# Kali Linux Penetration Testing Course #406: Section 1/5 – Installation & Configuration
## Introduction
Welcome to the first section of the Kali Linux Penetration Testing Course #406. In this section, we will explore the installation and configuration of Kali Linux, the industry-standard operating system for penetration testing and ethical hacking. By the end of this section, you will have a fully functional Kali Linux environment tailored for your pentesting needs.
## 1. Installation of Kali Linux
### 1.1 System Requirements
Before we begin the installation process, ensure that your system meets the following minimum requirements:
– **64-bit processor** (ARM architecture is also supported)
– **2 GB RAM** (4 GB or more is recommended for better performance)
– **20 GB of free disk space**
– A USB drive (for installation via USB) or a DVD (for installation via optical media)
### 1.2 Downloading Kali Linux
Kali Linux is available for download from the official Kali Linux website. Follow these steps to download the latest version:
1. Visit the [Kali Linux Downloads page](https://www.kali.org/downloads/).
2. Choose the appropriate version for your system (Installer, Live, or NetInstaller).
3. Click the download link to start downloading the ISO file.
### 1.3 Creating Bootable Media
Once you have the ISO file, you need to create a bootable USB drive or DVD. Here's how to do it for both methods:
– **Using Rufus (Windows Users)**
1. Download and install [Rufus](https://rufus.ie).
2. Insert your USB drive.
3. Launch Rufus and select your USB drive in the "Device" dropdown.
4. In the "Boot selection" section, select "Disk or ISO image" and browse to the downloaded Kali Linux ISO.
5. Click "Start" to create the bootable USB.
– **Using dd (Linux Users)**
1. Open a terminal.
2. Identify your USB drive using `lsblk` or `fdisk -l`.
3. Use the following command, replacing `/dev/sdX` with your USB drive identifier:
sudo dd if=path/to/kali-linux.iso of=/dev/sdX bs=4M
sync
### 1.4 Installing Kali Linux
1. Boot your system from the USB drive or DVD.
2. Select "Graphical Install" from the boot menu.
3. Choose your language, location, and keyboard layout.
4. Proceed with the installation until you reach the partitioning step. You can choose "Guided – use entire disk" for a simple setup.
5. Set up your user account and password when prompted.
6. After installation is complete, the system will prompt you to reboot. Remove the installation media when instructed.
### 1.5 Initial Configuration
Upon rebooting into Kali Linux:
1. Log in with your credentials.
2. Open a terminal and update the package list:
"`bash
sudo apt update && sudo apt upgrade -y
"`
3. Install additional tools based on your requirements. For example, you can install the full suite of penetration testing tools with:
"`bash
sudo apt install kali-linux-all -y
"`
## 2. Configuration of Kali Linux
### 2.1 Configuring Network Settings
To ensure you can perform penetration testing effectively, configure your network settings properly.
– **Wired Connection**
If you are using a wired connection, ensure that it is connected. You can check the connection status:
"`bash
ip addr show
"`
– **Wireless Connection**
For wireless connections, you can use the Network Manager GUI or the terminal:
"`bash
nmcli dev wifi list
nmcli dev wifi connect "SSID" password "your_password"
"`
### 2.2 Enabling SSH
To access your Kali Linux remotely, enable SSH:
"`bash
sudo systemctl enable ssh
sudo systemctl start ssh
"`
Verify SSH is running:
"`bash
sudo systemctl status ssh
"`
### 2.3 Installing Essential Packages
Consider installing additional packages and tools commonly used in penetration testing:
"`bash
sudo apt install nmap net-tools curl wget git vim -y
"`
## 3. Step-by-Step Usage and Real-World Use Cases
### 3.1 Initial Setup for PenTesting
Kali Linux comes pre-installed with a variety of tools, but it’s important to organize your workspace for efficiency. Create a directory structure for your projects:
"`bash
mkdir ~/pentest-projects
"`
### 3.2 Performing a Basic Network Scan with Nmap
**Real-World Use Case:** Identifying available hosts and services on a network.
1. Identify the target network range. For example, if your target is on the subnet `192.168.1.0/24`, you can scan it with:
"`bash
nmap -sP 192.168.1.0/24
"`
This command performs a ping scan to identify which hosts are up.
2. For a more detailed scan (including service version detection):
"`bash
nmap -sV 192.168.1.0/24
"`
### 3.3 Vulnerability Scanning with OpenVAS
**Real-World Use Case:** Scanning a network for known vulnerabilities.
1. Install OpenVAS:
"`bash
sudo apt install openvas -y
"`
2. Set up OpenVAS:
"`bash
sudo gvm-setup
"`
3. Start the OpenVAS service:
"`bash
sudo gvm-start
"`
4. Access the OpenVAS web interface via `https://localhost:9392` and login with the default credentials.
5. Create a new scan task and define your target.
### 3.4 Using Metasploit for Exploitation
**Real-World Use Case:** Exploiting identified vulnerabilities for further assessment.
1. Start the Metasploit console:
"`bash
msfconsole
"`
2. Use the exploit command to search for available exploits:
"`bash
search exploit/windows/smb/ms17_010_eternalblue
"`
3. Set the required parameters and run the exploit:
"`bash
use exploit/windows/smb/ms17_010_eternalblue
set RHOSTS
set LHOST
exploit
"`
### 3.5 Post-Exploitation: Gathering Information
Once you have successfully exploited a system, you may want to gather more information.
1. Use the `sysinfo` command to get system details:
"`bash
sysinfo
"`
2. Use the `hashdump` command to attempt to retrieve password hashes:
"`bash
hashdump
"`
## 4. Detailed Technical Explanations
### 4.1 Network Scanning Techniques
Network scanning is a crucial component of penetration testing. Understanding different scanning techniques can help maximize the effectiveness of your assessments. The common techniques include:
– **Ping Scanning:** Determines which hosts are alive on a network.
– **SYN Scanning:** Sends SYN packets to ports and analyzes responses to determine if a port is open.
– **UDP Scanning:** Scans for open UDP ports, which can be more challenging due to the nature of UDP traffic.
### 4.2 Vulnerability Assessment
Vulnerability assessment is the process of identifying and quantifying vulnerabilities in a system. Tools like OpenVAS and Nessus automate this process, providing comprehensive reports on any issues found.
### 4.3 Exploitation Frameworks
Metasploit is one of the most widely used exploitation frameworks in penetration testing. It provides a wide range of exploits and payloads, allowing pentesters to simulate real-world attacks.
### 4.4 Post-Exploitation Techniques
Post-exploitation involves actions taken after gaining access to a system. This includes gathering credentials, escalating privileges, and pivoting to other systems within the network.
## 5. External Reference Links
– [Kali Linux Official Documentation](https://www.kali.org/docs/)
– [Nmap Documentation](https://nmap.org/book/man.html)
– [OpenVAS Documentation](https://www.openvas.org/)
– [Metasploit Unleashed](https://www.offensive-security.com/metasploit-unleashed/)
– [OWASP Vulnerability Classification](https://owasp.org/www-community/Vulnerabilities)
By following this installation and configuration guide, you are now equipped to use Kali Linux as a powerful tool in your pentesting arsenal. Keep practicing and exploring the various tools and techniques discussed in this course!
nnMade by pablo rotem / פבלו רותם