Terms of Use For FixedByVonnie

By proceeding to access fixedByVonnie.com, you expressly acknowledge, and agree to, all of the following:

fixedByVonnie.com is a personal website and blog owned by Security Plus Pro LLC, which is being presented for informational purposes only. The views on this website are solely those of the website owner (and not those of any employer or of any professional associations affiliated with the website owner).  Any views expressed in this website and any information presented on this website, or in any of its blog entries, should not be relied on for any purpose whatsoever other than as the personal opinions of the website owner.  The website owner expressly disclaims any and all liability for any information presented on this site.  The owner of this website and its blog posts shall not be held liable, and shall be held harmless, for any errors or omissions in any information or representations contained in this website, or in any of its blog entries.  The website owner also expressly disclaims any liability for the current or future availability of any such information. The website owner makes no representations as to the accuracy or completeness of any information on this website or which may be found by following any link on this website. The website owner shall not be held liable for any losses, injuries, damages, claims, or causes of action, from the display or use of any information on this website or in any of its blog entries. If you use the information on this website, or on any of its blog entries, you do so solely at your own risk.

Welcome to Kali Linux (Part 3 of 3) - fixedByVonnie

Welcome to Kali Linux (Part 3 of 3)

Posted on by vonnie No Comments ↓

In the first guide, I gave you an overview of Kali Linux.  Then in the previous guide I showed you how to setup Kali Linux in VirtualBox.  In this guide, we’re going to log in Kali Linux, update the packages and I’ll show you how to get help for the hundreds of commands that live in this massive toolkit.

I’ll also show you how to boot the transmit power on your USB Wi-Fi adapter, configure SSH for remote access and configure a static IP address so your computer doesn’t keep assigning a new address on each reboot.

Let’s get it!

Once you have the VirtualBox settings configured for Kali Linux you can boldly go where few men have gone before: The Kali Linux desktop!

Double-click the virtual machine and watch it boot up.

Booting up Kali Linux in VirtualBox

A boot loader will flash on the screen and then almost immediately catapult you to the login screen.

Enter username:

root

and password

toor

Logging into Kali Linux

It’s just root spelled backwards.

Clever I know.

The first thing you’re going to want to do is personalize the desktop a little.  Right-click it and choose Change Desktop Background to get that going.

Change desktop background in Kali Linux

Next, we should update all the packages installed on the system.  By default, Kali Linux is chock full of packages in the following categories:

  • Information Gathering
  • Vulnerability Analysis
  • Web Applications
  • Password Attacks
  • Wireless Attacks
  • Exploitation Tools
  • Sniffing/Spoofing
  • Maintaining Access
  • Reverse Engineering
  • Stress Testing
  • Hardware Hacking
  • Forensics
  • Reporting Tools
  • System Services

Some of these categories contain dozens of sub-categories which open to reveal all your hacking tools.

So before we get started we should make sure all our tools are updated.

The way to update packages in Kali Linux is to use the Advanced Packaging Tool (APT).

To download the latest packages type:

apt-get update

apt-get update

When everything finishes type in the following:

apt-get upgrade

The upgrade option actually installs the updates we downloaded and it usually takes the longest.  It can range from 10 to 45 minutes.

apt-get upgrade

And know we’re good to go.

But let me ask you a question: how did I know to type apt-get update and upgrade?

Getting help using Linux commands

Linux gives you a few options for getting help with commands.

First there’s the manual pages (man).

Simply type:

man apt-get

to get the full scoop on the command and all it’s idiosyncrasies.  You’ll get more information then you ever wanted so consider it a tome of commands for Linux junkies.

man page for apt-getUsually it’s easier to get help by appending the command with one of the following options:

  • -h
  • -help
  • –help

For example, you can type the following command for a synopsis of what apt-get does.  You’ll also see which parameters you can include to filter the output.  Text in brackets are optional.

apt-get -h

apt-get -h

You may notice that the screenshot above shows:

Usage:

  • apt-get [options] command
  • apt-get [options] install|remove pkg1 [pkg2 …]
  • apt-get [options] source pkg1 [pkg2 …]

If you scroll down the output, you’ll see a section titled options.  Since it’s in brackets these little modifiers aren’t required but if you do decide to use it, the Usage section is telling us to include any options before the commands in the command list.

You can use the -h or -help or –help options on most commands so try it out to get comfortable with it.

Connecting your Kali Box to the Network

Now how do we get our Kali Box on the internet so we can launch our attacks?

Let’s make sure our network settings are in order.

If you do an ifconfig you’ll get the IP address of your adapter.  You can open a terminal window by clicking the black square icon near the top of the screen.

Without the USB wireless card (called wlan0 in Kali Linux) it shows up like this:

ifconfig in Kali Linux

Notice eth0 is showing up as my wired Ethernet connection even though it’s connected to the integrated Wi-Fi card on my host machine. (my Mac)

The IP address was automatically assigned via DHCP from my home router.  DHCP makes assigning an IP address super easy but we can easily change this if we want a static address.  With a static address your computer will maintain the same IP address even after rebooting.

Once you find an unassigned IP address to use, you can permanently fix your IP address, subnet mask, default gateway and DNS information to your adapter by modifying the interfaces file.

Type:

vi /etc/network/interfaces

Now hit the “i” key to enter Insert mode.  This lets you modify the file.

Use your arrow keys to go down to the eth0 interface and enter all your network information.  For example, if you want to use static IP address 192.168.0.112 with 192.160.0.1 as the default gateway of your Wi-Fi router you could type this:

iface eth0 inet static
address 192.168.0.112
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1

etc/network/interfaces

When you have everything in place press Esc to exit Insert Mode.

Then type:

ZZ

Double Z’s saves and exits the vi editor.

 

I know these commands are esoteric and really don’t make sense but the more you practice the more normal it will feel.  I promise!

Set the Transmit Power on the WLAN adapter

When you attach a compatible USB Wi-Fi adapter to your host computer and add it in the VirtualBox settings, it shows up in Kali Linux as wlan0.

You can see your transmit strength, determine if you have encryption enabled and see which access point you’re associated with this command:

iwconfig

You can (and should) set the transmit power to your wlan0 adapter to the maximum signal strength (dbm) allowed by your country.  So what value is that?

Well, the FCC has mandated transmit power limitations for the US.  Usually you can legally crank the transmit power up to 27 dBm (500 mW) which will increase your range but could also damage the Wi-Fi adapter if it doesn’t support the increased signal strength.

On your Kali Box you can use the iw command to modify the transmit value.

First turn off the wlan adapter:

ifconfig wlan0 down

Next, set the transmit value to the max value supported by your adapter and country:

iwconfig wlan0 txpower 27

If you wanted to go higher than the limits of your country, you can manually set the country code to a country that allows a higher transmit power.

Bolivia has a higher country transmit limit so this deft command let’s you amplify the signal.

iw reg set BO
iwconfig wlan0 txpower 30

Setup SSH for remote connectivity

There’s one last thing I want to show you before we wrap up this series.  I find that setting up SSH on your Kali Box is super convenient for two reasons:

  • You can securely access your Kali box without physically sitting in front of it
  • You can open multiple SSH sessions to Kali so you can test different things in different windows.

It’s really really easy to do this.  All you need to do are three things:

  1. Generate the SSH keys
  2. Start the SSH service
  3. Tell Kali Linux to automatically start SSH on reboot

Setting up your encryption keys is easy.  This lets us remotely connect to the device:

sshd-generate

and then start the ssh service

start ssh

To tell Kali Linux to use start SSH by default with every reboot type this:

update-rc.d -f ssh defaults

The Bottom Line

We’re done with our three part welcome series to Kali Linux.  I’m going to start another series about hacking Wi-Fi networks with Kali next.

This is where the real fun starts – everything else was just setup.

But now that your Kali box is ready for work there’s nothing holding you back but the learning curve of using the tools.  Don’t worry though – I’ll walk you through it every step of the way.  Look out for my Wireless hacking series coming up soon.

About

Connect with Vonnie on Twitter

Posted in Linux, Security Tagged with: , , , , ,