PDA

View Full Version : Is there a way to check if my Kali installation is infected?



xorslideshow
2015-06-13, 17:16
Is there a way to check if my Kali installation is infected with keyloggers and any other malware?

Thanks

Renegade
2015-07-01, 20:09
how are you dear error.
It is after all just a forum

FFS! is it so difficult giving a answer that he can use? Perhaps your on the wrong forum then.

Dude, I had almost the same question tho I asked it for CentOS running a webserver this is what they told me. First if you downloaded Kali from an external source other then Offensive Security, in that case theres a decent chance. There isnt much that you can do about it other then scanning it for possible virusses, I recommend downloading clamav go here for usage: https://help.ubuntu.com/community/ClamAV. If clamav doesnt find anything, I really urge you to just reinstall kali as it comes with more then enough tools preinstalled that most users need for theire job.

I forgot to mention that if you want to be sure you got the official download, download it from OS and after downloading AND BEFORE installing check the hash that OS gives with each download that way you can make sure that the download has not been compromised.

If its an possibility think about running kali from VM, you can install customise whatever you want and you take an easy to use Snapshot that doesnt take up any time if you think your infected you just rollback to that snapshot.


Now you should be able to make sure that your installation hasnt been comprimised and IF and only if you get infected its cause of a mistake you made.


Good luck,

Renegade

KaliNLinux
2016-07-10, 01:06
i wonder how it would be infected with keyloggers... where you get it from ? and why you don't just download it from kali.org ... this way you will live in peace ... peace of mind :)

sk00ma
2016-07-22, 20:09
Try scanning it with an anti-virus.

pedropt
2016-10-22, 01:00
netstat -atu
if you see any higher port opened then check the web for that port .
Keyloggers and trojans always connect to server to deliver the captured package .
configure iptables because the iptables in kali linux by default is a open firewall without any rules applied .

presider_35
2016-10-27, 23:13
it has got metasploit.in metas numeraus kit(exploit,malicious kod. etc.. ).You can check your pc with pentesting...and you must be carefully when you use kali with root mode.

alanford
2017-09-02, 09:52
solution is always simple: reinstall Kali :cool:
that's what is faster than to deal with possible malware.

why people download all these anti-malware software (that slow down PC) and even pay to recover their Windows when it is faster and cheaper just to reinstall windows? it is the same case with Linux. and why windows users trust to anti-virus companies?
is there one anti virus company that is not working for the secret service? all of them filter your internet traffic and collect information about your usage of the internet, so, why people use it?
deep freeze for windows and equivalent for Linux (OFRIS, Lethe, etc) is better than any anti-virus software, you just freeze your OS installation and you restart computer to delete any malware that could be installed.

in any case, there are hardware keyloggers, not only software keyloggers. it depends if you are targeted by hackers or secret service.

just delete hdd/usb, install Kali again and update&upgrade.

when I am writing already, just to say, when I used ordinary 8 or 16GB USB (Kali with LUKS), sometimes I waited 3-6 hours when I do upgrade, before one week, I bought 128GB USB with 150MB/s reading/writing speed, I installed and upgraded 15GB Kali in 40 minutes. of course, I used university Internet connection in both examples, not home Internet.

as you see, fresh all/full installation of Kali cost you 40 minutes of your time and it is free (3 hours if you do it from home), dealing with keyloggers will cost you 100 usd + one month of time, it depends if you do it personally or you pay someone.

but to give the exact answer to your question, if you want to learn and spend time, people use clamav and rkhunter to check Kali for virus and malware. command: rkhunter -c
but again, you will get a crowd of warnings although files are not infected.
and Kali has integrated many tools that can be detected by antivirus software as "problematic".

open your eyes and check your PC/laptop for hardware keyloggers, you can google images of hardware keyloggers, to see how it looks.
and again, protect yourself with freezing your installation, if you want to learn, install Kali on USB and try anti-virus and anti-malware software.

if you want to use iptables, you can block all ports except 443 and 80, but many websites and panels use ports between 8000-9000 so I recommend you to keep them open too:
https://wiki.vpsget.com/index.php/Iptables_example_block_all_except_specified
mysql ports is also 3306, if you need it open in your Kali. I don't use pop3 and smtp, I use webmail, here are email ports:
https://www.siteground.com/tutorials/email/pop3-imap-smtp-ports.htm

lol, I didn't see this is old topic, 2016...

BookerScacy
2018-02-07, 20:42
Its a pain in the *** to deploy the application to Zune every time I want to see if the changes I made are good or not. Is there a way to compile the application for Windows so I can test for the obvious bugs?