Kali Linux,
by default, probably doesn't have everything you need to get you
through day-to-day penetration testing with ease. With a few tips,
tricks, and applications, we can quickly get started using Kali like a
professional white hat.Most
Linux distributions are highly customizable. This makes personalizing
your penetration testing distribution a bit daunting. With just a few
commands, we can automate tasks, install our favorite software, create
additional user accounts, properly configure anonymity software, and
optimize our interactions with terminals. There are just a few things we
can do to improve our interactions with the operating system.
1 - Install Git
Git
is an open-source software version control application. It can be used
for collaboratively sharing and editing code but is commonly referenced
here on Null Byte as the primary tool for copying (or "cloning")
code repositories found on GitHub. Git is a must have tool for
penetration testers looking to expand their toolset beyond what's
available in the default Kali repositories.
Git can be installed using the below apt-get command.
apt-get install git
2 - Configure Bash Aliases
Bash aliases are fantastic for creating customized command line shortcuts. For example, we can reassign the ls command to automatically use our favorite arguments. Below is an example of a normal ls output.
We're getting a much more verbose output. The ls command is now using the -l, -a, -t, -h, and -r arguments automatically. All of these arguments will instruct ls to use the listing (-l) format, list all (-a) files — including hidden files — and print the file sizes in human-readable (-h) formats (e.g., 1K, 234M, 5G).
My alias will also sort the output by modification time (-t), and reverse (-r)
the order of the list so recently modified files appear at the bottom
of the terminal. This collection of arguments is my personal ls preference, but yours may be different.
To create aliases, open the /root/.bash_aliases using nano or your favorite text editor. Add the following line to create an alias.
alias ls='ls --color=always -rthla'
We
can also go a bit further and add more complex functions to the
.bash_aliases file. Below is a simple example of a function designed to
keep Kali fully up to date.
After saving changes made to the .bash_aliases file,
open a new terminal for the changes to take effect. Running the newly
created apt-updater function will invoke a series of apt-get commands that will automatically update and maintain your system. The ampersands (&&) ensure that the function doesn't continue to the following command if a prior command fails.
Many
applications like the Chromium Browser and the Tor Browser should never
be opened or used as a root user. Such applications rely heavily upon
low-level permissions to deliver some degree of security. It might be
beneficial to some users to create a low privileged user account for
such activities.
This concept is covered in greater detail in Takhion's "Lock Down Kali Linux for Safe Desktop Use" article, so make sure to check that out for help.
A
multiplexer is a tiling terminal emulator that allows us to open
several terminal sessions inside one single window. The major benefit to
this is being able to see all of our open terminal sessions at once and
not layer the windows on top of each other. Below is a multiplexer
example.
There are many noteworthy multiplexers. Tilix, as seen in the above screenshot, is an open-source and reliable option. Alternatives include tmux and screen.
Tilix is available in Kali's APT repositories and can be installed using the below command.
apt-get install tilix
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libgtkd-3-0 libphobos2-ldc-shared78 libvted-3-0 tilix-common
Suggested packages:
python-nautilus
The following NEW packages will be installed:
libgtkd-3-0 libphobos2-ldc-shared78 libvted-3-0 tilix tilix-common
0 upgraded, 5 newly installed, 0 to remove and 466 not upgraded.
Need to get 10.7 MB of archives.
After this operation, 49.1 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
5 - Install Your Favorite Hacking Tools
Some
versions of Kali are geared toward minimalist pentester's who prefer
not to have hundreds of hacking tools preinstalled. This means we'll
have to install our favorite tools manually. The types of tools we use
vary based on our skill set and areas of expertise, but below are some
popular hackings tools.
These tools can be installed using the below command.
apt-get install maltego metasploit-framework burpsuite wireshark aircrack-ng hydra nmap beef-xss nikto
Reading package lists... Done
Building dependency tree
Reading state information... Done
hydra is already the newest version (8.6-1kali1).
The following NEW packages will be installed:
beef-xss binfmt-support burpsuite fastjar fonts-droid-fallback fonts-lato
fonts-noto-mono ghostscript gsfonts imagemagick imagemagick-6-common
imagemagick-6.q16 jarwrapper java-wrappers javascript-common libc-ares2
libcupsfilters1 libcupsimage2 libdjvulibre-text libdjvulibre21 libdouble-conversion1
libfftw3-double3 libgmp-dev libgmpxx4ldbl libgs9 libgs9-common libhttp-parser2.8
libijs-0.35 libilmbase23 libjbig2dec0 libjs-jquery libjs-jquery-easing
libjs-jquery-fancybox libjs-jquery-mousewheel libjs-jquery-ui libjs-source-map
libjs-uglify libjxr-tools libjxr0 liblqr-1-0 liblua5.2-0 libmagickcore-6.q16-6
libmagickcore-6.q16-6-extra libmagickwand-6.q16-6 libnetpbm10 libnl-route-3-200
libopenexr23 libpaper-utils libpaper1 libpcre2-16-0 libqt5core5a libqt5dbus5
libqt5gui5 libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5
libqt5multimediawidgets5 libqt5network5 libqt5opengl5 libqt5printsupport5 libqt5svg5
libqt5widgets5 libruby2.5 libsbc1 libsmi2ldbl libspandsp2 libssh-gcrypt-4 libuv1
libwhisker2-perl libwireshark-data libwireshark11 libwiretap8 libwmf0.2-7
libwscodecs2 libwsutil9 libxcb-icccm4 libxcb-image0 libxcb-keysyms1 libxcb-randr0
libxcb-render-util0 libxcb-xinerama0 libxcb-xkb1 libxkbcommon-x11-0 libyaml-0-2
maltego netpbm nikto nodejs nodejs-doc openjdk-8-jre openjdk-8-jre-headless
qt5-gtk-platformtheme qttranslations5-l10n rake ruby ruby-addressable ruby-ansi
ruby-atomic ruby-buftok ruby-celluloid ruby-celluloid-io ruby-daemons
ruby-dataobjects ruby-dataobjects-mysql ruby-dataobjects-postgres
ruby-dataobjects-sqlite3 ruby-dev ruby-did-you-mean ruby-diff-lcs ruby-dm-core
ruby-dm-do-adapter ruby-dm-migrations ruby-dm-serializer ruby-dm-sqlite-adapter
ruby-docile ruby-domain-name ruby-em-websocket ruby-equalizer ruby-erubis
ruby-eventmachine ruby-execjs ruby-faraday ruby-geoip ruby-hitimes ruby-http
ruby-http-cookie ruby-http-form-data ruby-http-parser.rb ruby-json ruby-librex
ruby-libv8 ruby-memoizable ruby-mime-types ruby-mime-types-data ruby-minitest
ruby-mojo-magick ruby-msfrpc-client ruby-msgpack ruby-multi-json ruby-multipart-post
ruby-naught ruby-net-telnet ruby-nio4r ruby-oj ruby-parseconfig ruby-power-assert
ruby-public-suffix ruby-qr4r ruby-rack ruby-rack-protection ruby-ref ruby-rqrcode
ruby-rspec-expectations ruby-rspec-support ruby-rubydns ruby-simple-oauth
ruby-simplecov ruby-simplecov-html ruby-sinatra ruby-sqlite3 ruby-term-ansicolor
ruby-test-unit ruby-therubyracer ruby-thread-safe ruby-tilt ruby-timers ruby-tins
ruby-twitter ruby-uglifier ruby-unf ruby-unf-ext ruby-xmlrpc ruby-zip ruby2.5
ruby2.5-dev ruby2.5-doc rubygems-integration thin wireshark wireshark-common
wireshark-qt zip
The following packages will be upgraded:
aircrack-ng libcups2 libnl-3-200 libnl-genl-3-200 libxkbcommon0 metasploit-framework
nmap nmap-common
8 upgraded, 182 newly installed, 0 to remove and 458 not upgraded.
Need to get 381 MB of archives.
After this operation, 616 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
6 - Install the Latest Version of Tor
Tor
is available in Kali's repositories, but anonymity software should be
acquired directly from the source (torproject.org). Furthermore, Kali's
version of Tor is not reliably maintained or updated. This means we
could be missing critical stability and security updates.
Add the Tor Project repositories to your APT repository list.
Install Tor using the below command, and you're done.
apt-get install tor deb.torproject.org-keyring
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
mixmaster torbrowser-launcher socat tor-arm apparmor-utils obfs4proxy
The following NEW packages will be installed:
deb.torproject.org-keyring
The following packages will be upgraded:
tor
7 - Configure File Sharing with Syncthing
Syncthing, created by Jakob Borg, is a cross-platform,
private, lightweight file-syncing (Dropbox) alternative. As a
penetration tester, transferring keystroke logs, screenshots, webcam
recordings, and sensitive loot files between virtual private servers and local Kali machines can be a frustrating task. Syncthing makes secure file-sharing totally painless.
I've covered the Syncthing installation and configuration in a previous article. Readers should reference that for a detailed step-by-step guide.
Atom
is a free, open-source, feature-rich, and highly customizable text
editor. Its features include the ability to collaboratively share code
in real time, intuitive coding autocompletion, and the ability to install packages which further enhance Atom's versatility. Other noteworthy text editors include Geany and Gedit.
To install Atom, head over to their website and download the latest Debian installer. Next, open a terminal and install the required dependencies using the below apt-get command.
apt-get install gvfs gvfs-common gvfs-daemons gvfs-libs gconf-service gconf2 gconf2-common gvfs-bin psmisc
Reading package lists... Done
Building dependency tree
Reading state information... Done
Correcting dependencies... Done
The following NEW packages will be installed:
gconf-service (3.2.6-4.1)
gconf2 (3.2.6-4.1)
gconf2-common (3.2.6-4.1)
gvfs-bin (1.36.2-1)
libgconf-2-4 (3.2.6-4.1)
psmisc (23.1-1+b1)
The following packages will be upgraded:
gvfs (1.36.1-1 => 1.36.2-1)
gvfs-common (1.36.1-1 => 1.36.2-1)
gvfs-daemons (1.36.1-1 => 1.36.2-1)
gvfs-libs (1.36.1-1 => 1.36.2-1)
4 upgraded, 6 newly installed, 0 to remove and 462 not upgraded.
1 not fully installed or removed.
Need to get 3,317 kB of archives.
After this operation, 8,909 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Finally, use dpkg, a command line package manager, with the install (-i) argument.
dpkg -i ~/Downloads/atom-amd64.deb
(Reading database ... 191882 files and directories currently installed.)
Preparing to unpack atom-amd64.deb ...
Unpacking atom (1.29.0) over (1.29.0) ...
Setting up atom (1.29.0) ...
Processing triggers for desktop-file-utils (0.23-3) ...
Processing triggers for mime-support (3.60) ...
When that's done, Atom will be available in your Applications menu.
The USB Rubber Ducky is the notorious keystroke injection tool. Creating ducky payloads is easy using the DuckToolKit website,
but as a penetration tester, it's unsafe to share client information
with random websites. Uploading payload contents to a third-party
website can be dangerous.
Instead, we can use Git to clone the USB Rubber Ducky repository and encode payloads locally.
Then, change (cd) into the USB-Rubber-Ducky/Encoder/ directory and use the following java command to start encoding ducky payloads without third-party websites.
cd USB-Rubber-Ducky/Encoder/
java -jar encoder.jar -i input_payload.txt -o inject.bin
10 - Change SSH Keys & Default Password
The
default password for every Kali Linux installation is the same (toor)
which makes it very easy to automate attacks. Also, the default SSH keys
can allow an attacker to intercept your communications when you're
controlling something like a Raspberry Pi via SSH.
To
change the SSH keys, first, change into the directory. Doing the below
two commands will reset the SSH keys from the default ones.
cd /etc/ssh/
dpkg-reconfigure openssh-server
rescue-ssh.target is a disabled or a static unit, not starting it.
Now, for your Kali system's password, enter passwd root,
then enter in your new password. Afterward, retype it to confirm. If
you're not logged in as root, you may be asked for your current password
before doing this.
passwd root
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
What's the First Thing You Do After Installing Kali?
We
all have varying degrees of interests, skill sets, and levels of
experience. Which makes compiling a well-rounded list of
post-installation steps tricky. Did I miss any critical steps? How do
you personalize and customize new Kali installations? Be sure to leave a
comment below.
Comments