Preface
From time to time I realize that certain tasks that are trivial for me are not necessarily easy for others, especially if they are just getting started with IT security stuff.
As I am going to be a Facilitator at SANS Munich 2015 on SEC 401, plus we have a few people at work who are just dipping their toe into the wonderful world of Kali Linux, it seemed like a good opportunity to make a short getting started / installation guide on the Kali VMWare VMs that you can download and quickly get started.
On top of that, when I check the statistics of the blog, I always see that the most popular posts are the detailed howtos and tutorials and I assume that it is because there is a need for this kind of posts too, so here it goes! :)
Step -1: Check in your BIOS/UEFI if virtualization is enabled
We are going to use virtualization, so it would be nice to enable it, right?In BIOS/UEFI menus this is somewhere around "Security" and/or "Virtualization" and it is something like "Intel (R) Virtualization Technology" and "Intel (R) VT-d Feature" that needs to be set to "Enabled".
Step 0: Install VMWare Player or VMWare Workstation
The Kali Linux VMs are VMWare-based, so you need to install VMWare Player (free), VMWare Workstation (paid) or VMWare Fusion (paid, for OS-X).
The more desirable choice is to use VMWare Workstation or VMWare Fusion, as they have a Snapshot feature, while with VMWare Player, you are forced to take a full copy in order to have a sort of rollback feature.
Step 1: Download Kali VM
We need to download the Kali VMs from the "Custom Kali Images" download site, where you can find a 64 bit (amd64) and a 32 bit PAE (i686) too.
There are also Torrent files for the images and based on experience, using Torrent is much more faster and reliable than the HTTP download, so if you can, use that!
Once you have downloaded the VMs, do not forget to check their SHA1 hash!!! On Linux, you can simply use the sha1sum command at a terminal. For Windows, you can use something like the MD5 & SHA Checksum Utility.
Step 2: Change Kali VM default root password
The Kali VM comes with a preset root password, which is "toor" (without the quotes), therefore, it has to be changed.
Here is how you do it:
root@kali:~# passwd
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Step 3: Change Kali VM default SSH keys
The Kali VM also comes with SSH preinstalled, so we need to change the SSH keys to avoid SSH MiTM attacks.
Here is how you do it:
root@kali:~# cd /etc/ssh/
root@kali:/etc/ssh# mkdir default_kali_keys
root@kali:/etc/ssh# mv ssh_host_* default_kali_keys/
root@kali:/etc/ssh# dpkg-reconfigure openssh-server
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
insserv: warning: current start runlevel(s) (empty) of script `ssh' overrides LSB defaults (2 3 4 5).
insserv: warning: current stop runlevel(s) (2 3 4 5) of script `ssh' overrides LSB defaults (empty).
Now we can check if the keys are really changed:
root@kali:/etc/ssh# md5sum /etc/ssh/*key*
md5sum: /etc/ssh/default_kali_keys: Is a directory
6abe210732068fa7ca95854c3078dba5 /etc/ssh/ssh_host_dsa_key
1b5f3c1a1b5c48cc3cce31b116e8b6f8 /etc/ssh/ssh_host_dsa_key.pub
8f0f60855e5ab8cac8103d64faab090f /etc/ssh/ssh_host_ecdsa_key
aace49ae9236815c9a1672f8ecb2b1e2 /etc/ssh/ssh_host_ecdsa_key.pub
cf861a9f743fb4584ab246024465ddf1 /etc/ssh/ssh_host_rsa_key
d5d65d8ad023a6cb1418ae05007bc6d3 /etc/ssh/ssh_host_rsa_key.pub
root@kali:/etc/ssh# md5sum /etc/ssh/default_kali_keys/*key*
c8d5b82320a4ddde59d0e2b6d9aad42a /etc/ssh/default_kali_keys/ssh_host_dsa_key
6b12ddecd463677cde8097e23d0f219a /etc/ssh/default_kali_keys/ssh_host_dsa_key.pub
fecf056571a3dfbf3635fc2c50bf23c5 /etc/ssh/default_kali_keys/ssh_host_ecdsa_key
e44b7c50635de42e89b3297414f5047d /etc/ssh/default_kali_keys/ssh_host_ecdsa_key.pub
e9e0267484e020878e00a9360b77d845 /etc/ssh/default_kali_keys/ssh_host_rsa_key
ceee93d7bbc9f9b9706e18f23d4e81f1 /etc/ssh/default_kali_keys/ssh_host_rsa_key.pub
Step 4: Update Kali VM
Next you need to update your Kali VM so that everything is patched.
Here is how you do it:
root@kali:~# apt-get update
Get 1 http://http.kali.org kali Release.gpg [836 B]
Get:2 http://security.kali.org kali/updates Release.gpg [836 B]
********************************* SNIP *********************************
Fetched 16.7 MB in 14s (1,190 kB/s)
Reading package lists... Done
root@kali:~# apt-get upgrade
eading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
********************************* SNIP *********************************
The following packages will be upgraded:
********************************* SNIP *********************************
241 upgraded, 0 newly installed, 0 to remove and 16 not upgraded.
Need to get 740 MB of archives.
After this operation, 130 MB disk space will be freed.
Do you want to continue [Y/n]? Y
Get:1 http://security.kali.org/kali-security/ kali/updates/main libc6-i386 amd64 2.13-38+deb7u7 [4,044 kB]
Get:2 http://http.kali.org/kali/ kali/main base-files amd64 1:1.1.0 [77.5 kB]
********************************* SNIP *********************************
root@kali:~#
Step 5: Create a Snapshot/Copy the VM
Once you are done with all the above, you can make a Snapshot in case of VMWare Workstation or copy the files of the VM in case of VMWare Player, so that you can roll back to this clean stat in case you misconfigure something.
Hope this was helpful. Happy hacking!
Hope this was helpful. Happy hacking!
Read more
- Hacking Tools 2019
- Hacking Tools Hardware
- Hack Tool Apk
- Underground Hacker Sites
- Hacker Tools Mac
- Hacking Tools
- Pentest Tools Subdomain
- New Hacker Tools
- What Are Hacking Tools
- Usb Pentest Tools
- What Is Hacking Tools
- Free Pentest Tools For Windows
- Pentest Tools List
- Hackrf Tools
- Hack Apps
- Pentest Tools Website Vulnerability
- Hack Tools
- Nsa Hacker Tools
- Hacking Tools For Pc
- How To Make Hacking Tools
- Pentest Tools Bluekeep
- Kik Hack Tools
- Hacking Tools 2020
- Hacker Security Tools
- Hacking Tools Download
- Pentest Tools Tcp Port Scanner
- Hacking Tools For Kali Linux
- Ethical Hacker Tools
- Hack Tools For Windows
- Pentest Tools Alternative
- Hacker
- Kik Hack Tools
- Pentest Tools Tcp Port Scanner
- Hacking Tools Windows 10
- Pentest Tools Alternative
- Usb Pentest Tools
- Pentest Tools Website Vulnerability
- Hacker Techniques Tools And Incident Handling
- Pentest Tools Find Subdomains
- Growth Hacker Tools
- Hacking Apps
- Pentest Tools Windows
- Hacking Tools For Windows 7
- Pentest Tools For Windows
- Pentest Tools Port Scanner
- Hack Tools Download
- Hacker Tools 2019
- Hacking Tools Software
- Pentest Tools List
- Hacking Tools Pc
- Github Hacking Tools
- Hacking App
- Tools Used For Hacking
- Hacking Tools For Games
- Tools For Hacker
- Pentest Tools For Android
- Ethical Hacker Tools
- Bluetooth Hacking Tools Kali
- World No 1 Hacker Software
- Hacking Tools For Kali Linux
- Hacking Tools For Windows Free Download
- Pentest Tools Linux
- Hack Rom Tools
- Hacking Tools Pc
- Pentest Tools Bluekeep
- Hacker Tools List
- Pentest Tools
- Hacking Tools Free Download
- Pentest Tools Github
- Hacker Tools List
- Hacker Hardware Tools
- Hack Tools
- Pentest Tools Find Subdomains
- Hacking Tools For Windows 7
- Hack Tools For Ubuntu
- Pentest Tools For Mac
- Hacking Tools For Mac
- How To Hack
- Hacker Tools 2019
- Pentest Tools Review
- Pentest Tools Website
- Hacking Tools Kit
- Hacker Tools Hardware
- Hacking Tools Windows 10
- Hacker Tools Hardware
- Hack Tool Apk
- Computer Hacker
- Hacker Tools For Ios
- Hacker Tools Apk
- Tools Used For Hacking
- Hacking Tools Name
- Pentest Tools Apk
- Hacking Tools Github
- Hack Apps
- Hack Website Online Tool
- Hacking Tools Online
No hay comentarios:
Publicar un comentario