Kali 2017.1: Things to do after you install…


Kali 2017.1 is out and now what?

Yes, it is a great distro right out of the box (even added support for Realtek’s RTL8812AU wireless chipsets), but there are a few things that you can do to make it even more versatile. You can customize it to better meet your needs. If you want to add encrypted containers to secure your data, you can add TrueCrypt’;s replacement VeraCrypt. If you want to build your own lab environment, you can add VirtualBox. There are a lot of things you can do. Below, I will walk through a few things that I would personally suggest to make life a little easier and build on the already robust Kali distribution.

Here are some suggested things to do after you download.

* change the default root password from “toor”


– remember the new password

* add a new user

adduser newuser

– Add the user to the SUDOers group


– Find the part of the file that is labeled “User privilege specification”.
– Find where it says “root ALL=(ALL) ALL”.
– Type “o” to insert a new line below it.
– Now type what you want to insert, eg “newuser ALL=(ALL) ALL”.
– The file should look like:
# User privilege specification
newuser ALL=(ALL:ALL) ALL

– Hit esc to exit insert-mode.
– Type “:x” to save and exit.

– or a faster way…

useradd -m newuser -G sudo -s /bin/bash
passwd newuser

* change the default SSH keys

cd /etc/ssh/ && mkdir back
mv ssh_host_* back
dpkg-reconfigure openssh-server

– now to compare the new keys with the old ones to make sure they are different

md5sum ssh_host_* && md5sum back/ssh_host_*

– If they don’t match, remove them

rm /etc/ssh/back/ssh_host_*

* add MultiArch for i386 support if you have the 64bit OS

dpkg –add-architecture i386

* update

apt update && apt upgrade -y && apt dist-upgrade -y

* install Java (some software requires it)

echo “deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main” >> /etc/apt/sources.list
echo “deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu precise main” >> /etc/apt/sources.list
sudo apt-key adv –keyserver keyserver.ubuntu.com –recv-keys EEA14886
sudo apt-get update
sudo apt-get install oracle-java8-installer

* install gdebi (.deb file installer)
* install git (for git clone / repositories)
* install tor (tor onion routing)
* bleachbit (favorite tool of politicians)
* install youtube-dl (to download your favorite youtube and other website videos for offline use assuming you have permission)
* install libreoffice (office suite, great for report writing)
* install clamav (antivirus)
* install virtualbox (virtual machine environment)
* install openvas (vulnerability scanner)

apt install gdebi git tor bleachbit youtube-dl libreoffice clamav virtualbox virtualbox-dkms openvas -y && apt autoclean && apt-autoremove

* install teamviewer

[embedyt] https://www.youtube.com/watch?v=U4vO5rqGpr8[/embedyt]

Download the Debian version (????.deb) from https://www.teamviewer.com/en/download/linux/

cd ~/Downloads
gdebi teamviewer????.deb

* install skype

Download the Debian version (????.deb) from https://www.skype.com/en/download-skype/skype-for-computer/

cd ~/Downloads
gdebi skype????.deb

* install veracrypt

Download the Linux version from https://veracrypt.codeplex.com/wikipage?title=Downloads

cd ~/Downloads
bash veracrypt-????-setup-gui-x64

* install simpleducky

git clone –recursive git://github.com/skysploit/simple-ducky.git /usr/share/simple-ducky
bash /usr/share/simple-ducky/install.sh

– to update

cd /usr/share/simple-ducky && git pull

* install exploitpack (java is required)

git clone https://github.com/juansacco/exploitpack.git /usr/share/exploitpack
cd /usr/share/exploitpack
java -jar ExploitPack.jar

– to update

cd /usr/share/exploitpack && git pull

* install Veil Evasion 3

git clone –recursive https://github.com/Veil-Framework/Veil.git /usr/share/Veil
cd /usr/share/Veil/setup
./setup.sh -c

– to update

cd /usr/share/Veil && git pull

* install GoPhish

download newest release from: https://github.com/gophish/gophish/releases

cd ~/Downloads
unzip gophish-v???-linux-64bit.zip -d /usr/share/
cd /usr/share/gophish-v???-linux-64bit
chmod 755 ./gophish
./gophish & firefox https://localhost:3333 &

* install pwntools CTF framework and dependencies

apt install python2.7 python-pip python-dev git libssl-dev libffi-dev build-essential
pip install –upgrade pip
pip install –upgrade pwntools

If you want to vew the change log: view the change log here.  Now that you’ve added a few things to Kali, let the fun begin.

P.S. I would suggest logging out of root and in the the “newuser” you created. Any time you need to run something at a higher privilege, use “sudo program”. For example:

sudo ifconfig eth0 down
sudo macchanger eth0 -r
sudo ifconfig eth0 up

Author: Jeremy Martin

Find interesting tips and tricks with the web series Cyber Secrets.

1 comment on “Kali 2017.1: Things to do after you install… Sharpening an already sharp weapon...

Leave A Reply

Your email address will not be published. Required fields are marked *