Installing Kali Linux 2.0 on Amazon AWS

Update #2: New Kali Linux images available on AWS as of December 2016, details here: https://www.kali.org/news/kali-linux-aws-cloud/

Update: This method will likely no longer work, got the following message from the AWS Marketplace:

We are writing to inform you that, as of January 13, 2016, Offensive Security will no longer offer “Kali Linux minimal image” to new subscribers on AWS Marketplace. As a current subscriber, your use and subscription to Kali Linux minimal image is unaffected; you can continue to create new instances, and any running instances will not be affected in any way.

Installing Kali Linux 2.0 on AWS is not too complicated, though there is a couple of gotchas. Follow this guide to get Kali and Metasploit up and running:

  • Log in to your AWS account and launch a new EC2 instance. Find Kali Linux minimal image AMI (Amazon Machine Image) by Offensive Security in AWS Marketplace. This AMI is free. Use m3.medium or bigger instance type or you won’t have enough RAM for running Metasploit.
  • Ensure inbound SSH is enabled for the new machine so you can access it.
  • Connect to the created instance, use admin as the username:
ssh -i <path to your SSH key> admin@<public IP of the instance>
  • The AMI is a minimal install of Kali Linux version 1. Now we need to update Kali to version 2, install additional components:
sudo su -
cat << EOF > /etc/apt/sources.list
deb http://http.kali.org/kali sana main non-free contrib
deb http://security.kali.org/kali-security/ sana/updates main contrib non-free
EOF
apt-key adv — keyserver hkp://keys.gnupg.net — recv-keys 7D8D0BF6
apt-get update
apt-get dist-upgrade
  • Here’s some explanations: firstly (sudo su -) we elevate to root; then (cat << … EOF) update package repository list; then (apt-key …) add an updated package signing key to the apt keyring (otherwise apt will reject the newer packages due to untrusted signatures); last two commands update package list and upgrade the Kali distro to version 2. You’ll be asked some questions during the upgrade process. Defaults are fine for all of them.
  • Now upgrade to full Kali Linux 2.0 installation using kali-linux-full metapackage and restart the machine (assuming you are still in the root session).
apt-get install kali-linux-full
shutdown -r now
  • Again, defaults are fine for most of the questions. One of the questions is to configure password for root account for MySQL, I would strongly suggest you do it.
  • This step will take some time due to the number of packages to be installed. Once the machine is restarted, you have a full install of the latest Kali Linux 2.0
  • Once the machine is restarted, you are ready to initialize a Metasploit database and start Metasploit console. Connect back using admin account and run:
sudo /etc/init.d/postgresql start
sudo msfdb init
sudo msfconsole

Where to go from here? Start with Metasploit Unleashed, a free online Metasploit course.

Note 1: it is illegal to test systems that you don’t own or don’t have authorization to test. Amazon does certain level of monitoring for security events, if you are actively using the Kali instance for (legitimate!) security testing you might need to notify Amazon.

Note 2: current AMI that is available on Amazon only supports older PV (paravirtual) virtualization, so you will not be able to use newer (m4.*, for example) machine types in EC2 when creating the instance as they require HVM virtualization support. I believe it is possible to convert the available AMI to support PV, but I didn’t have time to do so.

Note 3: if you plan to use Metasploit, you will likely need additional open ports for the instance (for client side exploit hosting, as well as reverse Meterpreter connections).

Note 4: use SSH port forwarding with VNC or X11 if you’d like to use GUI tools. More on port forwarding: https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding

References:

Random rumblings about #InfoSec. The opinions expressed here are my own and not necessarily those of my employer.