Results 1 to 8 of 8

Thread: Is there a way to check if my Kali installation is infected?

  1. #1
    Junior Member
    Join Date
    Mar 2015
    Posts
    14

    Is there a way to check if my Kali installation is infected?

    Is there a way to check if my Kali installation is infected with keyloggers and any other malware?

    Thanks

  2. #2
    Junior Member
    Join Date
    Jul 2015
    Posts
    3
    Quote Originally Posted by thanhtung View Post
    how are you dear error.
    It is after all just a forum
    FFS! is it so difficult giving a answer that he can use? Perhaps your on the wrong forum then.

    Dude, I had almost the same question tho I asked it for CentOS running a webserver this is what they told me. First if you downloaded Kali from an external source other then Offensive Security, in that case theres a decent chance. There isnt much that you can do about it other then scanning it for possible virusses, I recommend downloading clamav go here for usage: https://help.ubuntu.com/community/ClamAV. If clamav doesnt find anything, I really urge you to just reinstall kali as it comes with more then enough tools preinstalled that most users need for theire job.

    I forgot to mention that if you want to be sure you got the official download, download it from OS and after downloading AND BEFORE installing check the hash that OS gives with each download that way you can make sure that the download has not been compromised.

    If its an possibility think about running kali from VM, you can install customise whatever you want and you take an easy to use Snapshot that doesnt take up any time if you think your infected you just rollback to that snapshot.


    Now you should be able to make sure that your installation hasnt been comprimised and IF and only if you get infected its cause of a mistake you made.


    Good luck,

    Renegade

  3. #3
    I forgot to mention that if you want to be sure you got the official download, download it from OS and after downloading AND BEFORE installing check the hash that OS gives with each download that way you can make sure that the download has not been compromised.

  4. #4
    i wonder how it would be infected with keyloggers... where you get it from ? and why you don't just download it from kali.org ... this way you will live in peace ... peace of mind
    KaliTut A blog dedicated to Penetration Testing, Tutorials on hacking and security
    [CENTER]

  5. #5
    Junior Member
    Join Date
    Jul 2016
    Posts
    2
    Try scanning it with an anti-virus.

  6. #6
    Senior Member
    Join Date
    Mar 2014
    Posts
    158
    netstat -atu
    if you see any higher port opened then check the web for that port .
    Keyloggers and trojans always connect to server to deliver the captured package .
    configure iptables because the iptables in kali linux by default is a open firewall without any rules applied .

  7. #7
    Junior Member
    Join Date
    Oct 2016
    Posts
    3
    it has got metasploit.in metas numeraus kit(exploit,malicious kod. etc.. ).You can check your pc with pentesting...and you must be carefully when you use kali with root mode.

  8. #8
    Junior Member
    Join Date
    Jan 2017
    Posts
    7
    solution is always simple: reinstall Kali
    that's what is faster than to deal with possible malware.

    why people download all these anti-malware software (that slow down PC) and even pay to recover their Windows when it is faster and cheaper just to reinstall windows? it is the same case with Linux. and why windows users trust to anti-virus companies?
    is there one anti virus company that is not working for the secret service? all of them filter your internet traffic and collect information about your usage of the internet, so, why people use it?
    deep freeze for windows and equivalent for Linux (OFRIS, Lethe, etc) is better than any anti-virus software, you just freeze your OS installation and you restart computer to delete any malware that could be installed.

    in any case, there are hardware keyloggers, not only software keyloggers. it depends if you are targeted by hackers or secret service.

    just delete hdd/usb, install Kali again and update&upgrade.

    when I am writing already, just to say, when I used ordinary 8 or 16GB USB (Kali with LUKS), sometimes I waited 3-6 hours when I do upgrade, before one week, I bought 128GB USB with 150MB/s reading/writing speed, I installed and upgraded 15GB Kali in 40 minutes. of course, I used university Internet connection in both examples, not home Internet.

    as you see, fresh all/full installation of Kali cost you 40 minutes of your time and it is free (3 hours if you do it from home), dealing with keyloggers will cost you 100 usd + one month of time, it depends if you do it personally or you pay someone.

    but to give the exact answer to your question, if you want to learn and spend time, people use clamav and rkhunter to check Kali for virus and malware. command: rkhunter -c
    but again, you will get a crowd of warnings although files are not infected.
    and Kali has integrated many tools that can be detected by antivirus software as "problematic".

    open your eyes and check your PC/laptop for hardware keyloggers, you can google images of hardware keyloggers, to see how it looks.
    and again, protect yourself with freezing your installation, if you want to learn, install Kali on USB and try anti-virus and anti-malware software.

    if you want to use iptables, you can block all ports except 443 and 80, but many websites and panels use ports between 8000-9000 so I recommend you to keep them open too:
    https://wiki.vpsget.com/index.php/Ip...cept_specified
    mysql ports is also 3306, if you need it open in your Kali. I don't use pop3 and smtp, I use webmail, here are email ports:
    https://www.siteground.com/tutorials...smtp-ports.htm

    lol, I didn't see this is old topic, 2016...
    Last edited by alanford; 2017-09-02 at 10:18 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •