We have a fascination with ARM hardware, and often find Kali very useful on small and portable devices. Over time, we have Built Kali Linux for a wide selection of ARM hardware and offered these images for public download.
When it comes to penetration testing, hacking and offensive distros, one of the first to be mentioned is Kali Linux. It is based on Debian and is available in 32-bit and 64-bit editions. Today we take a look at installing Kali Linux. We will look at using the entire disk and installing alongside Windows.
- A minimum of 20 GB disk space for the Kali Linux install.
- RAM for i386 and amd64 architectures, minimum: 1GB, recommended: 2GB or more.
- CD-DVD Drive / USB boot support
- Download Kali Linux from here. You have options for the Gnome (default and light), KDE, Mate, Xfce, LXDE, armhf, armel and virtual images for VMware and VirtualBox.
- Burn The Kali Linux ISO to DVD or Image Kali Linux Live to USB.
- Boot from your chosen installation medium (DVD or USB).
4. Choose your preferred method of installation. In this tutorial, we will choose the Graphical Install.
5. Select your preferred language.
5. Select your preferred language.
6. Select your geographic location.
7. Configure the keyboard
8. Configure the network
9. Enter your a hostname for your system
10. You may choose to specify a default domain name now.
11. Create a root password for the system.
12. Set up users and passwords
13. Next, set your timezone.
14. The installer will now probe your disks and offer you four choices. In our example, we’re using the entire disk on our computer and not configuring LVM (logical volume manager). If you know what you are about, you can choose the “Manual” partitioning option for more detailed configuration options.
15. Select the disk to be partitioned.
16. Depending on your needs, you can choose to keep all your files in a single partition — the default — or to have separate partitions for one or more of the top-level directories. If you’re not sure which you want, you want “All files in one partition”.
17. Next, you’ll have one last chance to review your disk configuration before the installer makes irreversible changes. Pressing continue will let the continue and complete your installation.
18. You will have to configure Kali’s network mirrors that Kali uses to distribute applications. You’ll need to enter any appropriate proxy information as needed. NOTE! If you select “NO” in this screen, you will NOT be able to install packages from Kali repositories.
19. Next, install GRUB.
20. Finally, click Continue to reboot into your Kali installation.
Installing Kali alongside a Windows installation can be quite useful. However, you have to be careful with the setup process. First, make sure that you’ve backed up any important data on your Windows installation.
- First, you have to partition your drive. Boot with your chosen installation medium. You will be presented with first with the Kali Boot screen and select Live from amongst the options. This will then boot you into the Kali Linux Live desktop mode.
- Now launch the gparted program. We can use gparted software to reduce the size of the Windows partition to make space for the installation of Kali Linux.
3. Select your Windows partition. Depending on your system, it will usually be the second, larger partition. In the screenshot below, you can see that there are 2 partitions; the first being the System Recovery partition, and the second one is actually installed where Windows is installed in /dev/sda2. You can then resize your Windows partition and create about a minimum and 20GB size partition fro Kali installation.
4. Once you have resized your Windows partition, ensure you “Apply All Operations” on the hard disk. Exit gparted and reboot.
5. The process from this point will be very similar to installing on the full disk. You only have to make sure that at the point of partitioning, you select “Guided – use the largest continuous free space” that you created earlier with gparted.
6. Once the installation is done, reboot. GRUB will come up and you can choose to boot into either into Kali or Windows.
So there you have it, a quick tutorial on how to install Kali Linux. Now that you are done installing, you can begin your pen testing and ethical hacking. Thanks for reading and share your thoughts and comments with us in the section below.
I recently installed Kali Linux on my Raspberry Pi and I will give you some tips to start on this distribution
How to install Kali Linux on Raspberry Pi and what to do with it?
Kali Linux images are available on the official website, so you can easily install it by copying them to your SD card using a software like Etcher.
You can then configure it your way and test the security tools included in this distribution
Kali Linux images are available on the official website, so you can easily install it by copying them to your SD card using a software like Etcher.
You can then configure it your way and test the security tools included in this distribution
In this article, I will explain in 15 steps how to get started with this hacking distribution on Raspberry Pi :
- Presentation of Kali Linux
- Download Kali Linux images for Raspberry Pi
- Create a new SD Card with Etcher
- Install Kali Linux
- First login
- Connect to your Network
- Set a static IP address
- Expand SD card partition
- Enable SSH and VNC
- Changing MAC Address
- Hack WiFi password
- Brute force
- Packet Analyzer
- SQL Injection
- Vulnerabilities exploit
Feel free to use the table of contents below to go directly to what interests you the most
1 – Presentation of Kali Linux
Kali Linux is a Debian-based Linux distribution, which includes security and penetration testing tools
Formerly known as Backtrack, it is used by many security companies and also by hackers
Associated with Raspberry Pi, it turns it into a perfect hacking kit
Formerly known as Backtrack, it is used by many security companies and also by hackers
Associated with Raspberry Pi, it turns it into a perfect hacking kit
Kali Linux is available for the ARM architecture, so its installation is relatively simple. We will now see how to install it on your Raspberry Pi
2 – Download Kali Linux images for Raspberry Pi
Images for the ARM architecture are available on this page of the official website
The download can be done only by Torrent protocol
The download can be done only by Torrent protocol
Expand the “Raspberry Pi Foundation” menu and download the corresponding .torrent file for your machine (the first link I think)
Open the .torrent file in your favorite software and wait a few minutes for the download to complete
Open the .torrent file in your favorite software and wait a few minutes for the download to complete
If you don’t know Torrent, download and install a software (Transmission, Vuze, Deluge, BitTorrent, …).
On Ubuntu, for example, Transmission is part of the basic packages already installed
On Ubuntu, for example, Transmission is part of the basic packages already installed
3 – Create a new SD Card with Etcher
Now that we have recovered the image of Kali Linux, we will have to create an SD card to install and use it later.
If possible, I advise you to install it on another SD card than your Raspbian, so you do not have to redo everything if you come back on Raspbian (8Gb minimum)
If possible, I advise you to install it on another SD card than your Raspbian, so you do not have to redo everything if you come back on Raspbian (8Gb minimum)
As usual, we will use Etcher to create our SD card
If you don’t have it yet you can download it from the official website, it is available for Linux, Windows and Mac OS and will make your life easier
If you don’t have it yet you can download it from the official website, it is available for Linux, Windows and Mac OS and will make your life easier
Once Etcher is installed and launched, select your image and your SD card then start the copy
It’s pretty long to copy; it took about 30min for me
It’s pretty long to copy; it took about 30min for me
4 – Install Kali Linux
There is nothing to do ?
Just insert the SD card into your Raspberry Pi and start
Kali Linux will start directly to the login screen
No questions or other, insert, start, wait
Kali Linux will start directly to the login screen
No questions or other, insert, start, wait
5 – First login
Once Kali started, you need to login
The default identifiers are:
– login: root
– pass: toor
– login: root
– pass: toor
It is mandatory to change them quickly
You can change it by launching the terminal and typing the command:
You can change it by launching the terminal and typing the command:
Keyboard layout
If you do not have a US keyboard, you can change the layout in the Settings, Keyboard options
But be careful, on the login screen you will keep the US layout for the moment, so choose your password knowing this if you want to use it with desktop
But be careful, on the login screen you will keep the US layout for the moment, so choose your password knowing this if you want to use it with desktop
6 – Connect to your Network
We are talking here only about networks in DHCP, if you must necessarily define a fixed IP address, look at the following step
Warning, the network connection is not possible until the root password has been changed
Ethernet:
Just connect the RJ45 cable to your Raspberry Pi and wait a few seconds for an IP address to be assigned to it, there is nothing else to do
WiFi:
On the Kali desktop, click on the network icon at the top right, and choose the SSID of your wifi network
Type the password of your access point, and wait a few moments
Type the password of your access point, and wait a few moments
Get your current IP address:
Whatever your connection mode, you can retrieve the IP address obtained with the ifconfig command
The addresses are indicated on the second line of each interface, after the keyword “inet”
The addresses are indicated on the second line of each interface, after the keyword “inet”
eth0 = ethernet, wlan0 = WiFi
I advise you not to activate both at the same time, even if it works I had problems of response time by moments, probably a problem of routing (I didn’t look any longer, but by disabling the wifi I had no problem)
7 – Set a static IP address
A static IP address will allow you to choose the IP address associated with your Raspberry PI, and therefore find it more easily later
To set a static IP open the /etc/network/interfaces file
You will see something like this
Replace it with these lines
Replace the IPs indicated by what fits your network
Reboot your Raspberry Pi or unplug/plug the network cable to update your IP
You can do the same thing for your WiFi connection by replacing eth0 with wlan0
8 – Expand SD Card size
By default, Kali Linux will launch on a partition of about 8GB, whatever the size of your SD card, using 95% of it
Therefore, most of the time, it’s necessary to extend the partition to take into account the total capacity of the SD card
In my case, the disc / was full when I used a 64GB card …
In my case, the disc / was full when I used a 64GB card …
To expand the capacity, you have two methods
Raspi-config
As Kali is based on Debian, you can add raspi-config to extend the size of the partition
For this follow the following steps:
For this follow the following steps:
- Download raspi config package
Feel free to browse the folder to get the last version
- Install it
You could have some dependencies warning.
The next step will fix this - Fix dependencies if needed
Raspi-config is now available so that you can expand the filesystem with :
Take the first choice and reboot
Classic Linux tools
As we are on a Linux, a Debian to be precise, it is possible to use the classic tools of partitioning (fdisk, parted, gparted, …)
I will not go into detail here because I found that Raspi-Config did the job very well, but if you have to do otherwise you have to look for tutorials for Linux, which will perfectly fit the Raspberry Pi
Update Kali
Now that you have more space on your disk don’t forget to update your system
9 – Enable SSH and VNC
Now that we have a fixed IP address, it’s time to make our Raspberry Pi accessible from another network computer
Enable SSH
Usually SSH is installed by default.
If you don’t have access, it’s probably because you need to start the service:
If you don’t have access, it’s probably because you need to start the service:
Install VNC
VNC will allow you to have access to a remote desktop on your Raspberry Pi
To install it follow the following steps:
- Update your repository
- Install TightVNC Server
- Start the service and set the password
You can now connect to your Raspberry Pi on Kali Linux with any VNC Viewer
For example, on Ubuntu :
For example, on Ubuntu :
Remember that VNC is not a secure protocol, and if you use it at home it’s ok, but in a more extensive network it is better to use it through an SSH tunnel for example
10 – Changing MAC Address
Overview
A MAC address is a unique identifier for each network adapter. It depends on each manufacturer and it’s often used to give access to a specific part of the network to restricted computers. A DHCP server can also assign always the same IP to a MAC Address
For example, you can configure your WiFi network to whitelist your MAC address, and prevent anyone else from connecting to it
For example, you can configure your WiFi network to whitelist your MAC address, and prevent anyone else from connecting to it
MacChanger is a tool which allows you to do MAC address spoofing, i.e. to pretend to be someone else
Usage
Install it if needed
See your current MAC Address
Disable your network card
Get a random MAC address
Set a specific MAC address
Reboot to reset and get the standard MAC Address
11 – Hack wifi password
Overview
AirCrack-NG is one of the most known tools in Kali Linux.
It’s a complete suite of tools to test the wireless security of a network
It provides tools for monitoring, attacking, testing and cracking WiFi networks
It’s a complete suite of tools to test the wireless security of a network
It provides tools for monitoring, attacking, testing and cracking WiFi networks
Usage
You must disconnect WiFi on your Raspberry Pi before starting
Then check that your network card is compatible (it is):
Start monitoring:
Show wireless network available:
And you are ready to go
I’ll let you watch a dedicated tutorial on this topic for the future if you’re interested
I’ll let you watch a dedicated tutorial on this topic for the future if you’re interested
12 – Brute force
THC Hydra
Overview
Brute force is a password cracking method, that try passwords from a dictionary or other, and try all the possibilities until it works
Hydra is a tool to make very fast brute force from a Kali Linux software and which supports a lot of protocols
Usage
First, you will need a list of passwords and put it in a file, like /root/passwords.txt (one per line)
Then you can try it, for example, I have decided to brute force SSH on my computer from the Raspberry Pi:
If I check in my /var/log/auth.log, I can see tries from the Raspberry :
13 – Packet Analyzer
Overview
A packet analyzer (or sniffer) is a tool that can intercept traffic from the network and capture it to analyze it
On Kali Linux, you can use Wireshark, which is the most used tool to analyze network traffic
It’s a graphical tool, but you can capture packets with tcpdump or something else, and then open it with Wireshark
It’s a graphical tool, but you can capture packets with tcpdump or something else, and then open it with Wireshark
Usage
You can find the app in the Applications menu, under Sniffing and spoofing
Start it and then go to Capture > Start
You will now see all packets from the network
Click Stop when you want
You will now see all packets from the network
Click Stop when you want
Then there is a lot of features that you can use to filter or analyze what you have captured
14 – SQL Injection
Overview
SQL injection is a technique for attacking insecure applications, including injecting code into user fields that are not protected
This technique is mainly used to attack websites
For example, if you replace a parameter of the URL, say ?user=yourname by something like ?user=yourname ‘ OR 1
If the field is poorly protected, the SQL query will be modified and will return all the data, not just those of your user
For example, if you replace a parameter of the URL, say ?user=yourname by something like ?user=yourname ‘ OR 1
If the field is poorly protected, the SQL query will be modified and will return all the data, not just those of your user
On Kali Linux, the sqlmap tool allows testing SQL injection vulnerabilities
Usage
Sqlmap is a straightforward tool to use
You only need to indicate the URL of the page to be tested, something like this:
Once you have found a security hole, it is possible to dig deeper with this tool to see what you can get. But the best thing to do is to fix it ?
15 – Vulnerabilities exploit
Overview
Metasploit is a tool that will allow you to validate vulnerabilities and use them
Metasploit enables you to automate the process of discovery and exploitation and provides you with the tools required to perform the manual testing phase of a penetration test
Metasploit enables you to automate the process of discovery and exploitation and provides you with the tools required to perform the manual testing phase of a penetration test
Usage
Install Metasploit with apt :
Then you can start it in Applications > Exploitation Tools > Metasploit framework
This tool will initialize and start a terminal that will allow you to use this software
For example, you can use nmap in the framework:
You can also retrieve information about a known vulnerability, and try to use it
Replace the search parameter with your vulnerability ID and use the exploit path displayed in the search results
Conclusion
We learned how to install Kali Linux on Raspberry Pi, the first steps of the system configuration, and some exciting tools to use on this distribution
As I said at the beginning, this article is not exhaustive. There are hundreds of apps and most are quite complicated to take in hand which would require an article each, but it was not the goal here
I still hope you understand the basics and that this article made you want to try ?