3

Penetration testing basics & Kali Linux by Offensive Security.

Penetration testing basics with Kali. Two basic skills a pentester needs in his/her arsenal is know how to code and use the right technology; this is a must to play in the pentest field. This article also gives an introduction to the Kali Linux distribution and how you can get it up and running in a virtual machine with relative ease, Kali is tailored for penetration testing and contains a long list of tools that can be used for this purpose.


Like any thing worth doing, learning how to properly carry out manual penetration testing takes time and dedication, the field is huge and filled with possibilities, there are so many different types of systems, applications, architectures, protocols, services, technologies, etc.

Every pentest engagement has its own peculiarities and specific characteristics, the penetration tester must be able to individually analyze, understand and interpret every case he or she comes across.

A hunger to learn how stuff works and an inquisitive mind to find out how you can break it is, in my opinion, one of the main things that drives a skilled penetration tester. Add coding, discipline, research skills and a wish to keep yourself up to date and you might have fertile ground to start your odyssey.


Do you need to know how to code?

Yes you do! A pentester thoroughly evaluates and probes software to find vulnerabilities and weak spots. Knowing and understanding how code works is imperative if you want to successfully identify vulnerable code, this provides the ability to objectively evaluate risk. How would someone diagnose something they don’t really understand?

If you are interested in cybersecurity, but don’t know how to code, start learning now!

To be a proficient penetration tester is not an easy task, coding is a base skill and a must-have for this purpose. There are thousands of sources out there to learn how to code, if you are interested in cybersecurity, but don’t know how to code, I recommend to start now.   ‘

Learning how to code may be a daunting task though, and for good reasons, it is not easy to become a proficient coder. But you have to start somewhere, I recommend going with my current favorite language, Python; easy to learn, intuitive and widely used for scripting. Python comes in almost every Linux distribution, below we’ll see how important is to know your fair share about these systems.


Do you need to know Linux?

That’s another solid Yes! Knowing your way around Linux environments and using open source applications are also basic skills expected from a pentester. Not only there are a huge number of Linux-based systems out there (including all Android devices), but also, most of the tools written for penetration testing are crafted as open source and created for these kind of operating systems.

Again, if you don’t know your way around Linux environments, you should start with that too. Below we will see how to setup and use a Linux-based distribution created specifically for penetration testing and known as Kali Linux.


Where to start?

Start small! Nearly 4 years ago, I was introduced to the Kali Linux distribution, at that time, I had already been coding for about 8 years (Java, PHP and then C#), I really enjoyed switching to a penetration tester role, but I admit that I had (and still have) a lot to learn, sadly I was not aware of most of this stuff while I was coding (at least not at the beginning).

Kali Linux is a kind of Swiss army set of tools for penetration testing, compressed into a Linux-based .iso image, that you can use through virtualization software like VirtualBox. This image is created and maintained by Offensive Security, a team dedicated to Information Security with emphasis in proactive security measures and penetration testing.

To play the cybersecurity game, you need to develop the right skills and tools.

Downloading the .iso image

Kali SHA256sum

To use the Kali distribution, first you need to download the .iso file from here. Once the image is downloaded, make sure you do the checksum verification. I’m using Ubuntu, so I can just use the sha256sum command to calculate the checksum, something like this:

After we calculate it, we compare it to the one in the download site (see image below and note that the calculated checksum is equal to the one in the site). We do this to make sure that the downloaded file has maintained it’s integrity during download.

Kali site SHA256sum

Enabling VTx on BIOS

Now you need to make sure your computer supports virtualization, this is a configuration that has to be done at BIOS level and it’s different for each computer. For instance, I have an HP laptop with and Intel chip, to enter the BIOS I hit the F10 key when the computer starts booting.

Once in the BIOS, you need to navigate to something similar to: Advanced > Device Configuration > [Scroll Down] > Virtualization Technology (VTx), as shown below:

VTx

Setting up Virtualbox

We need virtualization software to install our Kali Linux image, in this case we will be using Virtualbox. Since I’m using Ubuntu, I install it using the command below.

sudo apt-get install virtualbox

After running Virtualbox, click the New button to create a new virtual machine, on the Name enter “Kali Linux”, that will most likely auto-fill the other fields, like this:

Virtualbox new.

Follow the wizard to create the virtual machine, make sure to give it enough RAM and disk space (I used 2Gb and 50gb respectively). Once done, you’ll see the virtual machine listed on the left pane, right click on it and select Settings, on the System tab go to Acceleration sub-tab and make sure that Enable VT-x/AMD-V is selected.

Virtualbox system acceleration.

After that, go to the Storage tab and click on the Empty optical drive under the IDE controller.

Virtualbox storage.

On the right side on the pane, click on the disk icon and navigate to wherever you put the .iso file and select it. Click the OK button:

Virtualbox storage disk.

Installing and using Kali

Double click on the virtual machine to start it and you shall see the Kali Linux installation screen will come up. By doing the above we are basically telling Virtualbox to boot the virtual machine from the .iso file.

Kali Linux installation - Penetration testing basics with Kali.

Now we proceed to install. for an easy installation select Graphical Installation and and follow the wizard to complete the installation. This part can take some time, mostly on the system installation screen, so I’m not going to cover the whole process here.

After some time, the installation will be completed and the virtual machine will request to be restarted. After restarting, you will see Kali boot and get to the login screen (as shown below), use the credentials you setup during installation to access.

Kali Linux - Penetration testing basics with Kali.

Once logged in, navigate around and make yourself familiar with the environment. Also, if you are not too versed on using Linux but you are interested in penetration testing, this is the time to start learning how to use Linux-based distributions like this one. Knowing Linux is a must to play the penetration testing game.

Kali running logged in - Penetration testing basics with Kali.

Many tools, which one first?

Kali has an extensive list of tools used for penetration testing and security-related matters, trying to cover every single one of them will be a long and exhaustive task. Instead, we will see one of the most used tools in a penetration tester’s arsenal when dealing with web applications and services, that is, a proxy.

A proxy is used to intercept and manipulate traffic between client and server, it is the basic tool for carrying out a man-in-the-middle attack and it’s great for analyzing traffic and probing the server with different payloads. There are a few tools in Kali for this purpose, like burpsuite, zaproxy and proxystrike.

Let’s see how burpsuite works, to open it, go to a console and type the command:

burpsuite

The GUI will come up and you’ll see something like the following:

Burpsuite - Penetration testing basics with Kali.

Now, head to the Proxy tab and then to Options, start the proxy by clicking the checkbox under the Running column, you can use the default IP or change it with the Edit option.

Burpsuite running. - Penetration testing basics with Kali.

Now that we have the proxy up and running, we need to configure the client to go through it. In this case, the client will be a browser, open Firefox (or any browser for that matter), got to Advanced -> Network -> Connection and hit the Settings button. Choose Manual proxy configuration and enter the IP and port of the proxy server, if you want to use this proxy select that option too (as shown below):

Browser connection settings. - Penetration testing basics with Kali.

Now, when you try to visit any website on the browser, you might get a Your connection is not secure message, which makes sense, because we are intercepting the traffic, click on Advanced, then on Add Exception and finally on Confirm Security Exception.

Connection not secure - Penetration testing basics with Kali.

Now, go back to burpsuite and you will be able to see the traffic on the Intercept tab:

burp intercepted - Penetration testing basics with Kali.

Conclusion

Coding skills and know hot to use the right tools are two basic skills required for penetration testing. Kali is a Linux distribution with an extensive set of tools tailored for security professionals and penetration testers, knowing how to use these tools is a must if you want to play on the cybersecurity field. Setting up a virtual machine with Kali is relatively easy, however, getting to know all the tools within it, is a much greater challenge.

The OSWE in Review.