Truth Be told, Kali Linux has just about every tool we’ll need. However, there are a few additional programs that will be great for us to have.
First, we’ll install Tenable Security’s Nessus Home vulnerability scanner. This scanner is free for home use only (you’ll see a description of limitations on the Nessus website).
Use the following steps to install Nessus Home from within Kali:
- Open Applications> Internet> Iceweasel Web Browser and enter http://www.tenable.com/products/nessus-home/ in the address bar. Complete the Register for an Activation Code information and click Register. (Use a real email address—you’ll need the activation code later.)
- Once you reach the Downloads page, choose the latest version of Nessus for the Linux Debian 32-bit platform and download it to your root directory (the default down- load location).
- Open a Linux terminal (click the terminal icon at the top of the Kali screen) to open a root prompt.
- Enter ls to see a list of the files in your root directory. You should see the Nessus file that you just downloaded.
- Enter dpkg -i followed by the name of the file you downloaded (you can type the first letter of the filename and press tab to use tab completion) and press enter to begin the install process. Installation may take a while as Nessus processes various plugins. Progress is shown by a line of hash symbols (#).
Selecting previously unselected package nessus.
(Reading database … 355024 files and directories currently installed.) Unpacking nessus (from Nessus-5.2.5-debian6_amd64.deb) …
Setting up nessus (5.2.5) …
nessusd (Nessus) 5.2.5 [build N25109] for Linux Copyright (C) 1998 – 2014 Tenable Network Security, Inc
Processing the Nessus plugins…
[########### ]
- Once you’re returned to the root prompt with no errors, Nessus should be installed, and you should see a message like this.
All plugins loaded
Fetching the newest plugins from nessus.org… Fetching the newest updates from nessus.org…
Done. The Nessus server will start processing these plugins within a minute
nessusd (Nessus) 5.2.5 [build N25109] for Linux Copyright (C) 1998 – 2014 Tenable Network Security, Inc
Processing the Nessus plugins… [##################################################]
All plugins loaded
- You can start nessusd by typing /etc/init.d/nessusd start
Then go to https://kali:8834/ to configure your scanner
- Now enter the following to start Nessus.
root@kali:~# /etc/init.d/nessusd start
- Open the URL https://kali:8834/ in the Iceweasel web browser. You should see a SSL certificate warning, similar to that in Figure 1-10.
no t e If you access Nessus from outside the Iceweasel browser in Kali, you will need to go to
https://<ipaddressofKali>:8834 instead.
Figure 1-10: Invalid SSL certificate warning
- Expand I Understand the Risks and click Add Exception. Then click
Confirm Security Exception, as shown in Figure 1-11.
Figure 1-11: Confirming the security exception
- Click Get Started at the bottom left of the opening Nessus page and enter a username and password on the following page. I’ve chosen georgia:password for my example. If you choose something else, remember it because we’ll use Nessus in Chapter 6. (Note that I use poor passwords throughout this book, as will many clients you encounter. In production, you should use much better passwords than password.)
- At the next page, enter the activation code you received via email from Tenable Security.
- Once registered with Tenable Security, choose the option to download plugins (downloading will take some time). Once Nessus processes the plugins, it will initialize.
When Nessus finishes downloading plugins and configuring the soft- ware, you should see the Nessus login screen, as shown in Figure 1-12. You should be able to use the credentials for the account you created during setup to log in.
Figure 1-12: Login screen of the Nessus web interface
To close Nessus, just close its tab in the browser. We will come back to Nessus in Chapter 6.
Installing Additional Software
We’re not done yet. Follow these instructions to complete your Kali Linux install.
The Ming C Compiler
We need to install a cross compiler so we can compile C code to run on Microsoft Windows systems. The Ming compiler is included in the Kali Linux repositories but is not installed by default. Install it with this command.
root@kali:~# apt-get install mingw32
Hyperion
We’ll use the Hyperion encryption program to bypass antivirus software. Hyperion is not currently included in the Kali repositories. Download Hyperion with wget, unzip it, and compile it with the Ming cross compiler you installed in the previous step, as shown in Listing 1-2.
root@kali:~# wget http://nullsecurity.net/tools/binary/Hyperion-1.0.zip
root@kali:~# unzip Hyperion-1.0.zip
Archive: Hyperion-1.0.zip creating: Hyperion-1.0/
creating: Hyperion-1.0/FasmAES-1.0/
root@kali:~# i586-mingw32msvc-c++ Hyperion-1.0/Src/Crypter/*.cpp -o hyperion.exe
—snip—
Listing 1-2: Installing Hyperion
Veil-Evasion
Veil-Evasion is a tool that generates payload executables you can use to bypass common antivirus solutions. Install Veil-Evasion Kali (see Listing 1-3) by first downloading it with the command wget. Next, unzip the downloaded file master.zip and change to the Veil–master/setup directory. Finally, enter ./setup.sh and follow the default prompts.
root@kali:~# wget https://github.com/ChrisTruncer/Veil/archive/master.zip
–2015-11-26 09:54:10– https://github.com/ChrisTruncer/Veil/archive/master.zip
—snip—
2015-11-26 09:54:14 (880 KB/s) – `master.zip’ saved [665425]
root@kali:~# unzip master.zip
Archive: master.zip 948984fa75899dc45a1939ffbf4fc0e2ede0c4c4
creating: Veil-Evasion-master/
—snip—
inflating: Veil-Evasion-master/tools/pyherion.py root@kali:~# cd Veil-Evasion-master/setup root@kali:~/Veil-Evasion-master/setup# ./setup.sh
=========================================================================
[Web]: https://www.veil-evasion.com | [Twitter]: @veilevasion
=========================================================================
[*] Initializing Apt Dependencies Installation
—snip—
Do you want to continue? [Y/n]? Y
—snip— root@kali:~#
Listing 1-3: Installing Veil-Evasion
Ettercap
Ettercap is a tool for performing man-in-the-middle attacks. Before run- ning it for the first time, we need to make a couple of changes to its config- uration file at /etc/ettercap/etter.conf. Open its configuration file from a Kali root prompt in the nano editor.
root@kali:~# nano /etc/ettercap/etter.conf
First change the userid and groupid values to 0 so Ettercap can run with root privileges. Scroll down to where you see the following lines in the file. Replace whatever values you see following the equal signs (=) with a 0.
[privs]
ec_uid = 0 # nobody is the default
ec_gid = 0 # nobody is the default
Now scroll down to the Linux section of the file and uncomment (remove the leading # characters) before the two lines shown at u and v in Listing 1-4 to set Iptables firewall rules to redirect the traffic.
#—————
# Linux
#—————
# if you use ipchains:
#redir_command_on = “ipchains -A input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT
%rport”
#redir_command_off = “ipchains -D input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT
%rport”
# if you use iptables:
uredir_command_on = “iptables -t nat -A PREROUTING -i %iface -p tcp –dport %port -j REDIRECT –to-port %rport”
vredir_command_off = “iptables -t nat -D PREROUTING -i %iface -p tcp –dport %port -j REDIRECT –to-port %rport”
Listing 1-4: Ettercap configuration file
Save and exit the file by pressing ctrl-X and then Y to save the changes.