Downloading Kali Linux

Downloading Kali Linux

Download Official Kali Images

Official Kali Linux Images

ISO Files

Kali Linux is available as a bootable ISO in both 32 and 64-bit formats.

VMware Images

Kali is available as a pre-made VMware virtual machine with VMware Tools installed. The VMware image is available in a 32-bit PAE format.

ARM Images

Due to the nature of the ARM architecture, it is not possible to have a single image that will work across all ARM devices. We have Kali Linux ARM images available for the following devices:

• rk3306 mk/ss808 
• Raspberry Pi 
• ODROID-U2/X2 
• MK802/MK802 II 
• Samsung Chromebook

Download Link: http://www.kali.org/downloads/

Verifying SHA1 Checksums of Downloaded Images

When you download an image, be sure to download the SHA1SUMS and SHA1SUMS.gpg files that are next to the downloaded image (i.e. in the same directory on the server).

 Ensure the Origin of the SHA1SUMS File

 

Before verifying the checksums of the image, you must ensure that the SHA1SUMS file is the one generated by Kali. That’s why the file is signed by Kali’s official key with a detached signature in SHA1SUMS.gpg. Kali’s official key can be downloaded in one of two ways:

$ wget -q -O - http://archive.kali.org/archive-key.asc | gpg --import 

# or 

$ gpg --keyserver subkeys.pgp.net --recv-key 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6

Once you have downloaded both SHA1SUMS and SHA1SUMS.gpg, you can verify the signature as follows:

$ gpg --verify SHA1SUMS.gpg SHA1SUMS 

gpg: Signature made Thu Mar  7 21:26:40 2013 CET using RSA key ID 7D8D0BF6 

gpg: Good signature from "Kali Linux Repository <devel@kali.org>"

If you don’t get that “Good signature” message or if the key ID doesn’t match, then you should stop the process and review whether you downloaded the images from a legitimate Kali mirror. If the SHA1SUMS file is the one provided by Kali, then you can verify that the image downloaded has the required checksum. You can either generate the checksum and do a manual comparison with what’s listed in SHA1SUMS or use a tool that knows how to verify those checksums. 

 TODO: explain how to use GPG on OS X and Windows. See https://www.torproject.org/docs/verifying-signatures.html.en for inspiration.

Verifying SHA1 Checksums on Linux

 With a manual comparison:

$ sha1sum kali-linux-1.0-i386.iso 

796e32f51d1bf51e838499c326c71a1c952cc052  kali-linux-1.0-i386.iso 

$ grep kali-linux-1.0-i386.iso SHA1SUMS 

796e32f51d1bf51e838499c326c71a1c952cc052  kali-linux-1.0-i386.iso

By using sha1sum -c:

grep kali-linux-1.0-i386.iso SHA1SUMS | sha1sum -c 

kali-linux-1.0-i386.iso: OK

Verifying SHA1 Checksums on OSX

With a manual comparison:

$ shasum kali-linux-1.0-i386.iso 

796e32f51d1bf51e838499c326c71a1c952cc052  kali-linux-1.0-i386.iso 

$ grep kali-linux-1.0-i386.iso SHA1SUMS 

796e32f51d1bf51e838499c326c71a1c952cc052  kali-linux-1.0-i386.iso

Verifying SHA1 Checksums on Windows

Windows does not have the native ability to calculate SHA1 checksums so you will need a utility such asFree MD5 SHA1 verifier to verify your download.

Download Link: http://www.keylack.com/free-md5-sha1-verifier.html

Process Management Linux Commands

Process Management Linux Commands

• ps – report a snapshot of the current processes                                      

Usage: ps [OPTION]                                                                          

eg. ps,  ps ­-el   

• bg – make a foreground process to run in background                        

Usage: type 'ctrl+z'  and then 'bg <job id>' 

 • fg – to make background process as foreground process                      

Usage: fg [jobid]

 • jobs – displays the names and ids of background jobs                         

Usage: jobs

• kill – to kill a process(using signal mechanism)                                     

Usage: kill [OPTION] pid                                                                  

eg. kill -­9 2275 

Archival

• tar – to archive a file                                                                              

Usage: tar [OPTION] DEST SOURCE                                           

eg. tar -­cvf /home/archive.tar /home/original                                         

     tar ­-xvf /home/archive.tar 

• zip – package and compress (archive) files                                           

Usage: zip [OPTION] DEST SOURSE                                           

eg. zip original.zip original

• unzip – list, test and extract compressed files in a ZIP archive           

Usage: unzip filename         

eg. unzip original.zip

Network

• ssh – SSH client (remote login program)                                         

“ssh is a program for logging into a remote machine and for executing commands on a remote machine”        

Usage: ssh [options] [user]@hostname    

eg. ssh -­X guest@10.105.11.20 

• scp – secure copy (remote file copy program)                                       

“scp copies files between hosts on a network”          

Usage: scp [options] [[user]@host1:file1] [[user]@host2:file2]  

eg. scp file1.txt guest@10.105.11.20:~/Desktop/

File Systems

• fdisk – partition manipulator                                                        

eg. sudo fdisk ­-l 

• mount – mount a file system                                                       

Usage: mount -­t type device dir                                               

eg. mount /dev/sda5 /media/target                                       

• umount – unmount file systems                                                  

Usage: umount [OPTIONS] dir | device...                               

eg.  umount /media/target 

• du – estimate file space usage                                                                 

Usage:  du [OPTION]... [FILE]...                                                      

eg. du      

• df – report filesystem disk space usage                                                 

Usage: df [OPTION]... [FILE]...                                                        

eg. df     

• quota – display disk usage and limits                                                   

Usage: quota [OPTION]                                                                    

eg. quota ­-v    

Advanced Commands

• reboot – reboot the system                                                             

Usage: reboot [OPTION]                                                       

eg. reboot                                                                                            

• poweroff – power off the system                                                   

Usage: poweroff [OPTION]      

eg. poweroff

• sed–  stream editor for filtering and transforming text               

Usage: sed [OPTION] [input­file]...                                        

eg. sed 's/love/hate/g' loveletter.txt 

• awk– pattern scanning and processing language                        

eg.  awk ­-F: '{ print $1 }' sample_awk.txt 

• find – search for files in a directory hierarchy                                       

Usage: find [OPTION] [path] [pattern]                                             

eg. find ­name file1.txt 

• locate – find or locate a file      

Usage: locate [OPTION]... FILE...      

eg. locate file1.txt

Editor commands

• kate – KDE Advanced Text Editor                                                         

Usage:  kate [options][file(s)]                                                            

eg. kate file1.txt file2.txt                                                                

• vim – Vi Improved, a programmers text editor                                       

Usage: vim [OPTION] [file]...                                                           

eg. vi hello.c 

• gedit ­ A text Editor. Used to create and edit files.                                          

Usage: gedit [OPTION] [FILE]...                                                      

eg. gedit        

System Administration Linux Commands

System Administration Linux Commands

• chmod – change file access permissions                                         

Usage: chmod [OPTION] [MODE] [FILE]                                      

eg. chmod 744 calculate.sh    

• chown – change file owner and group                                                     

Usage: chown [OPTION]... OWNER[:[GROUP]] FILE...               

eg. chown remo myfile.txt  

•  su –  change user ID or become super-­user                              

Usage: su [OPTION] [LOGIN]                                                 

eg. su remo, su 

• passwd – update  a user’s authentication tokens(s)                   

Usage: passwd [OPTION]                                                       

eg. passwd 

• who – show who is logged on                                                     

Usage: who [OPTION]                                                            

eg. who , who ­-b , who -q

Linux File Permissions

Linux File Permissions 

• 3 types of file permissions – read, write, execute 

• 10 bit format from 'ls -­l' command 

     1           2 3 4      5 6 7     8 9 10             

   file type    owner     group    others 

eg.  drwxrw­-r--­­  means owner has all three permissions,group has read and write, others have only read              permission.

• read permission = 4, write = 2, execute =1 

eg. rwxrw-­r­­--   = 764 

       673    =   rw-­rwx­-wx

Text Processing Linux Commands

Pattern

A Pattern is an expression that describes a set of   strings which is used to give a concise description  of a set, without having to list all elements.

eg.  ab*cd matches anything that starts with ab and ends with cd etc.

 ls *.txt – prints all text files

Text Processing

• cat – 

concatenate files and print on the standard output

Usage:

cat [OPTION] [FILE]... 

eg. cat file1.txt file2.txt 

      cat -­n file1.txt 

• echo – display a line of text   

 

Usage: echo [OPTION] [string] ... 

eg. echo I love India

Linux File Handling Commands

Linux File Handling Commands

MAN Command 

 • man <command>  ­ shows all information about the  command  

• <command> --­­help  ­ shows the available options  for that command  

File Handling commands 

• mkdir – make directories                                                                           

  Syntax: mkdir [OPTION] DIRECTORY...

  eg. mkdir divakar

• ls – list directory contents                                                                          

Syntax: ls [OPTION]... [FILE]...                                                        

eg. ls, ls ­l, ls  divakar

• cd – changes directories                                                                          

Syntax: cd [DIRECTORY]  

eg. cd divakar

• pwd ­  print name of current working directory                                      

Syntax: pwd    

• vim – Vi Improved, a programmers text editor                                       

Syntax: vim [OPTION] [file]...                                                           

eg. vim file1.txt  

• cp – copy files and directories                                                        

Syntax: cp [OPTION]... SOURCE DEST                               

eg. cp sample.txt sample_copy.txt                                              

      cp sample_copy.txt target_dir   

•mv – move (rename) files                                                            

Syntax: mv [OPTION]... SOURCE DEST                            
eg. mv source.txt target_dir                                                        

       mv old.txt new.txt

• rm ­ remove files or directories                                               

Syntax: rm [OPTION]... FILE...   

eg. rm file1.txt , rm -­rf some_dir  

• find – search for files in a directory hierarchy                         

Usage: find [OPTION] [path] [pattern]                             

eg. find file1.txt, find -­name file1.txt 

• history – prints recently used commands                                   

Usage: history 

KALI -LINUX

Introduction to Kali Linux

What is Kali Linux ?

Kali Linux is an advanced Penetration Testing and Security Auditing Linux distribution.

Kali Linux Features

Kali is a complete re-build of BackTrack Linux, adhering completely toDebian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for our VCS.

More than 300 penetration testing tools: After reviewing every tool that was included in BackTrack, we eliminated a great number of tools that either did not work or had other tools available that provided similar functionality. 

Free and always will be: Kali Linux, like its predecessor, is completely free and always will be. You will never, ever have to pay for Kali Linux. 

Open source Git tree: We are huge proponents of open source software and ourdevelopment tree is available for all to see and all sources are available for those who wish to tweak and rebuild packages. 

FHS compliant: Kali has been developed to adhere to theFilesystem Hierarchy Standard, allowing all Linux users to easily locate binaries, support files, libraries, etc. 

Vast wireless device support: We have built Kali Linux to support as many wireless devices as we possibly can, allowing it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices. 

Custom kernel patched for injection: As penetration testers, the development team often needs to do wireless assessments so our kernel has the latest injection patches included. 

Secure development environment: The Kali Linux team is made up of a small group of trusted individuals who can only commit packages and interact with the repositories while using multiple secure protocols. 

GPG signed packages and repos: All Kali packages are signed by each individual developer when they are built and committed and the repositories subsequently sign the packages as well. 

Multi-language: Although pentesting tools tend to be written in English, we have ensured that Kali has true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job. 

Completely customizable: We completely understand that not everyone will agree with our design decisions so we have made it as easy as possible for our more adventurous users to customize Kali Linux to their liking, all the way down to the kernel. 

ARMEL and ARMHF support: Since ARM-based systems are becoming more and more prevalent and inexpensive, we knew thatKali’s ARM support would need to be as robust as we could manage, resulting in working installations for bothARMEL and ARMHF systems. Kali Linux has ARM repositories integrated with the mainline distribution so tools for ARM will be updated in conjunction with the rest of the distribution. Kali is currently available for the following ARM devices:

•  rk3306 mk/ss808 
• Raspberry Pi 
• ODROID U2/X2 
• Samsung Chromebook 
• EfikaMX 
• Beaglebone Black 
• CuBox 
• Galaxy Note 10.1

Kali is specifically tailored to penetration testing and therefore, all documentation on this site assumes prior knowledge of the Linux operating system.

Should I Use Kali Linux?

Differences Between Kali Linux and Debian

Kali Linux is geared towards professional penetration testing and security auditing. As such, several core changes have been implemented in Kali Linux which reflect these needs:

1. Single user, root access by design: Due to the nature of security audits, Kali linux is designed to be used in a “single, root user” scenario.

2. Network services disabled by default: Kali Linux contains sysvinit hooks which disable network services by default. These hooks allow us to install various services on Kali Linux, while ensuring that our distribution remains secure by default, no matter what packages are installed. Additional services such as Bluetooth are also blacklisted by default.

3. Custom Linux kernel: Kali Linux uses an upstream kernel, patched for wireless injection.

Is Kali Linux Right For You?

As the distribution developers, one would likely expect us to recommend that everyone use Kali Linux. The fact of the matter is however, that Kali is a Linux distribution specifically geared towards professional penetration testing and security auditing and as such, it is NOT a recommended distribution for those unfamiliar with Linux.

In addition, misuse of security tools within your network, particularly without permission, may cause irreparable damage and result in significant consequences.

If you are looking for a Linux distribution to learn the basics of Linux and need a good starting point, Kali Linux is not the ideal distribution for you. You may want to begin with Ubuntu or Debian instead.

Kali Linux Default Passwords

Kali Linux Default root Password is toor

Default root Password

During installation, Kali Linux allows users to configure a password for the root user. However, should you decide to boot the live image instead, the i386, amd64, VMWare and ARM images are configured with the default root password – “toor“, without the quotes.