One of our goals when developing Kali Linux was to provide multiple metapackages that would allow us to easily install subsets of tools based on their particular needs. Until recently, we only had a handful of these meta packages but we have since expanded the metapackage list to include far more options:
EDIT: For updated Kali Rolling images in the Amazon AWS, check this post.
After several weeks of “back and forth” with the Amazon EC2 team, Kali Linux has finally been approved into the Amazon EC2 marketplace. This means that our users can now activate and access Kali Linux instances in the Amazon cloud quickly and easily. We are “selling” these images on the marketplace for free, so other than the regular amazon charges, there no extras to pay. We have currently published a single 64 bit minimal instance of Kali Linux, which can be found in the marketplace by searching for “Kali Linux” or accessed via its direct link.
Kali Linux contains a large number of very useful tools that are beneficial to information security professionals. One set of such tools belongs to the Pass-the-Hash toolkit, which includes favorites such as pth-winexe among others, already packaged in Kali Linux. An example of easy command line access using pth-winexe is shown below.
There’s been a fair amount of discussion around the recently introduced LUKS nuke patch we added to the cryptsetup package in Kali Linux. We wanted to take this opportunity to better explain this feature, as well as demonstrate some useful approaches which are worthwhile getting to know.
LUKS Nuke in a Nutshell
As explained well By Michael Lee in his ZDNet article, when creating an encrypted LUKS container, a master key is generated at random. A passphrase is then used to encrypt the master key in turn. This process means that the passphrase is not directly coupled to the data. That is, if two sets of identical data are encrypted and the same passphrase used, the master keys remain unique to each set and cannot be swapped out. What this also means however, is that regardless of the passphrase used, if the master key is lost, recovering data is impossible. This process conveniently lends itself to being used as a nuke by deliberately wiping the keys.
As penetration testers, we often need to travel with sensitive data stored on our laptops. Of course, we use full disk encryption wherever possible, including our Kali Linux machines, which tend to contain the most sensitive materials.
Setting up full disk encryption with Kali is a simple process. The Kali installer includes a straightforward process for setting up encrypted partitions with LVM and LUKS. Once encrypted, the Kali operating system requires a password at boot time to allow the OS to boot and decrypt your drive, thus protecting this data in case your laptop is stolen. Managing decryption keys and partitions is done using the cryptsetup utility.
We’re always on the lookout for and interesting ARM hardware for Kali Linux. Whether it’s a Galaxy Note or a USB stick sized SS808, we want to see Kali run on it. You can therefore imagine our excitement, when we first laid our eyes on the Utilite pro.
Utilite Pro is a quad core ARM cortex-A9 machine with up to 4 GB of RAM, up to 512 GB mSATA SSD, HDMI and DVI-D output, dual (2x) 1GB nics, a built in wireless card and 4 USB ports. And its fanless. With those type of specs, this little beauty was unlikely to skip our radars. We wanted Kali Linux on that baby, real bad.
Today we are pleased to announce the immediate availability of Kali Linux 1.0.5 with a rollup of various tool additions, fixes, and upgrades, including our fix for the encrypted encrypted LVM installation issue that we documented last week. As usual, users with Kali already installed just need to run a simple update to get the latest goodness:
Getting Kali Linux to run on ARM hardware has been a major goal for us since day one. So far, we’ve built native images for the Samsung Chromebook, Odroid U2, Raspberry Pi, RK3306, Galaxy Note 10.1, CuBox, Efika MX, and BeagleBone Black to name a few. This however does not mean you cannot install Kali Linux in a chroot on almost any modern device that runs Android. In fact, the developers of Linux Deploy have made it extremely easy to get any number of Linux distributions installed in a chroot environment using a simple GUI builder.
A little while back, a bug with the LVM encrypted install in Kali Linux 1.0.4 was reported in our bug tracker. This bug was high priority in our TODO as encrypted installs are an important feature in our industry so we wanted to squash this bug ASAP. This article will describe the process of debugging, identifying, and fixing this bug in Kali, and ultimately in Debian as well.