Kali Linux is a Linux distro based on Debian that brings a ton of forensic/penetration testing tools pre-installed. Here is a small list of what you can find in Kali:
- John the Ripper – Password Attacks
- Maltego – Information Gathering
- Wireshark – Sniffing & Spoofing
- Yersinia – Vulnerability Analysis
- Aircrack-ng – Wireless Attacks
- Grabber – Web Applications
- Armitage – Exploitation Tools
- Binwalk – Forensics Tools
- FunkLoad – Stress Testing
- CryptCat – Maintaining Access
- YARA – Reverse Engineering
- Arduino – Hardware Hacking
- CaseFile – Reporting Tools
- among many others. (full list)
To have access to this powerful audit/pen-test tool inside a controlled environment like EVE-NG is the cherry in the top of the cake. We will be able to test a copy of the network without the fear of damaging a production one.
We will make a full installation of Kali (using a preconfigured Kali VM from offensive-security.com) and also try to run in as a live CD.
Live CD (easier and faster)
After downloading the ISO image from the link above, upload it the into /opt/unetlab/addons/qemu/linux-kali using WinSCP or other SCP client.
Then change the name of the iso into cdrom.iso. This can be done directly on the WinSCP or in the EVE console.
Don’t forget to run the command to fix the permissions in the new file.
/opt/unetlab/wrappers/unl_wrapper -a fixpermissions
Now, all we need to do is to add a linux node into EVE and access it with VNC.
Full Installation (the hard one)
After the download extract the zip file.
Verify that the virtual disk (vmdk) is splitted into several disk adn we will need to merge it into just one disk.
To do this we will use a tool from VMWare Workstation called vmware-vdiskmanager using the following command line on the windows console:
C:\Program Files (x86)\VMware\VMware Workstation\vmware-vdiskmanager.exe" -r "C:\VMLocation\vmdkname.vmdk" -t 0 "C:\VMLocation\newimage.vmdk"
Delete all the older .vmdk files and remane the new one to the previous vmdk name.
Upload all files to EVE into the folder /opt/unetlab/addons/qemu/win-fullkali
Then execute the following commands to convert the vmdk file into a qcow and fix all permissions in the EVE console.
cd /opt/unetlab/addons/quemu/win-fullKali /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 kali-Linux2016.2-vm-amd64.vmdk hda.qcow2 /opt/unetlab/wrappers/unl_wrappers -a fixpermissions
And we are done. A full installation of Kali Linux in EVE.
That’s all for now. Until the next post stay good.