quarta-feira, 18 de maio de 2016

Kali linux: BareMetal, Virtualized or USB Stick

Few days ago, we had a discussion about what is the best approach for Kali Linux installation.
A lot of guys complain about the performance in virtualized installations - I have one word for that: BULLSHIT!

I have almost 10 years of pentesting/security experience and I have never problems with virtualized installation, except for some years ago with Wi-Fi dongles (We will discuss it later).
Based in my observations to where and when to install, here are few ideas to follow:

- New in Linux:
If you are new, you should not start with Kali, go back and read this article first: http://blog.dclabs.com.br/2016/05/wanna-be-pentester.html and related links.
From this point I will assume that you have Linux and security skills.
As was described in the link above, Kali is not for general purpose or day by day distro, so, here is the first point:

- As Kali is not a day by day distro, some applications like Skype, Flash player and others are not supported by Kali Team, in other words, non-official/external repositories can be added in your Kali in order to install tools/packets.
Also, in Kali there are tools like calendars, agenda and stuff, but these tools are not priority.
In case of problems with this kind of application, for sure you have to wait a long time to get it fixed.

Obliviously, the best approach is to use Kali virtualized in your daily distro or Windows.

But before installing it, please RTFM (Read the Fucking Manual)! Is very common for people to complain about errors during the installation and performance. Of course, they are not following the basic recommendations. http://docs.kali.org/installation/kali-linux-hard-disk-install - Check all requirements before starting!

If you are planning to use Gnome as your default desktop environment, you need more RAM memory.

I recommend XFCE, because you are a Pentester and not a Designer.
If you want something cute, forget Kali and install HannaMontana Linux. http://hannahmontana.sourceforge.net/ -> Just to help you! (:

- Performance:
If you follow the requirements, the likelihood of facing problems is very low. Nowadays, machines have a very powerful processors, very good memory and disk size, so it is easy to allocate some of these resources to a VM. However, if your machine does not have good hardware specifications (maybe it is time to throw it away and buy a new one) I recommend the bare metal installation.

This way kali is able to use the complete machine hardware resources and it will not be shared with another OS.

- System restoring and backup
If you have minimum skills regarding virtualization, you know that making virtual machines backup/restore is easier than a bare metal installation - you only need to copy a couple of files and that´s it.

Also, you can revert to the last snapshot, the system will be up in few minutes or less.
For bare metal breaking, you need to check logs, files, disk healthy and stuff. Or, in the worst case, install the system again. It’s really not a good thing if you are inside a customer for example.

If you have a dedicated hardware to perform pestest for customers, is a good idea to have it bare metal. However, is possible to face some hardware compatibility problems, it will be discussed in the next topic.

Nevertheless, if you don’t have a dedicated hardware and carrying a notebook is not an option, you can use OVF format (https://en.wikipedia.org/wiki/Open_Virtualization_Format).
Just put the file in a pendrive and load it in the Vbox or Vmware for example. 

Another option is to create a bootable pendrive, also,  the mobility in this case is easier than carrying a notebook in the bag all the time.

Following the links related to USB install:

One more, but not powerful option is to install Kali in your mobile device, there is a especial Kali edition called NetHunter (https://www.kali.org/kali-linux-nethunter/) for this purpose.
Also, you can proceed with a chroot installation (https://www.kali.org/tutorials/kali-linux-android-linux-deploy/)

This last two cases are very useful when you are performing a pentest with very restrict devices access. I mean, when the customer does not allow you to go inside the company with your notebook. Normally mobiles devices are allowed and pendrives are very easy to hide.

-Hardware compatibility
If you dont wanna face hardware problems, the best way is to use virtual system. 
Only one problem in my point of view (and it not is that problem):
You are not able to use your GPU to crack passwords. 

You still able to use virtualized to crack, but for sure not the same speed.
However, the passwords can be cracked in your normal Linux/windows installation, don’t try to use this "problem" as excuse to have Kali bare metal installed and look cool for your friends.

For Wi-Fi penetration tests, some years ago I had some problems because VMware and Vbox didn’t have a nice USB management, nowadays, it already fixed.
Basically 99% of the problems with Wi-Fi pentesting are because the Wi-Fi card does not support packet injection, so, check it before buying the Wi-Fi adapter.


A virtualized Kali will work pretty nice for you, covering almost all the cases.
If it is not working with satisfactory performance, maybe you did something wrong.

Probably I didn’t cover all possibilities ins the article, but I hope it helps you to choose the best way to install your Kali.

2 comentários:

  1. Cool I love how you explained

  2. What is bare metal installation?, can i use bare metal iso to create a vmware vm?