Kali Linux (the reincarnation of BackTrack) is all the time good news. Working in network security, forensic analysis, and penetration testing it is important to keep your tools updated,
both so that you’re protected from the newest known threats, and so that you’ve got the latest tools at your control.
- Introduction :
Kali Linux is an open source project that’s maintained and funded by Offensive Security, a provider of world-class info security training and
penetration testing services. In addition to Kali Linux, Offensive Safety also maintains the Exploit Database and the free on-line program, Metasploit Unleashed.
Kali is a Debian-based distribution, and it continues where BackTrack stopped, one other forensic distro that I wrote about previously.
Kali is installable, but the general concept is to make use of it from the live session, running all sorts of probes and tests and investigations against network targets and offline local storage.
It’s geared up both with Windows and Linux-oriented tools.
The release announcement provides a brief overview of the new release. But in shorts what’s new inside new Kali 2.0? There’s a new 4.0 kernel version, which is based on Debian Jessie,
There is a lot of improvement in hardware and the wireless driver coverage, that support for a variety of Desktop Environments (Gnome3, KDE, Mate, Xfce, e17, i3wm,lxde) updated desktop environment and the tools.
But these bulletpoint items are essentially a side effect of the real changes that have taken place in the development backend of Kali. Ready to hear the real news? Take a deep breath; it’s a long list.
It particularly explains that it’s not necessary to reinstall this new release from scratch. If you’re already running Kali, you may simply get the newest updates (just-upgrade), and you are all set.
The Kali Linux Download page lists 32-bit and 64-bit ISO images. Along with the standard “Live” images, which are a whopping 2.8GB, there are “mini” images that are only 25MB or so,
that are roughly the equivalent of the Debian “netinst” (network installer) images also.
The Kali Linux ISO are hybrid images, which implies that they can either be burned to DVD media or dumped directly to a USB stick.
Why Kali 2.0 is different from Kali 1.x?
This is probably the most asked query about Kali right now. But for that, you have to read the all-new features of Kali Linux 2.0.
Highlights of the new Kali
New Flavours of Kali Linux 2.0
Through the Kali Live Build process, Kali 2.0 now natively supports GNOME3, KDE, Xfce, e17, lxde, MATE, and i3wm. So why Kali is moved on to GNOME 3 in this release and marking the end of a long abstinence period.
This is because the team finally embraced GNOME 3 and with a few custom changes, it’s grown to be one of your favorite desktop environment.
The team also added the custom support for multi-level menus so that you can customize your Items more freely on your Kali desktop, The beautiful and true terminal transparency,
and there also a handful of useful gnome shell extensions. There are so many reasons why it’s the best OS now as compared to other Linux Distribution.
The minimum RAM requirements for a full GNOME 3 session has increased to 768 MB, but this is not an issue on modern hardware but can be a crush on lower-end machines.
But don’t worry if you have lower-end machines, the team has also released an official version minimal Kali 2.0 ISO.
This “light” flavor of Kali includes a some of the useful tools together with the lightweight Xfce desktop environment and a perfect solution for the resource-constrained Computers/Laptops.
Support for ARM Devices and Mobile Platform
The Kali 2.0 also comes up with Kali Linux 2.0 ARM Images & NetHunter 2.0. The entire ARM image section has been updated across the board with Kali 2.0 version and this including the Chromebooks,
Raspberry Pi, Odroid. In the process, there are some new images too with this release such as the latest Chromebook Flip.
Another important change that they implemented in the ARM images that including the kernel sources, for an easier gathering of new drivers.
In this official release, the NetHunter also got an update and now includes Kali 2.0. -Which is one of the favorite mobile penetration testing platform in my opinion?
Also, they released a complete barrage of new NetHunter images for Nexus device 5, 6, 7, 9, and 10.
The OnePlus One Device NetHunter image has also been updated to Kali 2.0 and now has a much-awaited image for CM12 as well – check this Offensive Security NetHunter page for more report.
How Do I Upgrade to Kali 2.0?
Easier Updating and Upgrading
Packages on Kali can be up to date with ease without worrying about ‘breaking’ something. This is because the packages within the Kali repositories are ‘Debian Compliant.’
The Kali Distribution itself may be upgraded to the newer version without the necessity for re-installing the distro.
Yes, you can upgrade your Kali 1.x to Kali 2.0! But for doing this, you will need to edit your source.List entries, and run a disk-upgrade as shown below.
If there is some error comes or you can’t upgrade your Kali then, In this case, you’re better off reinstalling your OS from scratch.
Otherwise, feel free to use these commands
cat << EOF > /etc/apt/sources.list
deb Index of /kali sana main non-free contrib
deb Index of /kali-security sana/updates main contrib non-free
apt-get dist-upgrade # get a coffee, or 10.
Switch From Ubuntu to Kali
Yes, you can also switch from Ubuntu to Kali. The Kali Linux is based on Debian (Debian Wheezy). This turned out to be a great move by Offensive-Security.
The New Kali is far more comfortable to make use of than its predecessor.
There also new VMware and VirtualBox Kali 2.0 images for those folks who want to try the Kali in a virtual environment.
These include 32 and 64-bit flavors of the GNOME 3 and providing the full Kali environment.
Customizations of Kali ISOs
If need be, you can also build your customizations of Kali Linux. These ISOs may be bootstrapped directly from the repositories maintained by the Offensive Security.
What is ‘Forensics mode’?
While booting up Kali Linux, an option exists for ‘Live Forensic Mode.’ That is quite a helpful feature if we need to do some actual world forensic work. When into FM (Forensics Mode),
the internal HD isn’t touched in any manner. The Individuals at Offensive Security Performed a Hash Comparison test where Hashes were taken off the Hard Drive earlier than and after utilizing Kali in FM.
At the end of the test, the hashes matched suggesting that no adjustments were made during the operation.
Additionally worth noticing is that the Automount of Removable Media is disabled while in Forensics mode.
Metasploit Framework in Kali
The discussion on Kali (or Backtrack for that matter) can be incomplete without a mention of how nicely the Metasploit Framework is integrated with this distro.
While ‘msfconsole’ brings it up, ‘msfupdate’ can update the Metasploit framework. Just like in Backtrack, POSTGRESQL is used to store the database.
The guys from offensive security and rapid7 (individuals behind the Metasploit project).
Somehow Metasploit Community / Pro no longer ships in Kali
At the request of Rapid7, The team has removed the Metasploit Community / Pro package from the Kali Linux and now host the open-source Metasploit-framework package only.
For all of you who require the Community or Pro version, then you have to download it from the Rapid7 site and then sign up and submit your personal details to get a Metasploit license.
300+ PenTesting tools
This is somewhat a big collection, and the chances are that we wouldn’t need all of them and we may be needing some that aren’t included by default. However,
packages can at all times be grabbed from the repositories at will, so that is never an issue.
Tools in Kali Linux
Tools are mostly the same as those found in Backtrack. However, within the Kali Linux menu, 10 Safety tools have been highlighted as the Top 10.
Anybody who has worked on BT would have no trouble guessing which tools would be out there on Kali and which have to be grabbed from the repositories.
More than three hundred tools come packaged with Kali that is sufficient to serve the needs of most PenTests. The Top 10 tools in Kali Linux are as follows:
Aircrack-ng – For wireless Cracking
Burp Suite – For Web Applications Pentesting
Hydra – For on-line Brute-Forcing of Passwords
John – For offline Password Cracking
Maltego – For Intelligence Gathering
Metasploit Framework – For Exploitation
Nmap – For Network Scanning
Owasp-zap – For finding vulnerabilities in web applications
Sqlmap – For exploiting SQL Injection Vulnerabilities
Wireshark – Network Protocol Analyzer
Your Kali 2.0 FU Just Got an Upgrade
As usual, you can join the community via forums, bug tracker, Twitter, Facebook, and of course, IRC.
Kali Linux 2.0 is a serious step forward for us, as we continuously improve the distribution. Also, we enjoying the new look, features, tools, and workflow in this Upgrade
Warning- Don’t trust everything your buddy or someone else say- such as if they request you to hack a someone ID password, Banking Details, Site or other Personal information.
Note – Kali looks like a superb security distribution. However, simply by using it, you would not become an expert. That is the prerequisite.
Compared to BackTrack, which it succeeded, Kali feels a little bit special complete, more robust, even though both distros have the same focus and balance on normal, each day usability,
and forensics. This is a good thing. Furthermore, it provides a means of hacking and analysis tools that may not only allow you to audit and save your environment but,
besides, learn a whole lot about the network stack and command line utilization.
If you are an expert or an enthusiast with interest within the realm of digital security, you might need to give this operating system its due spin, even though it may not magically repair your Wireless.
That is a lesson for me. For you, the fun part of exploring, learning and testing.