CYBER & INFOSEC

"blogger, InfoSec specialist, super hero ... and all round good guy" 

DISCUSSIONS, CONCEPTS & TECHNOLOGIES FOR THE WORLD OF

JOIN THE DISCUSSION

Kali Linux 2021.3 - updates and new features

Most cybersecurity professionals have Kali Linux tucked away in their pocket, which is a Linux cybersecurity-focused distribution. For most of us in this profession, it is the go-to version for cybersecurity testing. I won’t get into the distribution discussion of choices, and I understand that there are many other choices such as Black Arch, Parrot Security, and Blackbox as Kali alternatives. But I wanted to focus on Kali Linux, and specifically the third quarter 2021 release which is better known as Kali Linux 2021.3.


Today, Kali can be run on most major platforms. Offensive Security, the group that maintains and funds Kali, has made deployment kits available for most major types of installations.


Kali’s virtual machine prebuilt images seem to perform much better in this version. You can drag and drop files between a host machine and the Kali Linux guest operating systems, and you can also copy and paste files. I found these features worked well on VMWare, but the process works much smoother and seamlessly using Oracle’s VirtualBox and Vagrant.


The Install


When you install Kali from (from ISOs) you will be prompted to create a standard username and password. Prebuilt images have one that is built-in:

  • All default operating system credentials used during Live Boot, or pre-created image (like Virtual Machines & ARM) will be:

  • User: kali

  • Password: kali

  • Vagrant image (based on their policy) will be:

  • Username: vagrant

  • Password: vagrant

  • Amazon EC2 will use the following:

  • User: kali

  • Password: <ssh key>

(source: https://www.kali.org/docs/introduction/default-credentials/)


If you are using prebuilt images, remember that when you import and run the virtual machines you might get a prompt to select the "copy" image instead of the "move" image. Selecting "copy" will generate a new MAC address in VMWare and VirtualBox, eliminating duplicate DHCP assignments. Make sure you change the default passwords during this time!


The Kali tweak menu (accessed by typing kali-tweaks in the terminal window) lets you access and change a number of Kali configurations. You can change your default network prompt between bash or zsh and change the prompt style between one or two blue lines Later on you can also do this in the terminal by pressing control-p inside the terminal screen. You can also enable or disable specific repositories and metapackages while in there.


Kali ny default has OpenSSL configured for wider compatibility, supporting legacy protocols such TLS 1.0 and TLS 1.1. In most circumstances, you would never want these deprecated protocols enabled, but as a security researcher, you might want to test for them to find potential exploits. In that regard, these older protocols can come in handy.


You can turn behavior off by accessing the kali-tweaks menu (mentioned above), then select the Hardening section to configure OpenSSL for the desired level of security.


Adding Tools


You would not experience the real value of Kali unless you add a number of very useful tools. You can add these tools to older versions of Kali (or almost any version of Linux) as long as you have the correct dependencies.


Some of the new tools include:

  • Berate_ap - Orchestrating MANA rogue Wi-Fi Access Points

  • CALDERA - Scalable automated adversary emulation platform

  • EAPHammer - Targeted evil twin attacks against WPA2-Enterprise Wi-Fi networks

  • HostHunter - Recon tool for discovering hostnames using OSINT techniques

  • RouterKeygenPC - Generate default WPA/WEP Wi-Fi keys

  • Subjack - Subdomain takeover

  • WPA_Sycophant - Evil client portion of EAP relay attack


Kali Documentation


One last thing I want to bring out is the excellent improvement of Kali’s online documentation. Things have gotten much better!




The tools documentation page (https://www.kali.org/tools/) now has every tool in Kali listed, and in most cases, the tool has websites linked with a small wiki-like page that instructions for the basic usage of that tool.




Newbies and Oldies - Distributions


New users can download the most suitable Kali installation distribution. Existing users can upgrade directly from their Kali Linux systems by going to the terminal and issuing the following commands:


sudo apt update

sudo apt full-upgrade -y


NOTE: if you are already a root user there is no need to use sudo.




Wrapping Things Up


There are many other tweaks and additions – some of them are platform-specific. Check out https://www.kali.org/blog/kali-linux-2021-3-release/ for the latest release notes.


In the meantime, happy hunting!