qubes-doc/managing-os/pentesting/kali.md

layout	title	permalink	redirect_from
doc	How to create a Kali Linux VM	/doc/pentesting/kali/	/doc/kali/

General Remainder:

• The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.

• Adding additional repositories or tools for installing software extends your trust to those tool provider.

Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended.

How to Create a Kali Linux VM

This guide is being created to give guidance on ways in which you could create a Kali Linux penetration testing VM (qube) in Qubes OS.

Kali Linux is the most widely used penetration testing Linux distribution.

There are multiple ways to create a Kali Linux VM:

1. Create a HVM and use the offical ISO to install the system or convert a Virtual Image. Explained here.
2. Clone the Qubes OS Debian image and turn it into a Kali Linux distribution using katoolin. Explained here.
3. Clone the Qubes OS 'jessie' Debian template, upgrade it to 'stretch' (Debian 9.0) and turn it into a Kali linux template. Explained here.

Alternative Options to Kali

• BlackArch
• PenTester Framework (PTF)
• Pentesting

Kali Linux HVM

1. Download the Kali installation DVD

2. Create a new HVM

3. Start the HVM with attached CD/DVD

    qvm-start <hvm-name> --cdrom <vm-name>:/home/user/Downloads/<iso-name>.iso
   

Create Debian Based Kali Template

Katoolin is a script (written in Python) which helps you to install Kali tools.

1. (Optional) Install debian-8 template (if not already installed)

2. Update your debian-8 template

    sudo apt-get update
    sudo apt-get dist-upgrade
   

3. Clone debian-8 template (two options)

   1. Via Qubes VM Manager

      

   2. Via command line

       qvm-clone debian-8 kali
      

4. Start and upgrade the kali Template from Debian 8 to Debian 9

    sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list
    sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list.d/qubes-r3.list
    sudo apt-get update
    sudo apt-get dist-upgrade
    sudo apt-get autoremove
   

5. Install Katoolin and add Kali Linux repositories

   1. Install Katoolin

       sudo apt-get install git
       git clone https://github.com/LionSec/katoolin.git
       sudo cp katoolin/katoolin.py /usr/bin/katoolin
       sudo chmod +x /usr/bin/katoolin
       rm -rf katoolin
      

   2. Add Kali Linux repositories

      • start katoolin

          sudo katoolin
        

      • select 'Add Kali repositories & Update'

          1) Add Kali repositories & Update
          2) View Categories
          3) Install classicmenu indicator
          4) Install Kali menu
          5) Help
        
          kat > 1
        

        

      • select 'Add kali linux repositories'

          1) Add kali linux repositories
          2) Update
          3) Remove all kali linux repositories
          4) View the contents of sources.list file
        
          What do you want to do ?> 1
        

        

      • update Kali repositories

          1) Add kali linux repositories
          2) Update
          3) Remove all kali linux repositories
          4) View the contents of sources.list file
        
          What do you want to do ?> 2
        

      • quit katoolin by pressing CRTL + c keys

          What do you want to do ?> ^CShutdown requested...Goodbye...
        

6. Clean up and update kali template

   sudo apt-get dist-upgrade
   sudo apt-get autoremove
   

7. Shutdown and trim kali template

   • Shutdown kali template

       sudo shutdown -h now
     

   • In dom0 console:

       qvm-trim-template kali
     

8. Start image

9. Install tools

   1. View Categories

      • start katoolin

          sudo katoolin
        

      • select 2) View Categories

   2. Select the categories/tools you want to install

      • For more information on how to use Katoolin see How to Auto Install All Kali Linux Tools Using “Katoolin” on Debian/Ubuntu.

      • Note: The all option does not work for Information Gathering, Web Apps, Forensic Tools, Reverse Engineering and Extra.

10. Create a AppVMs based on the kali template

    • (Optional) Attach necessary devices

Installing Kali from a Debian template

This section will explain how to create your own Kali Linux VM as a VM template. The basic idea is to personalize the template with the tools you need and then spin up isolated AppVMs based on the template.

This has been tested on Qubes OS 3.2.

The steps can be summarised as:

1. Install Qubes' Debian 8.0 (Jessie) template
2. Upgrade the template to Debian 9.0 (Stretch)
3. Install kali through the kali-linux-full package
4. Use the template to build appVM so that you can maintain isolation between e.g. pentesting jobs

Steps to build a Kali template

Get the GPG key

1. You'll need to fetch the Kali GPG key from a dispVM as the template you'll build won't have direct internet connectivity unless you enable it from the firewall:

    # in a dispVM
    gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6
    gpg --list-keys --with-fingerprint 7D8D0BF6 
    gpg --export --armor 7D8D0BF6 > kali.asc
   

2. DO NOT TURN OFF the dispVM

3. Make sure the key ID is the valid one listed on the Kali website. Ideally, verify the fingerprint through other channels as recommended on that link.

Once you have the key, keep the dispVM on as you'll need to copy the key over to the Kali template.

Customize the template

1. Install the debian-8 template if not already installed

2. Clone the debian template and start a terminal in it:

    # in dom0:
    qvm-clone debian-8 debian-9
    qvm-run -a debian-9 gnome-terminal
   
    # in the debian-9 template terminal:
    # substitute jessie for stretch in
    sudo -s
    sensible-editor /etc/apt/sources.list
    sensible-editor /etc/apt/sources.list.d/qubes-r3.list
    apt-get update && apt-get dist-upgrade
    # (hat tip: [the Debian wiki])
   

   Restart the template when done and make sure you can open a terminal.

3. Prepare the kali template:

    # in dom0:
    qvm-shutdown debian-9
    qvm-clone debian-9 kali-tpl
    qvm-run -a kali-tpl gnome-terminal
   

4. Add the sources to install Kali linux to the kali-tpl template:

    # in kali-tpl:
    sudo -s
    echo 'deb http://http.kali.org/kali kali-rolling main non-free contrib' >> /etc/apt/sources.list
   

5. Copy the Kali key from the dispVM into the template:

    # in the dispVM:
    qvm-copy-to-vm kali-tpl kali.asc
   
    # in kali-tpl:
    cat /home/user/QubesIncoming/dispXXX/kali-key.asc | sudo apt-key add -
   

   The last command should return OK on a line by itself.

6. Update the system:

    # in kali-tpl:
    sudo -s
    apt-get update && apt-get dist-upgrade
   

7. Shut down the kali-tpl template:

    # in dom0:
    qvm-shutdown kali-tpl
   

Install the Kali tools

At this point you should have a working template and you can install the tools you need.

1. resize the template if you plan on installing the full Kali distribution. For example to install kali-linux-full you must grow the size of the VM system from 10Gb to at least 20Gb.

2. Install Kali linux:

    # in kali-tpl:
    sudo apt-get install kali-linux-full
   

3. [optional] Customise the template's home directory (e.g. install your licensed copy of Burp Suite Professional)

Use the template

The template is ready to be used. You can now spin up AppVMs based on the kali-tpl template.

Alternative Options to Kali

• PenTester Framework: PTF (PTF Qubes OS guide)
• Black Arch with BA Qubes OS guide)
• KATOOLIN

Notes

Thanks to the people in the discussion thread.