Kali Linux is the most desired pentesting distribution. There are number of tutorials for Kali Linux available on the Internet. Having said that, people constantly complain about not getting the public IP (WAN). They also complain that they can only use it within their local network. We can resolve this problem by opening a Linux computer to the internet, which involves configuring the router and port forwarding as well. However, this is not suggested because it will attract unwanted traffic and intruders that might recruit your machine into a global network of botnets.
The best possible way to accomplish your objective is to host Kali Linux in the cloud, where the vendor manages the network and server, so you can focus on your pentesting. Plus it's FREE!
In this article, we will talk about the steps to configure Kali Linux on Amazon AWS cloud for free.
In the first step, you’ll require Amazon AWS account. So, create an Amazon AWS account, or if already have one, log in to your account. After successful login, provide your payment details (note, you will not be billed until you exceed the free tier limitation).
After providing your payment details, let Amazon confirm your identity using the call verification process. Once verified, select the basic plan and move on to the next step.
In the next step, you’ll need SSH key pairs to access Kali Linux from your host computer. So, to generate SSH key pairs, go to your Amazon AWS console, click on the key pairs (under the network & security navigation), select the Create Key Pair option and give your selected pair a name.
The private key will be automatically downloaded to your device; keep it secure because you will not be able to get it again if you don’t have it.
Now, from your Amazon AWS Marketplace, locate the Kali Linux instance.
Before proceeding with the instance, make sure that the suitable region is selected. You can confirm the region from your AWS console account as shown in the figure below:
Click on the “Launch with 1-click” button to launch the recently configured instance. You can also view the status of your machine from the Amazon AWS console.
The process of configuring the Kali Linux in the cloud is now completed; let’s discuss the steps to access it from your Windows OS. You need the following tools:
Download and install the tools from the official website then open PuTTygen and load the previously downloaded private key file. The purpose is to convert it into the PuTTY supported format:
Save the private key and close the PuTTYgen program. Open the PuTTY program to connect it with your Kali Linux and load the private key in the Auth tab under the SSH navigation:
NOTE, in the session, use the username (ec2-user) and the public DNS detail of the Kali Linux machine:
Click “Open”, and you are ready.
Your Kali from the cloud is here. As this is the minimal installation, you might not be able to access all the tools. However, you can get all the tools by running the following command:
apt-get install kali-linux-full
Alternatively; run “apt-get install kali-linux-top10″ to get the top 10 security tools. Note, you should not go over the usage limit, or your card will be charged.
For Linux Users:
You can access the Kali AWS from your Linux machine also. For that, set the permissions and connect the server using SSH, then hit the following:
chmod 400 key_pairs.pem
ls -lah | grep key_pairs
ssh -i key_pairs.pem ec2-user@publicDNS
Run the sudo su command, to get the root access to your Kali machine.
VNC over SSH Tunneling to get the GUI Access of Kali Linux in AWS Cloud
Let’s move on to the steps to get the GUI access of the recently installed and configured Kali Linux machine. The infrastructure used:
- Ubuntu (Local Linux machine to access Kali)
- Kali Linux (configured in the AWS cloud)
- Windows with PuTTy (just to access the local and hosted Linux machine) - Note, this is not necessary, you can do all the functions with your local Linux too.
Now, update the packages and install the TightVNC on your host Linux machine:
sudo apt-get update
sudo apt-get install xfce4 xfce4-goodies tightvncserver
The existing newly installed Kali Linux is the command-based OS, but we can get the GUI-based OS by running the following command in the newly created Kali Linux machine:
apt-get install gnome-core kali-defaults kali-root-login desktop-base
After installation of the GUI, set up the VNC server by changing the resolution. As you will be using the VNC for the first time, it will ask you to create a password.
# tightvncserver –geometry 1024×768
Kali:1 shows that it is listening on port 5900+1 =5901
Now set up the SSH tunnel; this should be done on your host Linux as an alternative to Kali (cloud).
# ssh -L 5901:localhost:5901 -N -f ec2-user@PublicDNS -i key_pairs.pem
# netstat -anop | grep 590
You can see the listening port. In the command above:
-N represents the SSH port forwarding
-f runs the SSH commands in the background
The SSH tunnel has been created. Now we will be connecting the local host using the TightVNC viewer, but you can use the Ubuntu default viewer as well.
And here is the connectivity:
So, Kali Linux is ready, and being hosted in the cloud with public IP won't cost you anything. However, you need to take note of Amazon’s abuse policy; they do not allow you to scan the third party premises. In addition, to conduct pentesting you need to complete the Penetration testing request form.