Offensive Security makes kali Linux a penetration testing platform on Debian distribution. Even kali Linux on raspberry pi 4 makes it the ultimate tool.
Although it seems like any other Linux distribution for the operating system it is a highly exclusive tool for security experts.
There is no logic to use it like any other operating system until not a concern with digital or cybersecurity.
Need in-depth knowledge of software, operating systems, network systems, and standard protocols like wi-fi and Bluetooth.
In some cases need hardware expertise also. People aware and curious about Kali Linux when tele series Mr. Robot shows various Kali Linux tools in action.
What is Kali Linux
In the early times, digital security tester or computer forensic experts do not have any platform or software support. They write their own programs for their custom needs.
But in the year 2013 Offensive Security developers introduce a platform that was needed for a long time.
For this purpose, they use the Debian distribution of the Linux operating system and provide all the tools together.
Also, make it open source and available code for everyone so that if anyone finds any loophole or bug inside the tool can be rectified.
There is wast support for all software and hardware platforms including virtual box and VMware.
Standard recommended image of kali with its packages for offline installation on any device.
The download takes time because of its file size included almost all the tools and packages.
Kali Linux image can be generated and can be copied to an external removable device to run from that device without installing it.
But it can not be modify later after creating.
Although the time of creation provides lots of options to select as per requirement or choice.
Small size setup to initiate the installation and does not contain files of default packages.
It can be choose and download during the installation.
Why to use Kali Linux on raspberry pi 4
Those who are not familiar with raspberry pi computer and accessories can follow the link raspberry pi.
Also described additional software required for install and setup.
A great advantage is a compact size and less power consumption makes it handy to carry everywhere.
This means penetration testing can be done from anywhere on the streets, public places, etc. Also, the advantage of Kali on rpi is on board availability of wi-fi and BlueTooth.
Support for raspberry pi 2/3/4 is available and all the tools work very well.
Kali Linux On RPi 4 installation
If already familiar with Linux and raspberry pi environment then it would be very easy to install.
Firstly need kali Linux ISO or IMG image file to kali Linux download from offensive security official website.
All the setup, documentation, and source code is available on GitHub as open-source and can be download via torrent.
There is 32/64 bit both versions are available for rpi 2/3/4.
With the help of Balena Etcher burn the image to the SD card ( 8 GB or more ) and puts it into the rpi sd card socket.
After verifying all the connections turn on the power supply of raspberry pi and let setup start automatically.
Coming steps more or less are common and applicable for all installation platforms.
As soon as booting complete the login screen will appear for entering the user name and password.
In the 2020.1 version, the standard default password and default user name is kali. After entering the following display will appear.
Firstly change the password for the user kali account. Open the terminal window and type the following code.
$sudo passwd kali
Will ask for a password one or two times then type kali after that when asking for a new password select of your choice.
For creating a root account password also the same command will be used only instead of kali need to type root.
$sudo passwd root
After creating root password login as root using switch user then enter root as user and password for root.
At last need to reset ssh password using following commands.
#sudo rm /etc/ssh/ssh_host_*
#sudo dpkg-reconfigure openssh-server
#sudo service ssh restart
Here password and user setting customization is done. Now the time to update all the packages with the latest release of packages.
Open the terminal window again and type the command for getting updates from repositories.
#apt update && apt upgrade
After completion of the update process need to restart the system so that changes can take place.
Although in the Kali most of the work done on shell window or terminal would be better to know some desktop functions.
Here not going to discuss all the options and functions because most of the options are similar to other operating systems.
Rest options which are less important or can understand. There are several setting options to customize as displayed in the image below.
Following function name, Kazam is an integral part of Kali operating system.
Very helpful to record the full session or when need to take pictures of any specific event or command.
There is one more important option ‘Do not disturb’ to avoid distraction in between attack.
Also can specify the notification display between the session. Log related functions also done from here.
Command makes me feel like a spy in the movies. With the simple command able to transform the entire desktop into the Windows10 environment.
When need to reverse the desktop just type the same command on the terminal and the original desktop will restore.
Tools and Application
Here is the link for latest complete tool list divided into categories.
Also, provide the complete details of the application like the author and how to use it with options.
The main categories are :
1 Information Gathering
2 Vulnerability Analysis
3 Web Application Analysis
4 Database Assessment
5 Password Attacks
6 Wireless Attacks
7 Reverse engineering
8 Exploitation Tool
9 Sniffing and Snoofing
10 Post Exploitation
11 Exploit Database
12 Forensics Tools
13 Stress Testing
In all the categories there are various tools for Kali which are going to explain below with some examples.
The very first step of any application security test is to gather information as much as possible.
Later it will be useful to find loopholes or weak points in the target application.
The main objective of information gathering is to find out where and how to attack and what will be the strategy for attack.
Some basic steps for information gathering are :
1) Search Engines or public tools
2) Scanner for application fingerprints
3) Find out the version and web server by sending simple requests.
4) Force to leak information like generating an error with some information about the structure.
Network mapper (nmap) and its GUI version Zenmap is an opensource utility available for Windows, Linux, and Mac operating systems.
Even it can be use from rpi very well. Mostly use for network inventory, monitor, and manage host upgrade schedules.
# nmap -o ‘IP address of target’
Command detect the operating system of target.
# nmap -p -65535 -T4 ‘IP address of target’
Tells about open TCP/UDP port of target.
Using domain name can find out all the information related to the domain like IP address, C Name, subdomain, and more.
# dnsenum domain-name.com
For penetration testing, the meaning of vulnerability is a weakness or weak point of server, network, or application.
Vulnerability is the next step after gathering information and utilize gathered data.
An open-source server scanner performs various tests on it. It performs quick tests but not in stealth mode.
# nikto -h ‘ip address’
Security auditing tool for linux based servers and run on host itself.
# lynis -c –auditor ‘name’
Openvas and hydra are more advanced GUI based tools that execute more than one task simultaneously.
Wireless networks are very easy targets for attack because their range or limit can not be control within premises.
It can be accessed from the street or roadside with network access credentials.
Command to list all interfaces
Command to monitor mode kill
# airmon-ng check kill
Start wireless monitoring
# airmon-ng -start Interface
Fern Wi-Fi Craker
GUI based program built for wireless attack and security auditing able to crack and recover wep2, WPA, wps passwords.
Main Features are
Password cracking of WPA 2 or WPA based on dictionary or WPS.
On success of cracking password automatically save in database.
Automated Access point attack mechanism.
Bruitforce attack on HTTP, HTTPS, Telnet, Ftp.
Hijack Cookies and sessions
Designed for IEEE 802.11 networks but can expand to other networks. Able to detect and sniff networks.
Can be attached to both client and access point with geographic locations if GPS is available.
A server security program with fake DHCP, DNS, and HTTP server. It can log and capture HTTP automatically.
Specially used in honeypot and phishing attacks. All can be done using such small gadgets.
Web Application Analysis
Those programs stay on either server or client-side and run on browsers known as web applications like web stores, Email accounts, etc.
At the same time, more than one person can use the application regardless of the geographic location or their operating system running on a computer.
Open source website cloning application to store the entire website on system hard drive offline.
Also able to save website user credentials like Email, address, and password, etc. from website data.
# httrack webaddress -O ‘directory path for store’
W3AF (Web Application Attack and Audit Framework)
An application can be used as a command line or GUI interface for testing security or loop holes.
# set targer “IP add”
# audit all
Dedicated to testing the security of WordPress websites and their plugins remotely with Kali Linux on raspberry pi 4.
# wpscan –url ‘domain address’
In the world of digital revolution password security is a big concern. Nowadays passwords are not saved as user type or choose.
Because these passwords are stored on servers and for attackers, it would be like a treat.
All the passwords are encrypted with a special hash key of fixed length then stored.
Even sensitive information like credit card transactions is encrypted from source and later on destination decrypt with the same hash key.
Such a function which arbitrary length of data maps into a fixed length of data. Hash returns the value in the form of hash values, hash codes, or digests.
Some common hash examples are MD5, SHA-1, etc. Before cracking hash need to identify.
A program is used to identify the hash type of data or password for the given string.
John the Ripper
Once find out the information about hash type then the next step is to get a real password out of it using the following command.
# john -format=’hash type’ ‘file path’
Application to generate a list of words with standard character sets or user define characters for the attempt as possible passwords.
# crunch min-length max-length
# crunch min-length max-length character-set
# crunch min-length max-length -p pattern
Method to break any finished product into it’s building block to understand or improvise it’s architecture and working.
Here reverse engineering in terms of application or program breaks into code to make a better application from competitors or find weak points of application.
Some applications are as follows.
As clear from the application name rebuild the android based apk extension application almost near to its original version.
# apktool -d application.apk
Based on Olydbg but GUI based designed for x86 to x86-64 bit multiple operating systems.
Easily recognize api , registers, loops and other coding components.
Capable of DLL debugging.
Plugin support for 3rd party allow several other DLL debuggers.
# chmod 755 application.exe
Sniffing and Spoofing
Both are different and used for different purposes. Both lots of tools are available.
Sniffing is to hear or record the information without coming to the notice of anyone. For example credit card information, financial statement, account numbers, etc.
On the other hand, Spoofing is to introduce with other or fake identity and attack or gather information. Like mobile number spoofing, IP address spoofing etc.
Common tools or applications are Ettercap-GUI, Driftnet, Bettercap, etc.
Social Engineering Tool
Social engineering is the way or strategy to manipulate or directed targeted person sentiments so that give up confidential information.
It’s a long process and required planning and social engineering tools.
Firstly use for DoS (Denial of Service ) with the clear intention to slow down the server resources like CPU and RAM (what is computer).
The above things are done by loading or providing so much data to process at the server.
Like Inviteflood attack on SIP devices by sending multiple invite requests.
Application slowhttptest is one of the examples of stress test software.
Now at the end (Conclusion)
This is not all but still, lots of things are there if really interested then this article is starting.
Main intention to make familiar with the security and privacy issue on the network.
Hope after reading all above will have a better understanding and better position to protect our-self or at least be cautious.
Of course if learn well then can use to recover account again. It is good and less expensive to start learning about security systems.
Fully tested and known fact rpi 4 perform like other laptop but still very small in size.
Is Kali Linux illegal?
There is nothing illegal until never access the network, confidential, or belongings of any person or organization without their permission.
Kali is a common platform for various applications that are used for security testing.
An organization or people higher such experts who penetrate and test organizations security system to make it more attack-proof.
In other words, it also helps to make it more secure to find out the weakness of the network, server, or application.
Can Raspberry PI 3 run Kali Linux?
Sure on rpi 4, 3, and 2 works very well. The official download website mentioned the download for raspberry pi 2/3 and 4.
Personally also test on rpi 4 and 3 worked well for me. Even using with touchscreen and power source can use as a mobile kali Linux machine for testing networks on streets.
What is Kali Linux RPI?
It is Debian Linux distribution operating system that is customized for penetration and security testing tools.
Also, Debian distribution is for arm microprocessors because RPI architecture is based around the ARM processors series.
Do hackers use Kali Linux?
Any hacker never reveals his technique and every hacker have their own way.
But I’m quite sure there is a ton of tools inside Kali Linux which is definitely used by hackers.
And maybe they are using some more advanced tools written on their own.
Is Kali Linux safe for beginners?
Kali is not meant for beginners. Better to learn other than Kali then shift to become a security expert.
Must have a clear concept about operating systems, administrator, types of user accounts, network and its protocols, server, and websites, etc.
Considering all these points is not safe for beginners without knowing much.