You're reading from Mastering Kali Linux for Advanced Penetration Testing Secure your network with Kali Linux 2019.1 – the ultimate white hat hackers' toolkit

Product type Paperback

Published in Jan 2019

Publisher Packt

ISBN-13 9781789340563

Length 548 pages

Edition 3rd Edition

Tools

Kali Linux

Concepts

Penetration Testing

Authors (2):

Robert Beggs

Vijay Kumar Velu

View More author details

Organizing Kali Linux

Installation is just the beginning of the setup, as organizing Kali Linux is very important. In this section, we will deep dive into different ways of organizing the HackBox through customization.

Configuring and customizing Kali Linux

Kali is a framework that is used to complete a penetration test. However, the tester should never feel tied to the tools that have been installed by default or by the look and feel of the Kali desktop. By customizing Kali, a tester can increase the security of client data that is being collected and make it easier to do a penetration test.

Common customization made to Kali include the following:

Resetting the root password
Adding a non-root user
Configuring network services and secure communications
Adjusting network proxy settings
Accessing the secure shell
Speeding up Kali operations
Sharing folders with MS Windows
Creating encrypted folders

Resetting the root password

To change a user password, use the following command:

passwd root

You'll then be prompted to enter a new password, as shown in the following screenshot:

Adding a non-root user

Many of the applications provided in Kali must run with root-level privileges in order to function. Root-level privileges do possess a certain amount of risk; for example, mistyping a command or using the wrong command can cause applications to fail or even damage the system being tested. In some cases, it is preferable to test with user-level privileges. In fact, some applications force the use of lower-privilege accounts.

To create a non-root user, you can simply use the adduser command from the Terminal and follow the instructions that appear, as shown in the following screenshot:

Configuring network services and secure communications

The first step to ensure that we are able to access the network is to make sure that it has connectivity to either a wired or wireless network to support updates and communications.

You may need to obtain an IP address through DHCP (Dynamic Host Configuration Protocol) by appending network configuration and adding the Ethernet adapter:

# nano /etc/network/interfaces
iface eth0 inet dhcp

Once the network configuration file is appended, you should be able to bring up the ifup script to automatically assign the IP address as shown in the following screenshot:

In the case of a static IP, you can append the same network configuration file with the following lines and quickly set up a static IP to your Kali Linux:

# nano /etc/network/interfaces
iface eth0 inet static
address <your address>
netmask <subnet mask>
broadcast <broadcast mask>
gateway <default gateway>

# nano /etc/resolv.conf
nameserver <your DNS ip> or <Google DNS (8.8.8.8)>

By default, Kali does not start with the DHCP service enabled. Doing so announces the new IP address to the network, and this may alert administrators about the presence of the tester. For some test cases, this may not be an issue, and it may be advantageous to have certain services start automatically during boot up. This can be achieved by entering the following commands:

update-rc.d networking defaults
/etc/init.d/networking restart

Kali installs with network services that can be started or stopped as required, including DHCP, HTTP, SSH, TFTP, and the VNC server. These services are usually invoked from the command line, however, some are accessible from the Kali menu.

Adjusting network proxy settings

Users located behind an authenticated or unauthenticated proxy connection must modify bash.bashrc and apt.conf. Both files are located in the /etc/ directory.

Edit the bash.bashrc file, as shown in the following screenshot, using a text editor to add the following lines to the bottom of the bash.bashrc file:

export ftp_proxy="ftp://username:password@proxyIP:port"
export http_proxy="http://username:password@proxyIP:port"
export https_proxy="https://username:password@proxyIP:port"
export socks_proxy="https://username:password@proxyIP:port"

Replace proxyIP and port with your proxy IP address and port number respectively, and replace user and password with your authentication username and password. If there's no need to authenticate, write only the part following the @ symbol. Save and close the file.

Accessing the secure shell

To minimize detection by a target network during testing, Kali does not enable any externally listening network services. Some services, such as Secure Shell (SSH), are already installed. However, they must be enabled prior to use.

Kali comes preconfigured with default SSH keys. Before starting the SSH service, it's a good idea to disable the default keys and generate a unique keyset for use.

Move the default SSH keys to a backup folder, and then generate a new SSH keyset using the following command:

dpkg-reconfigure openssh-server

To confirm the SSH service is running, you can verify using the following command (service ssh status) as shown in the following screenshot:

Note that, with the default configuration of SSH, root login will be disabled. If you require access with the root account, you may have to edit /etc/ssh/sshd_config and set PermitRootLogin to yes, save, and then exit. Finally, from any system on the same network, you should be able to access the SSH service and utilize Kali Linux. In this example, we would use PuTTY, which is a free and portable SSH client for windows. Now you should be able to access the Kali Linux from another machine, accept the SSH certificate, and enter your credentials, as shown in the following screenshot:

Speeding up Kali operations

Several tools can be used to optimize and speed up Kali operations:

When using a VM, install the VM's software drive package: Guest Additions (VirtualBox) or VMware Tools (VMware).

We have to ensure that we run apt-get update before the installation.

When creating a VM, select a fixed disk size instead of one that is dynamically allocated. It is faster to add files to a fixed disk, and there is less file fragmentation.
By default, Kali does not show all applications that are present in the start up menu. Each application that is installed during the boot up process slows the system data and may impact memory use and system performance. Install Boot Up Manager (BUM) to disable unnecessary services and applications that are enabled during the boot up (apt-get install bum), as shown in the following screenshot:

Sharing folders with the host operating system

The Kali toolset has the flexibility to share results with applications residing on different operating systems, especially Microsoft Windows. The most effective way to share data is to create a folder that is accessible from the host operating system as well as the Kali Linux VM guest.

When data is placed in a shared folder from either the host or the VM, it is immediately available via the shared folder to all systems that access that shared folder.

To create a shared folder, perform the following steps:

Create a folder on the host operating system. In this example, it will be called kali_Share.
Right-click on the folder and select the Sharing tab. From this menu, select Share.
Ensure that the file is shared with Everyone, and that Permission Level for this share is set to Read / Write.
If you haven't already done so, install the appropriate tools onto Kali Linux. For example, when using VMware, install the VMware tools.

When the installation is complete, go to the VMware player menu and select Manage and click Virtual Machine Settings. Find the menu that enables Shared Folders and select Always Enabled. Create a path to the shared folder that is present on the host operating system, as shown in the following screenshot:

In the case of Oracle VirtualBox, select the VM and go to the Settings and select Shared Folders, as shown in the following screenshot:

Older versions of VMware player use a different menu.

Run the mount-shared-folders.sh file from the Kali Linux desktop from your VirtualBox. Now the shared folder will be visible in mnt, as shown in the following screenshot:

Everything placed in the folder will be accessible in the folder of the same name on the host operating system and vice versa.

The shared folder, which will contain sensitive data from a penetration test, must be encrypted to protect the client's network and reduce the tester's liability should the data ever be lost or stolen.

Using Bash scripts to customize Kali

Typically, to maintain system and software development, command-line interfaces were developed as multiple shells in Linux, namely sh, bash, csh, tcsh, and ksh.

We can utilize the following Bash scripts to customize the Kali Linux depending upon the goal of our penetration testing: https://github.com/PacktPublishing/Mastering-Kali-Linux-for-Advanced-Penetration-Testing-Third-Edition/blob/master/Chapter%2001/lscript-master.zip.