mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2024-10-01 01:25:40 -04:00
193 lines
7.2 KiB
Markdown
193 lines
7.2 KiB
Markdown
---
|
||
layout: doc
|
||
title: How to create a Kali Linux VM
|
||
permalink: /doc/pentesting/kali/
|
||
redirect_from:
|
||
- /doc/kali/
|
||
---
|
||
|
||
How to create a Kali Linux VM
|
||
===============================
|
||
Warnings
|
||
--------------
|
||
* The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.
|
||
* Adding additional repositories or tools for installing software extends your trust to those tool providers.
|
||
* Please keep in mind that using such template for security and privacy critical tasks is not recommended.
|
||
* Kali Linux distribution is a rolling distribution constantly based on Debian testing release, so it will always have a newer software base than available in Qubes OS Debian template. Keep in mind that it may result in problems (especially in regard to package dependency) not covered by this tutorial.
|
||
|
||
From the official ISO file <a name="hvm4_0"/>
|
||
==================================================
|
||
Only use this method if you want the full Kali GUI (desktop, fancy menus, etc.).
|
||
It comes at the cost of much greater resources consumption.
|
||
|
||
1. Download the Kali ISO
|
||
2. Create a new HVM
|
||
3. Start the HVM with attached CD/DVD
|
||
```shell_session
|
||
$ qvm-start <hvm-name> --cdrom <vm-name>:/home/user/Downloads/<iso-name>.iso
|
||
```
|
||
|
||
From a Debian template <a name="templatevm-from-debian4_0"/>
|
||
================================================================
|
||
This is the recommended method.
|
||
Easier to maintain and less demanding on resources, but you won’t have the full Kali GUI.
|
||
|
||
If you need to install custom kernel modules (wifi drivers, …) you need to use the kernel provided by Kali instead of the kernel provided by Qubes, see [Managing VM Kernel.](/doc/managing-vm-kernel/)
|
||
|
||
The steps can be summarized as:
|
||
|
||
1. Install Qubes stable Debian template
|
||
2. Upgrade the template to Debian testing release
|
||
3. Add the Kali repository
|
||
4. Update the template
|
||
|
||
Get Kali Linux GPG key
|
||
-----------------------
|
||
**CAUTION:** Before proceeding, please carefully read [On Digital Signatures and Key Verification][qubes-verifying-signatures].
|
||
This website cannot guarantee that any GPG key you download from the Internet is authentic.
|
||
Always obtain a trusted key fingerprint via other channels, and always check key you download against your trusted copy of the fingerprint.
|
||
|
||
This step is required since by (security) default TemplateVM do not have a
|
||
direct Internet connectivity. Users understanding the risks of enabling such
|
||
access can change this configuration in firewall settings for the TemplateVM.
|
||
|
||
1. Retrieve the Kali Linux GPG key using a DisposableVM.
|
||
|
||
```shell_session
|
||
$ gpg --keyserver hkp://keys.gnupg.net --recv-key 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6
|
||
$ gpg --list-keys --with-fingerprint 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6
|
||
$ gpg --export --armor 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6 > kali-key.asc
|
||
```
|
||
|
||
2. **DO NOT TURN OFF** the DisposableVM, the `kali-key.asc` file will be copied to
|
||
the Kali Linux template for a further step.
|
||
|
||
3. Make sure the key is the authentic Kali key.
|
||
See the [Kali website] for further advice and instructions on verification.
|
||
|
||
Create a Kali Linux (rolling) template
|
||
----------------------------------------
|
||
These instructions will show you how to upgrade a Debian TemplateVM to Kali Linux.
|
||
|
||
1. (Optional) Check for latest Debian stable templates and install it (if not already done)
|
||
|
||
```shell_session
|
||
# qubes-dom0-update --action="search all" qubes-template-debian
|
||
# qubes-dom0-update <latest Debian template>
|
||
```
|
||
|
||
2. Start your latest Debian template
|
||
|
||
```shell_session
|
||
$ qvm-start debian-<X>
|
||
$ qvm-run -a debian-<X> gnome-terminal
|
||
```
|
||
|
||
3. Update it
|
||
|
||
4. And then close it
|
||
|
||
```shell_session
|
||
$ qvm-shutdown debian-<X>
|
||
```
|
||
|
||
5. Clone `debian-X` template
|
||
|
||
```shell_session
|
||
$ qvm-clone debian-<X> kali-rolling
|
||
```
|
||
|
||
6. Check the name of currently used repository in `/etc/apt/sources.list` and current testing [Debian release][Debian-releases]. Update repository list accordingly
|
||
|
||
```shell_session
|
||
# sed -i 's/<current stable>/<current testing>/g' /etc/apt/sources.list
|
||
# sed -i 's/<current stable>/<current testing>/g' /etc/apt/sources.list.d/qubes-r<X>.list
|
||
```
|
||
|
||
e.g. in this example we update `buster` stable repository to `bullseye` testing repository
|
||
|
||
```shell_session
|
||
# sed -i 's/buster/bullseye/g' /etc/apt/sources.list
|
||
# sed -i 's/buster/bullseye/g' /etc/apt/sources.list.d/qubes-r<X>.list
|
||
```
|
||
|
||
For installation based on Debian 10 stable, please note that the security repository of Debian testing has [recently been renamed][Debian-security-naming-convention] from `<current testing>/update` to `<current-testing>-security`. To account for that change, execute the following command.
|
||
|
||
```shell_session
|
||
# sed -i 's/bullseye\/updates/bullseye-security/g' /etc/apt/sources.list
|
||
```
|
||
|
||
5. Update the template
|
||
|
||
**Note:** During execution of the update, carefully read list of packages to be removed. If it contains `qubes-*` packages, terminate operation and try to resolve `qubes-*` packages missing dependencies first.
|
||
|
||
6. Copy the Kali GPG key from the DisposableVM to the new template:
|
||
|
||
```shell_session
|
||
$ qvm-copy kali-key.asc
|
||
```
|
||
|
||
The DisposableVM can now be turned off.
|
||
|
||
7. Add the Kali GPG key to the list of keys trusted to authenticate packages:
|
||
|
||
```shell_session
|
||
# cat /home/user/QubesIncoming/dispXXX/kali-key.asc | apt-key add -
|
||
```
|
||
|
||
This command should return: `OK`.
|
||
|
||
8. Add the Kali repository
|
||
|
||
```shell_session
|
||
# cat <<EOF > /etc/apt/sources.list.d/kali.list
|
||
# Kali Linux repository
|
||
deb https://http.kali.org/kali kali-rolling main non-free contrib
|
||
EOF
|
||
```
|
||
|
||
9. Update the template
|
||
|
||
10. Ensure a terminal can be opened in the new template.
|
||
|
||
```shell_session
|
||
$ qvm-run -a kali-rolling gnome-terminal
|
||
```
|
||
|
||
Install the Kali tools
|
||
------------------------------
|
||
At this point you should have a working template and you can install the tools you need.
|
||
Keep in mind that the tools you will install can easily take more than 10 GB, [so you will need to **grow** the size of the VM.][qubes-resize-disk-image]
|
||
|
||
Alternative Options to Kali Linux
|
||
===================================
|
||
* [PenTester Framework][PTF], with [PTF Qubes OS guide][qubes-ptf]
|
||
* BlackArch Linux, with [BA Qubes OS guide][qubes-blackarch]
|
||
* more on the [Penetration Testing page][qubes-pentesting]
|
||
|
||
|
||
Notes
|
||
=============
|
||
Thanks to the people in [the discussion thread](https://github.com/QubesOS/qubes-issues/issues/1981).
|
||
|
||
[qubes-verifying-signatures]: /security/verifying-signatures/
|
||
[qubes-pentesting]: /doc/pentesting/
|
||
[qubes-blackarch]: /doc/pentesting/blackarch/
|
||
[qubes-ptf]: /doc/pentesting/ptf/
|
||
[qubes-template-debian-install]: /doc/templates/debian/#install
|
||
[qubes-resize-disk-image]: /doc/resize-disk-image/
|
||
|
||
[kali]: https://www.kali.org/
|
||
[kali-vbox]: https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-download/
|
||
[kali website]: https://docs.kali.org/introduction/download-official-kali-linux-images
|
||
|
||
[PTF]: https://www.trustedsec.com/may-2015/new-tool-the-pentesters-framework-ptf-released/
|
||
|
||
[katoolin]: https://github.com/LionSec/katoolin
|
||
[katoolin-howto]: http://www.tecmint.com/install-kali-linux-tools-using-katoolin-on-ubuntu-debian/
|
||
|
||
[Debian-releases]: https://www.debian.org/releases/
|
||
|
||
[Debian-security-naming-convention]: https://www.mail-archive.com/debian-security@lists.debian.org/msg41223.html
|
||
|