What is Kali Linux?

About Kali Linux

Kali Linux (formerly known as BackTrack Linux) is an open-source, Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali Linux contains several hundred tools targeted towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux is a multi platform solution, accessible and freely available to information security professionals and hobbyists.

Kali Linux was released on the 13th March 2013 as a complete, top-to-bottom rebuild of BackTrack Linux, adhering completely to Debian development standards.
Kali Linux Features

    More than 600 penetration testing tools included: After reviewing every tool that was included in BackTrack, we eliminated a great number of tools that either simply did not work or which duplicated other tools that provided the same or similar functionality. Details on whats included are on the Kali Tools site.
    Free (as in beer) and always will be: Kali Linux, like BackTrack, is completely free of charge and always will be. You will never, ever have to pay for Kali Linux.
    Open source Git tree: We are committed to the open source development model and our development tree is available for all to see. All of the source code which goes into Kali Linux is available for anyone who wants to tweak or rebuild packages to suit their specific needs.
    FHS compliant: Kali adheres to the Filesystem Hierarchy Standard, allowing Linux users to easily locate binaries, support files, libraries, etc.
    Wide-ranging wireless device support: A regular sticking point with Linux distributions has been supported for wireless interfaces. We have built Kali Linux to support as many wireless devices as we possibly can, allowing it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices.
    Custom kernel, patched for injection: As penetration testers, the development team often needs to do wireless assessments, so our kernel has the latest injection patches included.
    Developed in a secure environment: The Kali Linux team is made up of a small group of individuals who are the only ones trusted to commit packages and interact with the repositories, all of which is done using multiple secure protocols.
    GPG signed packages and repositories: Every package in Kali Linux is signed by each individual developer who built and committed it, and the repositories subsequently sign the packages as well.
    Multi-language support: Although penetration tools tend to be written in English, we have ensured that Kali includes true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job.
    Completely customizable: We thoroughly understand that not everyone will agree with our design decisions, so we have made it as easy as possible for our more adventurous users to customize Kali Linux to their liking, all the way down to the kernel.
    ARMEL and ARMHF support: Since ARM-based single-board systems like the Raspberry Pi and BeagleBone Black, among others, are becoming more and more prevalent and inexpensive, we knew that Kalis ARM support would need to be as robust as we could manage, with fully working installations for both ARMEL and ARMHF systems. Kali Linux is available on a wide range of ARM devices and has ARM repositories integrated with the mainline distribution so tools for ARM are updated in conjunction with the rest of the distribution.



Should I Use Kali Linux?

Whats Different About Kali Linux?

Kali Linux is specifically geared to meet the requirements of professional penetration testing and security auditing. To achieve this, several core changes have been implemented in Kali Linux which reflect these needs:

    Network services disabled by default: Kali Linux contains systemd hooks that disable network services by default. These hooks allow us to install various services on Kali Linux, while ensuring that our distribution remains secure by default, no matter what packages are installed. Additional services such as Bluetooth are also blacklisted by default.

    Custom Linux kernel: Kali Linux uses an upstream kernel, patched for wireless injection.

    A minimal and trusted set of repositories: given the aims and goals of Kali Linux, maintaining the integrity of the system as a whole is absolutely key. With that goal in mind, the set of upstream software sources which Kali uses is kept to an absolute minimum. Many new Kali users are tempted to add additional repositories to their sources.list, but doing so runs a very serious risk of breaking your Kali Linux installation.

Is Kali Linux Right For You?

As the distributions developers, you might expect us to recommend that everyone should be using Kali Linux. The fact of the matter is, however, that Kali is a Linux distribution specifically geared towards professional penetration testers and security specialists, and given its unique nature, it is NOT a recommended distribution if youre unfamiliar with Linux or are looking for a general-purpose Linux desktop distribution for development, web design, gaming, etc.

Even for experienced Linux users, Kali can pose some challenges. Although Kali is an open source project, its not a wide-open source project, for reasons of security. The development team is small and trusted, packages in the repositories are signed both by the individual committer and the team, and  importantly  the set of upstream repositories from which updates and new packages are drawn is very small. Adding repositories to your software sources which have not been tested by the Kali Linux development team is a good way to cause problems on your system.

While Kali Linux is architected to be highly customizable, do not expect to be able to add random unrelated packages and repositories that are out of band of the regular Kali software sources and have it Just Work. In particular, there is absolutely no support whatsoever for the apt-add-repository command, LaunchPad, or PPAs. Trying to install Steam on your Kali Linux desktop is an experiment that will not end well. Even getting a package as mainstream as NodeJS onto a Kali Linux installation can take a little extra effort and tinkering.

If you are unfamiliar with Linux generally, if you do not have at least a basic level of competence in administering a system, if you are looking for a Linux distribution to use as a learning tool to get to know your way around Linux, or if you want a distro that you can use as a general purpose desktop installation, Kali Linux is probably not what you are looking for.

In addition, misuse of security and penetration testing tools within a network, particularly without specific authorization, may cause irreparable damage and result in significant consequences, personal and/or legal. Not understanding what you were doing is not going to work as an excuse.

However, if youre a professional penetration tester or are studying penetration testing with a goal of becoming a certified professional, theres no better toolkit  at any price  than Kali Linux.

If you are looking for a Linux distribution to learn the basics of Linux and need a good starting point, Kali Linux is not the ideal distribution for you. You may want to begin with Ubuntu, Mint, or Debian instead. If youre interested in getting hands-on with the internals of Linux, take a look the Linux From Scratch project.
Summary

So, after having read this you should have figured out if Kali Linux is the distribution you were looking for or at least got an idea about your choice.

If still you have not figured it out, here is a summary that will hopefully remove your remaining doubts:

    Kali Linux is made with pentesters and pentesting in mind so, expecting it to fit with your necessity might not be as simple even though its completely possible.
    If you are new to Linux or have less experience with command line you might find Kali Linux to be not so user-friendly, even though our developers try to make it as user-friendly as possible some things might be intimidating to you if you are new.
    The developers always try to make Kali Linux as much hardware compatible as possible but, still some hardware/s might not work as expected or not work at all. So, its better to research hardware compatibility beforehand rather than breaking your computer later.
    If you are installing Kali Linux for the first time, it is recommended to install first in Virtual Machine then, after getting familiar with it, you can install it in your own hardware.

Hopefully, now you know if you need to install Kali Linux or not. If you have decided to install Kali Linux then, we welcome you to our community.



All about sudo

Non-root user

With 2020.1 Kali has swapped to a privileged non-root user by default. This means that root has no password set, and the account created during installation is the one to use. It is possible to re-enable access to the root user, however this is not recommended.
Sudo?

sudo is a way that we can access tools, ports, or services that need administrative privileges. Sudo is powerful however, and can allow full access to the system, so it is not advised to use sudo on every command.
Sudo on Kali

Because Kali creates a user with administrative privileges by default, users can use sudo right away and supply their password for authentication. Should a user wish to enable password-less sudo, which poses a security risk should someone gain access the the user account, they have that option.

kali@kali:~$ sudo apt install -y kali-grant-root && sudo dpkg-reconfigure kali-grant-root

The previous command installs a package that will allow for a user to be added to a trusted group that will not need to supply a password when using sudo. This does not mean however that root will be reinstated.
In use

kali@kali:~$ ls /root
ls: cannot open directory '/root': Permission denied
kali@kali:~$
kali@kali:~$ sudo ls /root
[sudo] password for kali:
hello
kali@kali:~$ sudo apt install -y kali-grant-root
...
kali@kali:~$ sudo dpkg-reconfigure kali-grant-root
...
kali@kali:~$ sudo ls /root
hello
kali@kali:~$



Kali Linux Metapackages

What are metapackages

Metapackages are used to install many packages at one time, created as a list of dependencies on other packages. Kali Linux uses these in a few ways. One way is allowing users to decide how many packages out of the total Kali list they would like to install. Need just enough to use Linux? Want enough to conduct Pentests? Perhaps nearly every package available in Kali?

To install a metapackage we first need to update and then install the desired package:

kali@kali:~$ sudo apt update
kali@kali:~$
kali@kali:~$ sudo apt install -y kali-linux-default
kali@kali:~$

System

    kali-linux-core: Base Kali Linux System  core items that are always included
    kali-linux-headless: Default install that doesnt require GUI
    kali-linux-default: Default desktop (AMD64/i386) images include these tools
    kali-linux-light: Kali-Light images use this to be generated
    kali-linux-arm: All tools suitable for ARM devices
    kali-linux-nethunter: Tools used as part of Kali NetHunter

Desktop environments/Window managers

    kali-desktop-core: Any key tools required for a GUI image
    kali-desktop-e17: Enlightenment (WM)
    kali-desktop-gnome: GNOME (DE)
    kali-desktop-i3: i3 (WM)
    kali-desktop-kde: KDE (DE)
    kali-desktop-lxde: LXDE (WM)
    kali-desktop-mate: MATE (DE)
    kali-desktop-xfce: Xfce (WM)

Tools

    kali-tools-gpu: Tools which benefit from having access to GPU hardware
    kali-tools-hardware: Hardware hacking tools
    kali-tools-crypto-stego: Tools based around Cryptography & Steganography
    kali-tools-fuzzing: For fuzzing protocols
    kali-tools-802-11: 802.11 (Commonly known as Wi-Fi)
    kali-tools-bluetooth: For targeting Bluetooth devices
    kali-tools-rfid: Radio-Frequency IDentification tools
    kali-tools-sdr: Software-Defined Radio tools
    kali-tools-voip: Voice over IP tools
    kali-tools-windows-resources: Any resources which can be executed on a Windows hosts

Menu

    kali-tools-information-gathering: Used for Open Source Intelligence (OSINT) & information gathering
    kali-tools-vulnerability: Vulnerability assessments tools
    kali-tools-web: Designed doing web applications attacks
    kali-tools-database: Based around any database attacks
    kali-tools-passwords: Helpful for password cracking attacks  Online & offline
    kali-tools-wireless: All tools based around Wireless protocols  802.11, Bluetooth, RFID & SDR
    kali-tools-reverse-engineering: For reverse engineering binaries
    kali-tools-exploitation: Commonly used for doing exploitation
    kali-tools-social-engineering: Aimed for doing social engineering techniques
    kali-tools-sniffing-spoofing: Any tools meant for sniffing & spoofing
    kali-tools-post-exploitation: Techniques for post exploitation stage
    kali-tools-forensics: Forensic tools  Live & Offline
    kali-tools-reporting: Reporting tools

Others

    kali-linux-large: Our previous default tools for AMD64/i386 images
    kali-linux-everything: Every metapackage and tool listed here
    kali-tools-top10: The most commonly used tools
    kali-desktop-live: Used during a live session when booted from the image



Metasploit Framework

In keeping with the Kali Linux Network Services Policy, no network services, including database services, run on boot as a default, so there are a couple of steps that need to be taken in order to get Metasploit up and running with database support.
Quick way

You an have everything up and running, by starting the PostgreSQL service and set it up just by doing:

kali@kali:~$ sudo msfdb init
[+] Starting database
[+] Creating database user 'msf'
[+] Creating databases 'msf'
[+] Creating databases 'msf_test'
[+] Creating configuration file '/usr/share/metasploit-framework/config/database.yml'
[+] Creating initial database schema
kali@kali:~$

You can even take it one step further by doing sudo msfdb run and it will do the same as the above, as well as start msfconsole afterwards
MSFDB

To help interactive with various parts of the Metasploit configuration there is msfdb:

kali@kali:~$ sudo msfdb

Manage the metasploit framework database

  msfdb init     # start and initialize the database
  msfdb reinit   # delete and reinitialize the database
  msfdb delete   # delete database and stop using it
  msfdb start    # start the database
  msfdb stop     # stop the database
  msfdb status   # check service status
  msfdb run      # start the database and run msfconsole

kali@kali:~$

Please note: this is a different version of msfdb that is shipped with the default project
Start the Kali PostgreSQL Service

Start the Kali PostgreSQL Service

Metasploit uses PostgreSQL as its database so it needs to be launched first:

kali@kali:~$ sudo msfdb start
[+] Starting database
kali@kali:~$

You can verify that PostgreSQL is running by checking the output of ss -ant and making sure that port 5432 is listening, or using sudo msfdb status:

kali@kali:~$ sudo msfdb status
? postgresql.service - PostgreSQL RDBMS
     Loaded: loaded (/lib/systemd/system/postgresql.service; disabled; vendor preset: disabled)
     Active: active (exited) since Sun 2021-02-07 02:15:42 EST; 4s ago
    Process: 157089 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
   Main PID: 157089 (code=exited, status=0/SUCCESS)

Feb 07 02:15:42 kali systemd[1]: Starting PostgreSQL RDBMS...
Feb 07 02:15:42 kali systemd[1]: Finished PostgreSQL RDBMS.

COMMAND     PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
postgres 157071 postgres    5u  IPv6 647182      0t0  TCP localhost:5432 (LISTEN)
postgres 157071 postgres    6u  IPv4 647183      0t0  TCP localhost:5432 (LISTEN)


UID          PID    PPID  C STIME TTY      STAT   TIME CMD
postgres  157071       1  1 02:15 ?        Ss     0:00 /usr/lib/postgresql/13/bin/postgres -D /var/lib/postgresql/13/main -c config_file=/etc/postgresql/13/main/postgresql.con

[i] No configuration file found
kali@kali:~$

Initialize the Metasploit PostgreSQL Database

With PostgreSQL up and running, we next need to create and initialize the msf database.

kali@kali:~$ sudo msfdb init
[i] Database already started
[+] Creating database user 'msf'
[+] Creating databases 'msf'
[+] Creating databases 'msf_test'
[+] Creating configuration file '/usr/share/metasploit-framework/config/database.yml'
[+] Creating initial database schema
kali@kali:~$

Launch msfconsole in Kali

Now that the PostgreSQL service is up and running and the database is initialized, you can launch msfconsole and verify database connectivity with the db_status command as shown below.

kali@kali:~$ msfconsole -q
msf6 >
msf6 > db_status
[*] Connected to msf. Connection type: postgresql.
msf6 >

Installing Tor Browser on Kali Linux
Install Instructions

Open the terminal then run the following commands:

kali@kali:~$ sudo apt update
kali@kali:~$
kali@kali:~$ sudo apt install -y tor torbrowser-launcher
kali@kali:~$

As user run the following command:

kali@kali:~$ torbrowser-launcher

First time it will download and install Tor Browser including the signature verification.

Next time it will be used to update and launch Tor Browser.



Kali Tools

Users have a few areas where they can look for information about a tool in Kali.
Local information

The first place users should look to is whatever local information is available. Through man pages and help output, many uses of tools will be seen. Remember to just run man tool-name or tool-name --help when youre unsure of a certain flag and you should be good. However, what if you dont know at all what a tool is used for, and you dont learn much from either resource?
Online information

If man pages and help output didnt answer questions, then perhaps tools.kali will be of assistance. With use case examples, the man page/help output, and descriptions for the tool, there is a lot of information to be gained by looking at a tool. Additionally, each tools page links to the upstream website which may provide additional information for the tool.



Kali's Default Credentials

Kali changed to a non-root user policy by default since the release of 2020.1.

This means:

    During the installation of amd64 and i386 images, it will prompt you for a standard user account to be created.

    Any default operating system credentials used during Live Boot, or pre-created image (like Virtual Machines & ARM) will be:
        User: kali
        Password: kali

    Vagrant image (based on their policy):
        Username: vagrant
        Password: vagrant

    Amazon EC2:
        User: kali
        Password: <ssh key>

Default Tool Credentials

Some tools shipped with Kali, will use their own default hardcoded credentials (others will generate a new password the first time its used). The following tools have the default values:

    BeEF-XSS
        Username: beef
        Password: beef
        Configuration File: /etc/beef-xss/config.yaml

    MySQL
        User: root
        Password: (blank)
        Setup Program: mysql_secure_installation

    OpenVAS
        Username: admin
        Password: <Generated during setup>
        Setup Program: openvas-setup

    Metasploit-Framework
        Username: postgres
        Password: postgres
        Configuration File: /usr/share/metasploit-framework/config/database.yml

    PowerShell-Empire/Starkiller
        Username: empireadmin
        Password: password123