So you want to tinker with Kali Linux huh? This aims to be a (very) brief quick start guide and it assumes you have installed Kali on a machine, on a bootable kali USB drive or in a virtual environment.
Note: As Kali Linux is a web established security tool, there are a number of great guides available online.
You can login to Kali Linux using the default credentials:
To update the initial Kali image you have downloaded, run the following command:
sudo apt-get update && sudo apt-get dist-upgrade -y
For beginners, the double ampersand (&&) simply queues up two commands so you don’t have to wait for the first once to complete before entering the second one and the -y switch answers yes to the prompt generated by the second command (which asks if you want to proceed with downloading updates).
It might be overkill but I feel more comfortable doing a reboot at this stage.
Install the Kali Linux full toolset
By default the Kali distribution comes with a subset of tools, with the rest being able to be installed when required. Given that quite often I’ll want to play with tools in an offline environment, I like to just get everything install upfront. To do this, enter the following command:
sudo apt-get install kali-linux full
Prepare to wait quite sometime for this as its generally about 1GB of packages to be downloaded and installed. You may get prompted by some applications for options too.
Change Lock Screen & Desktop Background
I do this simply because thanks to Mr Robot, the Kali linux logo is familar to a lot of people and if they see you using a computer with it on, they assume you are trying to bring the world’s financial systems to its knees and destroy Evil Corp. Sometimes I’ll be working offline on a train trying to root a VM and worry people will assume I’m up to no good.
For some reason as of Kali 2019.4, OpenVas no longer seems to be part of the default Kali deployment nor the Kali-Linux-Full package so has to be installed manually. While most of the applications are fairly ‘ready to go’ once installed, OpenVas has a lot of its own updates and definitions to download so I like to do this as part of my initial setup.
To install OpenVas, run the following command:
sudo apt install openvas
Once this has completed, you need to actually setup the software run which can take a while as needs to download a lot of data so do it when you’ve got time to just leave it running and ideally on a fast connection. On a 60Mbps connection for me, the process took about 20 minutes.
To begin the setup process run:
IMPORTANT: When its complete, you should see a message like this in the terminal window that gives you the password for the admin account for OpenVas, make a note of this as you will not see it again:
Nov 24 03:56:20 kali systemd: Starting Open Vulnerability Assessment System Manager Daemon... Nov 24 03:56:20 kali systemd: openvas-manager.service: Can't open PID file /run/openvasmd.pid (yet?) after start: No such file or directory Nov 24 03:56:20 kali systemd: Started Open Vulnerability Assessment System Manager Daemon. [*] Opening Web UI (https://127.0.0.1:9392) in: 5... 4... 3... 2... 1... [>] Checking for admin user [*] Creating admin user User created with password '1f3287d4-33fe-4511-g22f-46423fc2c030'. [+] Done
After this a browser window will launch, it may have a warning because the SSL certificate is self-issued, you can safely ignore this and add an exception to the browser:
In case you have any problems access the page, the default address for OpenVas is: https://127.0.0.1:9392/
Once you have accepted the warning and added an exception, you should be able to login with a username of admin and the password provided in the terminal window, I recommend also saving it in the browser. Once loaded, you should see the Greenbone Security Assistant web-based GUI for OpenVas:
IMPORTANT: at the time of writing there is a longstanding bug within OpenVas that makes it very difficult to scan ranges of IP addresses. For training purposes this is rarely a problem but for practical use, entering hundreds of IP addresses is less useful!
While its beyond the scope of this article to explain how to use OpenVas, most people can go to Scans > Tasks and mouseover the New Task icon and select Advanced Task Wizard, after that enter a target IP address and the rest is self-explanitory.