Installing Kali on VirtualBox
In this section, we will install Kali Linux into a virtual host in the VirtualBox environment, as we described in the previous section.
Kali Linux (Kali) is based on the Debian operating system; and it is a self-contained environment that includes hundreds of tools that can be used for security auditing and testing purposes. It provides a platform, which you can use to build your penetration testing skills. It is one of the most widely used platforms for this purpose.
Kali comes in a variety of different flavors – we will be using the full Kali install using the Gnome windows manager, inside an Oracle VirtualBox environment. However, Kali can be installed on any hypervisor; it can be non-destructively run from a USB or CD drive, on Raspberry Pi's, or other similar single board computers. It supports installation on both the Intel and Arm processors.
When you first go to the Kali website and look at the downloads section (www.kali.org/downloads), it may be a bit overwhelming with all the options at first, so let's run through some of them, so you understand the differences.
With reference to the following image, you will note that the top two entries, the Kali 64 bit and the Kali 32 bit, are the default full install of the operating system using the Gnome windows manager.
The next two entries denoted by lightare a minimal install of Kali with the Gnome Windows manager for some space constrained systems. You can use this along with manually installing only the needed tools for your specific purposes.
The next four entries denoted with e17, Mate, Xfce, and LXDE are full installs of the Kali operating system, each using a different graphical windows manager for its desktop interface. If you happen to have an older device, consider running Kali with the XFCE interface, as it requires less resources than Gnome. I would only suggest these if you are familiar with them, and opt not to use the default Gnome windows manager or have a specific purpose to do so such as resource constraints.
The last two entries, armhf and armel, are for those two flavors of the arm architecture with armhf supporting the older ARMv4 instruction set, and the armel supporting the new version 7 instruction set.
Please also note that the sha256 value is displayed. This allows you to validate that you have downloaded an unaltered version of the image:
Kali.org download page, image section, as of May 2017
If you scroll down the page a bit more, you will see the section that allows you to download pre-prepared images that can automatically run without going through the setup process; in addition, it supports various hypervisors, or, in the case of ARM, has images and scripts for popular arm-based computers, such as Raspberry Pi's or other popular arm-based devices.
Note
We will not be using these images as we want to walk you through a full installation and setup of Kali, so you have a better understanding of the process.
Kali.org download page, hypervisor and arm section, as of May 2017
Getting ready
Before installing Kali Linux, we need to ensure the minimum requirements are met:
- Your computer is connected to the internet
- You have a minimum of 4 GB of RAM (8 GB is recommended)
- You have a minimum of 25 GB hard drive space available (80 GB is recommended for Chapter 3, Vulnerability Analysis)
- VirtualBox installation is complete and currently running
- Download the appropriate Kali disk image from https://www.kali.org/downloads/
For our purposes, we will be using the Kali 64 bit version. Please refer to the recipe introduction for more details about these options.
How to do it...
Let's begin the process of installing Kali:
- Click on
Newin the upper left-hand corner of the screen:
Main VirtualBox screen
- Name your virtual machine
Kali Linux, select type asLinux, and select the version asLinux 2.6 / 3.x / 4.x (64-bit). Press theContinuebutton when complete:
Name and operating system selection screen
- Memory size: You will be presented with a slider for memory size, with the ability to manually enter a value: in the box type in
4096. The 4 GB of memory will provide a smooth and responsive Kali install. Click onContinue. - Hard disk: select
Create a virtual hard disk nowand press onCreate.
Note
You will note that on this screen, it will refer to a recommended hard disk size of 8 GB. Please note that this is not sufficient for a full Kali install, and we will be allowed to change it in a future step.
- Hard disk file type: take the default file type of
VDI (VirtualBox Disk Image). SelectContinue.
Note
If you are interested in having easy compatibility with other hypervisors, you can select one of the other types available. Virtual Hard Disk (VHD) is widely used for Windows HyperV. Virtual Machine Disk (VMD) is widely used for VMware deployments.
- Regarding the storage on physical hard disk, leave the default of
Dynamically allocatedand click onContinue.
Note
If you are running an older spinning disk versus a solid state drive and have the available space on the disk, the recommendation would be to use Fixed size.
- File location and size: leave the name and location with the default, and either move the slider or enter
25.00GB directly into the box. Click onCreate.
Note
25 GB is a nice size for the install plus some extras. If you have limited space requirements please see our discussions of the various Kali image and installation options for more guidance in the introduction section of this recipe.
- Click on
Kali Linuxto highlight it; then click onSettings:
VirtualBox main screen - with Kali Linux VM shown
- From here, we will select the
Storageoption. Originally underController: IDEit will sayEmpty. Click to highlightEmpty. Click on the circular disk icon to the right ofIDE Secondary Master. An option dialog will be brought up, and selectChoose Virtual Optical Disk File. This will bring up a file manager dialog, which will allow you to find and select the Kali image you downloaded previously. Once completed, your screen should look similar to the following:
Kali Linux VirtualBox settings storage option
- Click on
Networkand verify thatAdapter 1shows attached toNAT Networkwith the nameNatNetwork:
Kali Linux - network adapter 1
- Click on
Adapter 2and forAttached toselectHost-only Adapterwith theNameasvboxnet0, then click onOK:
Kali Linux - network adapter 2
- We are brought back to the main manager screen. Let's click on
Kali Linuxto highlight it, and then click onStart:
VirtualBox manager screen
- We will now be brought to the main Kali installation screen. Let's click on
Graphical install:
Kali main installation screen
- Select an appropriate language; for our use, we will select
Englishand click onContinue:
Select a language screen
Note
You may click on X on the boxes at the top, if any, as they are only informational.
- Select the proper keymap for your region. For our purposes, we will select
American English. Then, click onContinue. The VM will then start by loading installer components. This should only take a moment or two based on the performance of your device. It will also detect and connect to your network automatically. - You will be brought to a screen where you must enter the hostname. Let's simply call our install
Kaliand click onContinue:
Kali configure network screen
- The next screen will ask for your domain name. We will leave this blank, and simply click on
Continue. - Our next screen will ask us to enter a root password. Select a strong password. Enter it for a second time to validate it, and click on
Continue. The install will continue through some further steps. - Once completed, you will be brought to a configure clock screen. Select the appropriate time zone; for our purposes, we will select
Eastern, then click onContinue:
Configure clock screen
- Partitioning disks: for simplicity, we will select
Guided - use entire disk, and click onContinue:
Partition disks
Note
It's important to note that, for our example here, we want to just keep it straightforward. When actually setting this up for production testing, I have a dedicated laptop and use a fully encrypted LVM. This would be a recommendation when you move from working in a sandbox and go to actual engagements; as a pen tester, you need to protect your work as well as your client's information. Encryption, in that case, is paramount.
Note
You may also want to keep in mind crossing borders with encrypted laptops and what the border security rights are. In the US, even for US citizens, they can ask for your passwords to get into the machines, remove them from your immediate control, and confiscate them. You may want to take situations like this into consideration; you can ship that encrypted laptop to and from the destination as needed, or complete your reports prior to leaving, and wipe the hard drive. Remember that deleting files is not securely wiping information - you can use a tool such as Darik's Boot and Nuke (DBAN) https://dban.org/ and use 5220.22-m wipe methods.
- You will be brought to a partition disks screen for confirmation. Click on the disk to highlight it, and click on
Continue:
Partition disks
Note
Please note that as you are inside a virtual machine when it references, your disk will be erased; it is only talking about the virtual partition and not your disk. If you have decided to load this on your PC as the native operating system, it will erase the entire drive.
- Select
All files in one partition (recommended for new users)and click onContinue:
Partition disks - screen 2
- Select
Finish partitioning and write changes to disk. Click onContinue:
Partition disks - screen 3
- Click on
Yesto write changes to disk. Click onContinue:
Partition disks - screen 4
Note
Your system will begin installing further. This process will take several minutes, so please be patient.
- Upon the completion of the install, you will be asked whether you want to use a
Network Mirrorfor your package manager. SelectYesand click onContinue.
- You will be asked to enter a proxy server if needed. Please enter any required information (for most installs, you will leave this blank). Click on
Continue. Kali will continue to install packages. - Select
Yesto install the GRUB boot loader and click onContinue. - Select the single drive listed to highlight it, and then click on
Continue. This will finish the installation:
Install GRUB boot loader
- After a short time, you will be brought back to the
Finish the Installationscreen. This will ask to boot your computer to ensure that you have removed the installation media. Under most circumstances, VirtualBox or other hypervisors will honor the disk eject command issued when Kali finishes installation, but we need to be sure. At this point in time, do nothing:
Kali Linux: finish the installation
- Move the installation windows to the side to expose the main VirtualBox manager screen. Click on to highlight the
Kali LinuxVM. Click onSettings, and next click onStorage. If underController: IDE, you do not seeEmpty, click on the install media shown to highlight it. Click on the icon at the far right that looks like a disk, and selectRemove Disk from Virtual Drive.Click onOK:
VirtualBox manager
- Go back to the Kali Installation screen, and now click on
Continue. It will finish a couple items up, and reboot the virtual machine bringing you to the login screen:
Kali Linux finish the installation
Note
Remember that when logging into the system, your username is root and the password that you created during installation.
