Wednesday, March 27, 2013

Kali Linux : Complete Review by A Pen Tester : Backtrack 6 Release

Article Updated!
Since I posted this Article it has consistently been getting thousands of hits daily and seems to be one of top listed Kali Linux Review Articles in Google Search. So I decided to make it better and thorough. Please leave comments and suggestions.

I have worked on Backtrack since Backtrack 3 was released. Then worked on Backtrack 4 and then 5. I was using Backtrack 5 R3 in last few months... until it finally happened. Kali linux was released.





Kali Linux is a penetration testing and security auditing Linux distribution. After its release in March 2013, Kali Linux has quickly become the new favorite among PenTesters worldwide as their choice for the PenTesting OS. Replacing its predecessor Backtrack, Kali incorporated several new features and looks quite promising. It is available for i386 and amd64 architectures and has the same Minimum Hardware Requirements as Backtrack: 1 GHz CPU, 8 GB of Hard Disk Space, 300 MB RAM, And DVD-writer/Ability to boot with a Pen drive.

A Little History

To be very concise, Kali is an offshoot of Backtrack, which is an Offshoot of ‘Whax’, which is itself an Offshoot of ‘Whoppix’, which is derived from ‘Knoppix’. Something common among all of these distros is that they were focused on Digital Forensics and Intrusion Detection, with Backtrack and Kali adding a whole lot of Tools for PenTesting purposes.  Backtrack has been “giving machine guns to monkeys since 2007”, so it has had a long reign as the favorite distro of PenTesters worldwide. ‘Offensive-Security’, the creators of Backtrack, decided to incorporate many changes in new Backtrack 6 (as it was called at that time). Since it was built from scratch, it was significantly different from the older versions of Backtrack and Offensive-Security decided to give a new name to the Distro – ‘Kali Linux’.

What was wrong with Backtrack and why it needed a change?

We all love Backtrack but bottom-line is that there are a lot of problems associated with this distro. The most annoying problem is ‘updating’. There was always a fear of ‘breaking’ something if you updated it. There were too many tools and some of them weren’t updated as frequently as the others. So updating the ‘dependencies’ of some would cause others to crash and we struggled to maintain a balance where all these tools and their dependencies would co-exist without getting in each other’s way.

When we wanted to use a tool, we needed to type the absolute path in shell.

For example, /pentest/passwords/john/john “file_name”

Remembering the locations of the tools was a pain and it just made things complicated.

In addition, Backtrack had a lot of ‘puny’ errors which crept up here and there while we were working, small issues that we had to resolve on our own or run to Backtrack forums and get help from other Pentesters there.

For example, the ‘wicd d-bus error’ that was ready to greet us when we installed a fresh copy of BT5 and tried to connect to a network. Backtrack forums (and other websites) are filled with ‘how-to posts’ that attempt to provide solution to such problems. Eventually we learned to get around these issues but it did waste a lot of our time.

What makes Kali different from Backtrack 5?

This is the most asked question about Kali today.  Offensive Security has tried to answer it on their website “Unfortunately for us, that’s not a simple question to answer. It’s a mix between ‘everything’ and ‘not much’, depending on how you used Backtrack.”


Highlights of the new Kali


Switch From Ubuntu to Debian

 Kali Linux is based on Debian (Debian Wheezy). This turned out to be a great move by Offensive-Security. The New Kali is much more comfortable to use than its predecessor.

File Hierarchy Standard Compliance

In the words of ‘MUTS’ from Offensive Security, “What this means is that instead of having to navigate through the /pentest tree, you will be able to call any tool from anywhere on the system as every application is included in the system path." This is again a very welcome change in Kali.

Customizations of Kali ISOs

If need be, we can now build our own customizations of Kali Linux. These ISOs can be bootstrapped directly from the repositories maintained by Offensive Security.

ARM Devices Support

Kali is available for the following ARM devices: rk3306 mk/ss808, Raspberry Pi, ODROID U2/X2, Samsung Chromebook, EfikaMX, Beaglebone Black, CuBox and Galaxy Note 10.1

Easier Updating and Upgrading

Packages on Kali can be updated with ease without worrying about ‘breaking’ something. This is because the packages in the Kali repositories are ‘Debian Compliant’. The Kali Distribution itself can be upgraded to newer version without the need for re-installing the distro.

300+ PenTesting Tools
This is quite a large collection and chances are that we won’t be needing all of them and we might be needing some that are not included by default. However packages can always be grabbed from the repositories at will, so that’s never a problem.


What is this ‘Forensics Mode’?


Figure 2: Kali Linux Boot Menu

While booting up Kali Linux, an option exists for ‘Live Forensic Mode’ (Figure 2). This is quite a useful feature if we want to do some real world forensic work. When into Forensics Mode, the internal Hard Disk is not touched in any manner. The People at Offensive  Security Performed a Hash Comparison test where Hashes were taken of the Hard Drive before and after using Kali in forensics mode. At the end of the test, the hashes matched suggesting that no changes were made during the operation. Also worth noticing is that the Auto mount of Removable Media is disabled while in Forensics mode.


  
Metasploit Framework in Kali 


Figure 3: Metasploit Framework in Kali


The discussion on Kali (or Backtrack for that matter) would be incomplete without a mention of how well the Metasploit Framework is integrated with this distro. While ‘msfconsole’ brings it up, ‘msfupdate’ can update the metaspoit framework. Like in Backtrack, POSTGRESQL is used to store the database.

The guys from offensive security and rapid7 (people behind the metasploit project), co-operated to pre-load Kali Linux with msfpro (the professional web-service version of metasploit framework). Metasploit in Kali has full tech support from rapid7.


Tools in Kali Linux



Figure 4: The Top 10 Security Tools in Kali

Tools are mostly the same as those found in Backtrack. However, in the Kali Linux menu, 10 Security tools have been highlighted as the Top 10 (Figure 4). Anyone who has worked on BT would have no trouble guessing which tools would be available on Kali and which need to be grabbed from the repositories. More than 300 tools come packaged with Kali which are enough to serve the needs of most PenTests. The Top 10 tools in Kali Linux are mentioned below:


·         Aircrack-ng – For wireless Cracking
·         Burpsuite – For Web Applications Pentesting
·         Hydra – For online Brute-Forcing of Passwords
·         John – For offline Password Cracking
·         Maltego – For Intelligence Gathering
·         Metasploit Framework – For Exploitation
·         Nmap – For Network Scanning
·         Owasp-zap - For finding vulnerabilities in web applications
·         Sqlmap – For exploiting SQL injection Vulnerabilities
·         Wireshark – Network Protocol Analyzer


Kali Community Support


Kali Linux has an official IRC Channel on the Freenode network, #kali-linux. It provides a good platform to interact with other users of Kali and get support.

Kali Linux provides three official repositories:
·         http.kali.org: main package repository
·         security.kali.org: security packages
·         cdimage.kali.org: ISO images


Subtle differences noticed while regular work on Kali


One had to bring up the Graphical Interface manually by typind ‘startx’ in Backtrack. However Kali loads up the Graphical User Interface by default.
Kali Linux environment is much cleaner and appears more stable than Backtrack 5

The Nessus Vulnerability scanner is not installed in Kali by default (as it was in Backtrack 5). You would have to install it manually from the debian package.

Kali comes with a Graphical Packages installer which can be used to install new packages with the click of the mouse. It can brought up by typing the command: gpk-application



Figure 5: Graphical Package Installer in Kali


In Backtrack, several PenTesters faced issues in getting their Bluetooth up and running. The Backtrack forums are filled with people troubleshooting their Bluetooth devices. In Kali Linux no such problem was noticed and the Bluetooth works fine.

Firefox is replaced by Iceweasal which doesn’t matter much as they are both similar. However the Iceweasal Browser in Kali doesn’t come pre-loaded with plug-ins like ‘no-script’ as in Firefox in Backtrack. Iceweasal comes clean.

Small issues like inability to control your backlight in Backtrack have been fixed in Kali Linux. So you would have a smoother working environment.

Summary

Kali Linux definitely turned out to be everything that a Penetration Tester would want from a Linux distro. It does have room for improvements though and the developers are working on it constantly to make it better. It addresses the problems Backtrack 5 had and it is significantly different from its predecessor, yet any PenTester who was comfortable using Backtrack 5 would find his way around in Kali Linux with ease. The default login in Kali Linux is in ‘root’ mode, so it is not the everyday desktop OS and is not recommended for those new to ‘Linux’. However it fits the Penetration Testing needs perfectly.

On the Web

www.kali.org - The main Kali Linux website
docs.kali.org - documentation site
forums.kali.org – Discussion Forums
bugs.kali.org – For reporting bugs

git.kali.org - monitor the development of Kali Linux

_________________________________________________________________________________

Here's the Original Article Content, Before I Updated it:

Backtrack 5 or Kali Linux??


What's the Difference between Kali Linux and Backtrack 5 ? 



It's hard to answer that. You have to use it and see for yourself.


But the most obvious is the shift from Ubuntu to Debian (which is a great move in my opinion). You'll immediately feel the difference in the looks and feel of the new Kali Linux.



There are no puny errors like "Error connecting to wicd's D-bus bla bla" when you try to fire up Wicd in Backtrack 5. Kali Linux is much more cleaner in these respect than Backtrack 5.

I feel Kali Linux is more stable than Backtrack 5. However, my Kali has hung up on a few occasions, but I'm guessing that's because of some crappy package I installed because I keep trying out new packages on Kali.

In Kali, There's no /pentest directory like in Backtrack 5. Personally, I don't miss it and neither should you, because now you can fire up any tool just by typing it's name in the shell.

They have removed Nessus Vulnerability Scanner in Kali, You can manually install it by downloading it from Tenable. However, I don't understand why they removed it from default tools in kali, because I really liked scanning for Vulnerabilities in Nessus. May be because Nessus itself has security bugs??

Kali Linux is Smaller in size than Backtrack 5 (which was around 3 GB if I remember correctly). Kali's ISO is just 2 GB in size.

They've seperated "Top 10 Security Tools" in the Menu of Kali Linux which contains some much-hyped security tools.

Bluetooth works great on Kali Linux. I don't know about you, but I faced a lot of trouble getting my bluetooth up in Backtrack 5 r3, really frustrating. But in Kali Linux, bluetooth works fine with a click of a mouse, which helps me pen test bluetooth devices with ease now.

VLC Player comes pre-installed with Kali linux. This was not the case with Backtrack 5 where you had to manually install it and then it gave you an error saying "Won't run in root mode" and then you had to hex-edit the VLC binary. In Kali VLC is pre-installed (however I did notice some lag problems in VLC in Kali).

Firefox has been replaced by Iceweasal which is again a good move. They are both given by Mozilla and very similar. However like Firefox in Backtrack comes with 'noscript' and such add-ons for security, Iceweasal in Kali comes clean. 

That irritating light pdf viewer in Backtrack has been replaced by 'Document Viewer'.

No 'gedit' in kali, instead you can use 'Leafpad'

In Backtrack, there wasn't a way to control your back-light. I remember searching for a way to control back-light but not finding it. It was set to Max by default. Very tiring for the eyes. No such problem in Kali Linux

That's all for now, I'll keep updating as I notice more.

(I didn't go deep into 'Tools' much since they are mostly similar and if there's anything missing, you can always install it from repositories)

33 comments:

  1. Thanks, we need such reviews.

    ReplyDelete
  2. Fantastic article.it help me a lot to understand the differences between kali linux and backtrack 5r3.

    ReplyDelete
  3. i felt kali much stable than bt5, the great move from ubuntu to debian.

    ReplyDelete
  4. hey can you write about Bluetooth pentest

    ReplyDelete
  5. yes i too need article about Bluetooth pentest

    ReplyDelete
  6. Kali Linux is buggy as hell! Better off using BackTrack 5 R3.

    ReplyDelete
    Replies
    1. Really? I mean I use Kali for like 10-11 hours daily and I didn't notice any bugs. It would be nice if you point me where you encounter a problem in Kali. thanks

      Delete
    2. Fails to install system repeatedly on my M18xR2...

      Delete
    3. Works beautifully in a VMware VM for me on my M18x.... why does it fail to install for you?

      Delete
  7. Hey ive got a question to aircrack, espacially airbase-ng. I had no problem setting up airbase-ng and let my iPhone or PC connect to the fake AP. But now with Kali linux i recieve: Not able to connect to AP... I don´t know how to solve this problem.... i tried to set up dhcp but without success.

    Maybe you can give me some hints.....

    ReplyDelete
  8. Checked everything with wireshark. I have association requests - endless. No authentication a.s.o.

    ReplyDelete
  9. This comment has been removed by a blog administrator.

    ReplyDelete
  10. thanks Kali Linux developers

    ReplyDelete
  11. Is this a good place to come out of the closet?

    ReplyDelete
  12. kali linux Looks great. But it end up in a tie because Ubuntu to debian was very bad.

    Check out : Ubuntu Vs Debian.

    ReplyDelete
  13. This comment has been removed by the author.

    ReplyDelete
  14. Great article People complaining about the Ubuntu to Debian move (like above) really have no idea what they're talking about, they have a lot in common. I like the Debian switch, doesn't attach itself to the 'main stream' and will (hopefully) get the wannabes from flooding message boards as to where things are or how to 'h4X0r' a Facebook account.

    ReplyDelete
  15. Is this ths a rolling release distro?

    ReplyDelete
  16. Hello my friends! I found Kali yesterday.
    I am running Ubuntu right now and want to switch to Kali. Is there any software like Wubi /I use this to install Ubuntu inside Windows XP/ to help me to install Kali inside Windows XP? Thank you
    Marin Kusev, Bulgaria

    ReplyDelete
  17. Like the review. However, please use full English, as reading words like "coz" are rather irritating to say the least.

    ReplyDelete
    Replies
    1. You are right. I have updated the article and replaced all 'coz'. Thanks for bringing it to my notice

      Delete
  18. fasttrack.py doesn't launch as a stand alone? I can't only launch it through setoolkit and the menu has less options? am I missing something? what's the best way to update set and fasttrack?

    ReplyDelete
  19. Possible Man in Middle attack by roommate. What to do?

    ReplyDelete
    Replies
    1. tunnel all traffic through an encrypted vpn

      Delete
  20. I have to admit, Kali is fantastic, but i miss poor old BackTrack. It was like the kid who always got picked last for everything, tended to trip up over his own laces and occaisionally got caught sniffing the glue, but had a mean tennis backhand, could slam dunk the sh*t outta basketball and could score a free-kick from his own goal line over and over ...

    ReplyDelete
  21. I know fasttrack is part of setoolkit now but options like sqlpwnage are missing and some of the other options seem broken. fasttrack seems unusable in Kali except maybe to get a windows shell. no meterpreter love :(

    ReplyDelete
  22. moodyXL doesnt work on kalilinux plz help me

    ReplyDelete
  23. thanks for this valuable information
    without having knowledge about lunix and backtrack can i use kali

    ReplyDelete
  24. I love what you wrote here. Nice one. Please where can i find the download link of The kali for Samsung Galaxy Note 10.1 as you mentioned and which models are supported.

    ReplyDelete