PDA

View Full Version : Kali 2 - Common Tool Issues/Differences Between v1.0 and v2.0



g0tmi1k
2015-08-31, 07:58
Table of Contents

Metasploit Service (https://forums.kali.org/showthread.php?27106-Kali-2-Common-Tool-Issues-Differences-Between-v1-0-and-v2-0&p=49485&viewfull=1#post49485)
Aircrack-ng/airmong-ng & Monitor mode (https://forums.kali.org/showthread.php?27106-Kali-2-Common-Tool-Issues-Differences-Between-v1-0-and-v2-0&p=49486&viewfull=1#post49486)
Unable to connect via SSH (https://forums.kali.org/showthread.php?27106-Kali-2-Common-Tool-Issues-Differences-Between-v1-0-and-v2-0&p=49487&viewfull=1#post49487)
Whats the difference between: Kali vs Kali Light vs Kali Mini vs Kali ARM vs Kali Docker vs Kali Cloud vs NetHunter Vs Custom Image (https://forums.kali.org/showthread.php?27106-Kali-2-Common-Tool-Issues-Differences-Between-v1-0-and-v2-0&p=49492&viewfull=1#post49492)
GNOME (https://forums.kali.org/showthread.php?27105-GNOME-3-10-Customization)



Any off topic replies will be deleted.

g0tmi1k
2015-08-31, 07:58
Metasploit Service
You no longer can run 'service metasploit start', as in Kali 1, to start up the Metasploit service before using the framework. Trying to do so will result in the following error message.



root@kali:~# service metasploit start
Failed to start metasploit.service: Unit metasploit.service failed to load: No such file or directory.
root@kali:~# /etc/init.d/metasploit start
bash: /etc/init.d/metasploit: No such file or directory
root@kali:~#



This is because:

The Metasploit package is no longer included - only metasploit-framework (which is just the command line version - rather than web UI)
Kali now uses 'systemd' rather than 'init' for service control.





At the request of Rapid7, we have removed the Metasploit Community / Pro package from Kali Linux and now host the open-source metasploit-framework package only. For all of you who require Community or Pro, you will now need to download it from Rapid7 and then register and submit your personal details in order to get a license.

Source: kali.org/releases/kali-linux-20-released/ (https://www.kali.org/releases/kali-linux-20-released/)


So how do I start up Metasploit for the first time?
You first need to run 'msfdb init' to setup the database.
The first time that you run msfconsole, Metasploit needs to build up an index. This will take between 2-5 minutes (on average) depending on the speed of your computer.


root@kali:~# systemctl start postgresql
root@kali:~# msfdb init
Creating database user 'msf'
Enter password for new role:
Enter it again:
Creating databases 'msf' and 'msf_test'
Creating configuration file in /usr/share/metasploit-framework/config/database.yml
Creating initial database schema
root@kali:~#
root@kali:~# msfconsole
The initial module cache will be built in the background, this can take 2-5 minutes...
...SNIP...
msf >

Note, the first two commands will not return any feedback to the terminal (systemd uses log files when giving feedback regarding service status).
Please see the following page on the Kali documentation site: docs.kali.org/general-use/starting-metasploit-framework-in-kali (http://docs.kali.org/general-use/starting-metasploit-framework-in-kali)


So how do I start up Metasploit every time after?


root@kali:~# systemctl start postgresql
root@kali:~# msfdb start
root@kali:~# msfconsole
...SNIP...
msf >


How do I troubleshoot if something goes wrong?
First, make sure the database is started correctly:


root@kali:~# systemctl status postgresql
● postgresql.service - PostgreSQL RDBMS
Loaded: loaded (/lib/systemd/system/postgresql.service; disabled)
Active: active (exited) since Sat 2015-08-29 12:29:51 BST; 4min 58s ago
Process: 1561 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 1561 (code=exited, status=0/SUCCESS)
root@kali:~#

If it doesn't start for whatever reason, check the log file(s): '/var/log/postgresql/*' as a starting point.

If you need to, you are able to wipe the database and re-create it again with 'msfdb reinit' (make sure Metasploit or any other service isn't using PostgreSQL).


root@kali:~# msfdb

Manage a metasploit framework database

msfdb init # initialize the database
msfdb reinit # delete and reinitialize the database
msfdb delete # delete database and stop using it
msfdb start # start the database
msfdb stop # stop the database

root@kali:~#
root@kali:~#
root@kali:~# msfdb reinit
Creating database user 'msf'
Enter password for new role:
Enter it again:
Creating databases 'msf' and 'msf_test'
Creating configuration file in /usr/share/metasploit-framework/config/database.yml
Creating initial database schema
root@kali:~#

You can find Metasploit's log files here: '/root/.msf4/logs/*'.

g0tmi1k
2015-08-31, 07:58
Aircrack-ng/airmong-ng & Monitor mode
You will run into various issues if you do not run 'airmon-ng check kill' before trying to alter your wireless card mode.
If any automated scripts/tools do not do this, you will have to run that command before running them.

Quoting documentation:


NOTE: 90% of wireless issues reported to us are due to people not reading the aircrack-ng documentation. You need to run airmon-ng check kill before putting your card in monitor mode.

Source (Kali Linux documentation): Troubleshooting Wireless Driver Issues (http://docs.kali.org/installation/troubleshooting-wireless-driver-issues)



Distros from now on are going to adopt 'upstart', which is going to replace the /sbin/init daemon which manages services and tasks during boot.

Source (Aircrack-ng documentation): Check Kill Fails (http://www.aircrack-ng.org/doku.php?id=airmon-ng#check_kill_fails)

Other sources:
Aircrack-ng wiki (http://www.aircrack-ng.org/doku.php?id=airodump-ng#airodump-ng_stops_capturing_data_after_a_short_period_of_ti me)
aircrack-ng Twitter (https://twitter.com/aircrackng/status/630223180792246272)
Kali Linux Twitter (https://twitter.com/kalilinux/status/631833927682932736)
Aircrack-ng v1.2 RC2 Package Update (https://www.kali.org/penetration-testing/pixiewps-reaver-aircrack-ng-updates/).

Why is this happening?:
Kali 2 is based on Debian 8, which now uses "systemd" to handle how daemons run on the system. These daemons are having an effect on the interface.
...You may have gotten away with it in Kali 1.x not using the above command, but you will run into issues now if you do not.



Example of a failed attempt
Notice how the interface stays in managed mode.
As a result, this causes issues when trying to restore the interface.

http://i.imgur.com/cwXtawTl.png (http://i.imgur.com/cwXtawT.png)



Example of a successful attempt


http://i.imgur.com/HT1E5nWl.png (http://i.imgur.com/HT1E5nW.png)


Restoring services
Afterwards, you are able to start up the services again by running:


systemctrl start <service_name>






Text Version
Failed attempt


root@kali:~# iwconfig
wlan0 IEEE 802.11bg ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:on

lo no wireless extensions.

eth0 no wireless extensions.

root@kali:~# airmon-ng start wlan0
Found 5 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!

PID Name
732 NetworkManager
859 wpa_supplicant
860 dhclient
1029 avahi-daemon
1035 avahi-daemon

PHY Interface Driver Chipset

phy0 wlan0 rt73usb Linksys WUSB54GC v1 802.11g Adapter [Ralink RT73]
(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
(mac80211 station mode vif disabled for [phy0]wlan0)


root@kali:~# iwconfig
wlan0mon IEEE 802.11bg ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:on

lo no wireless extensions.

eth0 no wireless extensions.

root@kali:~#
root@kali:~# airmon-ng stop wlan0mon
PHY Interface Driver Chipset

phy0 wlan0mon rt73usb Linksys WUSB54GC v1 802.11g Adapter [Ralink RT73]

You are trying to stop a device that isn't in monitor mode.
Doing so is a terrible idea, if you really want to do it then you
need to type 'iw wlan0mon del' yourself since it is a terrible idea.
Most likely you want to remove an interface called wlan[0-9]mon
If you feel you have reached this warning in error,
please report it.root@kali:~#


Success!


root@kali:~# iwconfig
wlan0 IEEE 802.11bg ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:on

lo no wireless extensions.

eth0 no wireless extensions.

root@kali:~# airmon-ng check kill
Killing these processes:

PID Name
858 wpa_supplicant
860 dhclient

root@kali:~# airmon-ng start wlan0
No interfering processes found
PHY Interface Driver Chipset

phy0 wlan0 rt73usb Linksys WUSB54GC v1 802.11g Adapter [Ralink RT73]
(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
(mac80211 station mode vif disabled for [phy0]wlan0)


root@kali:~# iwconfig
wlan0mon IEEE 802.11bg Mode:Monitor Frequency:2.457 GHz Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Power Management:on

lo no wireless extensions.

eth0 no wireless extensions.

root@kali:~#
root@kali:~#
root@kali:~#
root@kali:~# airmon-ng stop wlan0mon
PHY Interface Driver Chipset

phy0 wlan0mon rt73usb Linksys WUSB54GC v1 802.11g Adapter [Ralink RT73]
(mac80211 station mode vif enabled on [phy0]wlan0)
(mac80211 monitor mode vif disabled for [phy0]wlan0mon)

root@kali:~#



...able to restart wpa_supplicant by doing "/etc/init.d/network-manager restart".

g0tmi1k
2015-08-31, 07:58
Unable to connect via SSH

Out of the box, Kali 2 doesn't allow SSH to the root user via passwords - it will only accept public/private key login.
This is because Kali 2 is based Debian 8 and this is now Debian's default behaviour (security over usability - and that Debian wasn't designed to be run as root, whereas Kali is).

You have two options:

add your public key to "~/.ssh/authorized_keys" (and make sure it's set to "chmod 600 ~/.ssh/authorized_keys")
change "/etc/ssh/sshd_config" to "PermitRootLogin yes": sed -i 's/^PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config


Example:


root@kali:~# grep "^PermitRootLogin" /etc/ssh/sshd_config
PermitRootLogin without-password
root@kali:~#
root@kali:~# sed -i 's/^PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
root@kali:~#
root@kali:~# grep "^PermitRootLogin" /etc/ssh/sshd_config
PermitRootLogin yes
root@kali:~#
root@kali:~# systemctl restart sshd
root@kali:~#



Kali ARM
Due to these devices normally being headless, since the release of Kali 2.0.1, most of these images have already been pre-configured to allow password login by default.
The default credentials are root / toor (as always). (http://docs.kali.org/introduction/kali-linux-default-passwords)

g0tmi1k
2015-08-31, 08:08
Whats the difference between: Kali vs Kali Light vs Kali Mini vs Kali ARM vs Kali Docker vs Kali Cloud vs NetHunter vs Custom Image


Kali (aka Kali Normal, Kali Full, Kali Fat).
This uses GNOME v3.10, and includes all the tools from "kali-linux-full" the metapackage (more information about the package (https://www.kali.org/news/kali-linux-metapackages/) and the tool listing (http://tools.kali.org/kali-metapackages)).
Comes as a ISO for x86 (aka 32 bit) and x64 (64 bit). There are pre-made Virtual Machines (VMware and Virtual Box) images too.

Please make sure your system has enough system resources. (If you're using a Virtual Machine - both the guest and host).
GNOME needs at least 768MB of RAM. 2GB recommended.
Download: ISOs (https://www.kali.org/downloads/) & VM Images (https://www.offensive-security.com/kali-linux-vmware-arm-image-download/)


Kali Light (aka Kali Lite, Kali Slim).
This uses XFCE v4.10, and does not includes all the "standard tools" by default. This is to help keep the size of the ISO down, as well as require less resources.
If you wish to get all the tools, apt-get -y install kali-linux-full.
Comes as a ISO for x86 (aka 32 bit) and x64 (64 bit).
Download: ISOs (https://www.kali.org/downloads/).


Kali Mini (aka Kali Network Install).
This is just the core setup files for Kali. It will pull down the latest packages at the time of install (requires an Internet connection). During the setup process, you will be able to select some of the basic packages to install.
Comes as a ISO for x86 (aka 32 bit) and x64 (64 bit).
Download: ISOs (https://www.kali.org/downloads/).


Kali ARM (aka Kali Raspberry Pi, Kali Chromebooks, Kali Beaglebone)
This is similar Kali Light, however is designed for ARM processors (rather than 'normal' x64/x86 processors).
It uses XFCE by default, and doesn't include all the 'standard' tool sets (to keep the image size down). If you wish to get as many of the tools as possible (not every tool works on ARM), apt-get -y install kali-linux-full.
Download: Images (https://www.offensive-security.com/kali-linux-vmware-arm-image-download/) & github.com/offensive-security/kali-arm-build-scripts (https://github.com/offensive-security/kali-arm-build-scripts)


Kali Docker
This is a minimal base install. There is no Window manager (GNOME/XFCE) and no tools installed too (very much like the Cloud image).
Due to how docker works, its not recommended that you install every tool set via metapackages (one process per container), however there isn't anything stopping you from doing it. If you wish: apt-get -y install kali-linux-full, else more information about Kali packages can here (https://www.kali.org/news/kali-linux-metapackages/) and the tool listing are here (http://tools.kali.org/kali-metapackages).

Example docker command (may wish to replace the bit in bold):

docker run -it --privileged --name test --net host kalilinux/kali-linux-docker

More information about this can be found here: kali.org/news/official-kali-linux-docker-images/ (https://www.kali.org/news/official-kali-linux-docker-images/) and github.com/offensive-security/kali-linux-docker (https://github.com/offensive-security/kali-linux-docker)
Download: Docker Container (https://hub.docker.com/r/kalilinux/kali-linux-docker/)


Kali Cloud (aka Kali Amazon)
This is a minimal base install. There is no Window manager (GNOME/XFCE) or tools installed (very much like the Docker image).
For the normal/standard tool set: apt-get -y install kali-linux-full, else more information about Kali packages can here (https://www.kali.org/news/kali-linux-metapackages/) and the tool listing are here (http://tools.kali.org/kali-metapackages).

More information about this can be found here: github.com/offensive-security/kali-cloud-build (https://github.com/offensive-security/kali-cloud-build) and kali.org/news/kali-linux-amazon-ec2-ami/ (https://www.kali.org/news/kali-linux-amazon-ec2-ami/)
Download: Amazon.com/marketplace (https://aws.amazon.com/marketplace/pp/B00HW50E0M)


NetHunter (aka Kali NetHunter)
This is a Android penetration testing platform (mainly for Nexus and OnePlus devices).
You are able to use the standard Kali tools (as well as meta packages to install anything missing), as well as VNC into itself to give you a graphical interface (XFCE). It includes also the NetHunter App (https://github.com/offensive-security/nethunter-app), as well as other useful mobile applications all to do penetration testing on the go.

More information can be found here: Nethunter.com (http://www.nethunter.com/) and github.com/offensive-security/kali-nethunter (https://github.com/offensive-security/kali-nethunter).
Download: Images (https://www.offensive-security.com/kali-linux-nethunter-download/) and Windows Auto Installer (http://www.nethunter.com/download/)


Custom Image (aka Live-build)
You are able to generate your own Kali image with all your packages/tools/settings/customization that you want!
Its not as complex as it sounds.

More information: docs.kali.org/development/live-build-a-custom-kali-iso (http://docs.kali.org/development/live-build-a-custom-kali-iso), docs.kali.org/kali-dojo/02-mastering-live-build (http://docs.kali.org/kali-dojo/02-mastering-live-build), Offensive-security.com/kali-linux/kali-linux-recipes/ (https://www.offensive-security.com/kali-linux/kali-linux-recipes/) and github.com/offensive-security/kali-linux-recipes (https://github.com/offensive-security/kali-linux-recipes)