Running Kali Linux in a Windows 10 Command Prompt

Ever wanted to run Kali Linux in Windows 10? Well, you can using Docker! Docker is a great way to run programs or even entire operating systems on different platforms. Using Docker you can even run Kali Linux on Windows 10!

But just because you can do something doesn’t mean that you should. Yes, it is cool to see Kali in a command prompt, but personally I think there are much easier ways to run Kali on a Windows platform.

With Docker, usually you just pull down your app and it works. In Windows, you need to enable Containers, then install Docker, then enable Hyper-V (which will disable your VMWare or VirtualBox VMs by the way) and then finally download Kali for Docker. Oh, and don’t forget to reboot, multiple times. When done you will have a minimal install of Kali, enjoy!

If you are new to Kali and want to run Kali in Windows 10, use VMWare or Virtualbox, and just download the VM version of Kali. You will be much happier with your life.

Okay, fine, I can see that you are determined to see this through, so let’s continue. Official instructions for installing the Kali Docker image can be found on the Kali website:

https://www.kali.org/news/official-kali-linux-docker-images/

Technet even has an article on it, which is helpful as well:

https://blogs.technet.microsoft.com/positivesecurity/2017/09/01/setting-up-kali-linux-in-docker-on-windows-10/

But you kind of need a mix of both and a few more steps to actually get it working.

Installing Docker

In Windows 10, open a command prompt

  • Search for and run “optionalfeatures” as an administrator
  • Click on “Containers” to add it:

Kali Docker Install_1

When this is done:

Kali Docker Install_2

Once Docker is installed, it will tell you that it needs to close your active user and log back in. Don’t believe it, you actually need to reboot your system.

After Reboot:

  • From the main menu, run “Docker for Windows” as administrator
  • At the Hyper-V Feature not enabled, choose enable, note this breaks Virtualbox
  • Reboot again…

From the main menu start “Docker for Windows” again

  • Wait until it is ready, this can take a few minutes
  • Now open a system level command prompt

Installing Kali

At the command prompt:

  • Enter, “docker pull kalilinux/kali-linux-docker

Kali Docker Install_3

This will download the Kali Linux Docker image.

  • When finished enter, “docker run -t -i kalilinux/kali-linux-docker /bin/bash

You will then be greeted with a Kali root prompt. You now have a minimal install of Kali Linux! Several programs do work at this point, like nmap and some of the other basic Kali tools. Metasploit is not installed by default and you need to install it if you need it.

Update the system:

  • apt-get update
  • apt-get upgrade

This will take a while. When done, install Metasploit:

  • apt install metasploit-framework ruby

When it is finished, you need to start and initialize the database:

  • service postgresql start
  • msfdb init
  • And lastly, “msfconsole

And Metasploit starts:

Kali Docker Install_4

At this point you can install any of the Kali tool metapackages if you wish, or just play around with it as is. Just a note, ifconfig isn’t installed by default. You need to use the newer “ip address” or “ip a” commands, or you can just install “net-tools”.

Uninstalling it

Done already? I had it on my Windows 10 system about as long as it took to install it. Don’t get me wrong, this is really cool. But like I mentioned earlier, this is much easier to do in Windows using VMWare, or VirtualBox and the corresponding Kali VM. Though some might prefer using the Windows Subsystem for Linux and not have the Virtual machine overhead.

Here is how you uninstall it:

  • In Optional Features, uncheck “Containers”
  • Uninstall Docker
  • Don’t forget to also remove Hyper-V or your other virtual machine software will not work.

Kali for Docker is a great idea, I do really like it, but my personal preference is just not for the Windows platform. But don’t take my word for it, you might like it, if interested try it and see what you think.

Advertisements

Creating Hashcat Keymap Walking Password Wordlists

Hashcat’s latest keymap walking tool, “KwProcessor”, quickly and easily generates password lists based on keymap walking techniques. In this article, the first of several password cracking themed articles, we will take a quick look at how to use this tool.

Introduction

Keymap walking passwords are popular amongst many organizations as they are pretty easy to use and remember. Basically, you start with a specific key on the keyboard and then pick a direction (or multiple directions) and start hitting keys. Your password is entered as you “walk” across the keyboard.

You can create a complex password in this manner by using the shift key and including numbers in the pattern, as seen below:

 hashcat_wordlist

Starting with the letter “z”, we move North West, hitting the “a”,”q”, and “1” keys. We then move East a row, hitting the number “2”, and then move South East back down the keyboard hitting the “w” key and stopping on “s”.

This would create the password, “zaq12ws”. If we alternately used the shift key, we would get the password, “ZaQ1@wS” which is a little more complex.

What makes keymap walking so successful (until now) is that an attacker would need to know the starting key, direction, direction changes, if any special key is used and when, and of course the ending key.  Hashcat’s new KwProcessor tool makes creating keymap walking wordlists very easy to do.

Installing KwProcessor (kwp)

We will be using Kali Linux as the operating system. At the time of this writing kwp is not installed by default. So, we will need to download and install it.

From a Kali Terminal prompt:

As seen below:

hashcat_keymap_walking2

You can type, “./kwp -V” to check that it installed correctly and display the software version.

Keymaps and Routes

To crack keymap walking passwords you will need two things, a layout of the keyboard keys and a list of routes to take to create the wordlists. In the kwp program directory you will find the “keymaps” and “routes” folders:

hashcat_keymap_walking3

The Keymaps folder contains the keyboard layout for multiple languages:

hashcat_keymap_walking4

The routes folder has 7 preconfigured keymap walks or routes that can be used to generate passwords:

hashcat_keymap_walking5

We can use these preconfigured routes or create our own using command line switches.

Type, “./kwp –help” to see the available options:

hashcat_keymap_walking6

Creating a KWP Wordlist

To create a simple kwp wordlist, we will use the English keymap and the 2-10 max 3 directional change route file. This can be accomplished by running the command below:

./kwp basechars/full.base keymaps/en.keymap routes/2-to-10-max-3-direction-changes.route

This causes kwp to create multiple keymap walk combinations, of 2-11 characters with a maximum of 3 direction changes:

hashcat_keymap_walking7

The output of the command is sent directly to the screen, so to create the actual wordlist file, you would need to output the command to a text file.

./kwp basechars/full.base keymaps/en.keymap routes/2-to-10-max-3-direction-changes.route > basickwp.txt

You can then use the resultant text file as a wordlist in Hashcat.

To create a more complex wordlist, use one of the larger route files:

./kwp basechars/full.base keymaps/en.keymap routes/2-to-16-max-3-direction-changes.route > largekwp.txt

hashcat_keymap_walking8

Foreign Language Keywalks

If you need to crack foreign language keywalks, just use one of the foreign language keymap files.  So, to create a Russian keywalk wordlist:

./kwp basechars/full.base keymaps/ru.keymap routes/2-to-16-max-3-direction-changes.route > rukwp.txt

And the resultant file:

hashcat_keymap_walking9

If we have a password hashlist that contains any of the words that were generated, it will crack them. This is shown in the Hashcat result example below:

hashcat_keymap_walking10

Conclusion

In this article we covered how to use the new Hashcat kwp tool to quickly create keymap walking wordlists. We also saw how easy it is to change the keymap language, which can come in handy if you are cracking international passwords. For more information on KWP, check out the Hashcat Github page.

If you are interested in learning more about cracking password with Hashcat, more is on the way in upcoming articles. Also, check out my Basic Security Testing with Kali Linux book that covers a lot of basic password cracking topics, plus a whole lot more!

 

 

Kali Linux 2018 Released

Just a few months after the Kali 2017.3 release, Kali releases the new Kali 2018!

No immediately apparent cosmetic changes from the 2017 version, but some changes under the hood – A new Kernel (4.14.12) and several package updates:

  • Burpsuite
  • Dbeaver
  • Pixiewps
  • Reaver
  • Seclists
  • Secure-socket-funneling
  • Zaproxy

The new Kernel brings two important features:

  • AMD Secure Memory Encryption Support
  • Increased Memory Limits (for those who didn’t think 64 TB was enough)

Updating

Upgrade old version:

apt update && apt full-upgrade

But if it has been a long time, either download the new version or update the repository key (it expired) before updating:

wget -q -O – https://archive.kali.org/archive-key.asc | apt-key add

On a new Kali 2018 download, there are already quite a few updates available, so don’t forget to update. My virtual machine host anti-virus blocked one of the updates, I don’t recall ever having that happen before.

For more information and all download links check out the official release article:

https://www.kali.org/news/kali-linux-2018-1-release/