjoy Exegol. Installing an image can be done with exegol install
(documentation
here).
When this action is used, the following process is applied:
if no Exegol image is installed, the user is asked to specify which one to install of build, and the process continues
then, if the container to start doesn’t already exist, it is created based on an Exegol image and a few settings to specify, and the process continues
then, the container is started and a shell is opened
Hint
The start
action can be used without any additional argument or option. the wrapper will then enter in an interactive TUI (Text-based User Interface) mode where the user will be asked to choose a few settings.
exegol start
Options
A single option exist to target an Exegol container. If this container exists, it will be started if it is not already the case and a shell will be spawned to offer an interactive console to the user
Option |
Description |
---|---|
|
Tag used to target an Exegol container |
Many options exist to customize the creation of exegol container.
Tip
The default options of some commands can be changed in the exegol configuration file.
Option |
Description |
---|---|
|
Tag of the exegol image to use to create a new exegol container |
|
The specified host folder will be linked to the /workspace folder in the container. |
|
This option is a shortcut to set the /workspace folder to the user’s current working directory (pwd). |
|
Modifies the permissions of folders and sub-folders shared in your workspace to access the files created within the container using your host user account. (default: Disabled) |
|
Share a new volume between host and exegol (format: –volume /path/on/host/:/path/in/container/). |
|
Share a network port between host and exegol (format: –port [<host_ipv4>:]<host_port>[:<container_port>][:<protocol>]. This configuration will disable the shared network with the host. |
|
Set a custom hostname to the exegol container (default: exegol-<name>) |
|
(dangerous) Capabilities allow to add specific privileges to the container (e.g. need to mount volumes, perform low-level operations on the network, etc). |
|
(dangerous) give extended privileges at the container creation (e.g. needed to mount things, to use wifi or bluetooth) |
|
Add host device(s) at the container creation (example: -d /dev/ttyACM0 -d /dev/bus/usb/). |
|
Disable display sharing to run GUI-based applications. (default: Enabled) |
|
Disable the mount of the shared resources (/opt/my-resources) from the host (/home/dramelac/.exegol/my-resources) (default: Enabled) |
|
Disable the mount of the exegol resources (/opt/resources) from the host (/home/dramelac/Documents/tools/Exegol/exegol-resources) (default: Enabled) |
|
Disable the sharing of the host’s network interfaces with exegol (default: Enabled) |
|
Disable the sharing of the host’s time and timezone configuration with exegol (default: Enabled) |
An additional feature of Exegol is the addition of a VPN tunnel option (OpenVPN). Just provide an ovpn configuration to exegol and the container will take care of starting the tunnel at each startup.
Option |
Description |
---|---|
|
Setup an OpenVPN connection at the container creation (example: –vpn /home/user/vpn/conf.ovpn) |
|
Enter the credentials with a file (first line: username, second line: password) to establish the VPN connection automatically (example: –vpn-auth /home/user/vpn/auth.txt) |
Warning
All the options seen previously are taken into account only for the creation of a new container. It is not possible to modify the configuration of an existing container. These options will be ignored if a container with the same name already exists.
One of the functions of exegol very useful in a professional context is the shell logging. This feature allows the user to record everything that happens in the exegol container (commands typed and responses).
Option |
Description |
---|---|
|
Enable shell logging (commands and outputs) on exegol to /workspace/logs/ (default: Disabled) |
|
Select a shell logging method used to record the session (default: |
|
Enable or disable the automatic compression of log files at the end of the session (default: Enabled) |
Tip
When the -l
/--log
option is enabled during the creation of a new container, all future shells will be automatically logged for this container.
The options specific to the start of the interactive session
Option |
Description |
---|---|
|
And an environment variable on Exegol (format: –env KEY=value). The variables configured during the creation of the container will be persistent in all shells. If the container already exists, the variable will be present only in the current shell. |
|
Select a shell environment to launch at startup (default: zsh) |
Tip
The environment variables configured with --env ENVS
during the creation of a new container will be available to all processes of the container during the entire life cycle of the container.
Command examples
# Start interactively a container
exegol start
# Create a demo container using full image
exegol start demo full
# Spawn a shell from demo container
exegol start demo
# Create a container test with a custom shared workspace
exegol start test full -w "./project/pentest/"
# Create a container test sharing the current working directory
exegol start test full -cwd
# Create a container htb with a VPN
exegol start htb full --vpn "~/vpn/lab_Dramelac.ovpn"
# Create a container app with custom volume
exegol start app full -V "/var/app/:/app/"
# Get a shell based on tmux
exegol start --shell tmux
# Share a specific hardware device (like Proxmark)
exegol start -d "/dev/ttyACM0"
# Share every USB device connected to the host
exegol start -d "/dev/bus/usb/"