About Blog Security+ Training Online Login

Security+ Training Online | Lab | Downloading Kali Linux (Part 2 of 7)

kali linux lab Feb 26, 2018
 

Awesome! If you made it this far man...

You are a freggin' superstar.  Sticking with this stuff is hard work and if you've been following all the videos and training lessons up until this point then I commend you.

Now we're going to have some fun.  We're going to install the best penetration testing, ethical hacking, vulnerable assessment toolbox out there: Kali Linux:

Last week we looked at how to Setup VMWare Workstation.  I showed you where to download it and how to install it.  Click the link below to get started on that one if you missed it.

We have 6 more lessons in this 7 part series so stick with me! Today - we're going to Kali baby!

  1. How to Setup VMWare Workstation
  2. How to Download Kali Linux for your hacking lab
  3. How to Install Kali Linux from scratch (step-by-step)
  4. How to Configure Kali Linux (you know, how to pimp out the interface)
  5. How to Legally Download and Install Windows 10 for Free
  6. How to Install VMware Tools (open-vm-tools) in Kali Linux
  7. How to share folders with your VM

How to Download Kali Linux 

Before we can have fun hacking in our Security+ hacking lab, we need an attacker.  Kali Linux is the best offensive security linux distribution out htere.

So I'm going to show you:

  1. Where to download Kali Linux
  2. How to use PowerShell to confirm the version of Kali Linux you downloaded hasn't been hacked or corrupted. 

So we begin our journey with kali.org/downloads.

You'll see options to grab the 32 bit or 64 bit versions and you might be tempted to go for the Kali 64 bit version.

I actually recommend downloading Kali 32 bit because:

  • Some linux packages work on Kali 64
  • Kali 32 is better when you learn how to reverse engineer malware because the address space is shorter.

Kali 32 is basically jas fast as Kali 64 and you won't notice a difference so just go with the 32 bit version!

The Kali Linux SHA sum

Now one thing I want to point out that most newbies miss is the sha256sum.

This is a message digest that you can use to verify the integrity of the application.  (if you're skills are a little rough concerning hashes, check out the training lesson on Data Integrity).

Now, here's what we're going to do: we're going to copy that hash to the clipboard, open Windows PowerShell and run the SHA256 sum on the ISO after we've downloaded it. 

If the digest values match then we are good; otherwise, we need to re-download it or figure out what happened because the version we have has been tampered with or is corrupted.

To open PowerShell in Windows 10, hit the Windows Key and type "powershell".

Then right-click the value that pops up there and click "Run as Administrator"

Now in PowerShell we need to change into the directory containing our downloaded file and then run the following PowerShell cmdlet to check the hash:

Get-FileHash -Path kali-linux-2017.2-i386.iso -Algorithm SHA256

Your value for the -Path parameter might be different given when you downloaded the ISO because Kali is constantly updating the distribution.

The Kali Linux Hash

Now that we have the hash, we can copy this value and paste it into the clipboard, put it in quotes, and then use the -eq parameter to paste in the value from the website.

If the value shows "True" you know the comparison is perfect.  PowerShell doesn't care about case so "A" = "a" as far as PowerShell is concerned.

Just don't forget the quotes when you start the comparison.

The graphic below shows me running Get-File hash on the Kali ISO and then comparing the resultant hash with the value on the kali.org website using the -eq operator.

You can see the output return was "True" so we're good to go here!

 

Getting Kali in VMware Workstation

Awesome! Now we're ready to get Kali Linux in VMWare Workstation.

This part requires a few steps so pay attention here.

First we need to open VMWare Workstation and click, "Create a New Virtual Machine".

This will open a new window asking us to either create a "Typical (recommended)" VM or a "Custom (advanced) VM".  Typical is perfect for what we're doing today so let's go that route.

Under "Installer disk image file (iso):" we paste in the path to the Kali Linux ISO we downloaded and click Next.

Next VMWare will ask us to select a guest operating system.  Choose "Linux" and make sure the Version is the latest version of Debian.  Mine is "Debian 8.x" at the time of this posting.

Next we name our Virtual Machine.  I'm going with "Kali 2 (32-bit)" to make it easy to find it when we start configuring additional VMs.

On the next screen, you'll be asked to specify the disk capacity.  Leave it at the default value but change the radio button from "Split virtual disk into multiple files" to "Store virtual disk as a single file".  The reason for doing this is purely based on performance.  Trust me, you'll thank me later.

Now we're done.  If you find a setting you don't like, such as the amount of memory allocated to the VM, just click it and we can change the values right here.

Isn't that awesome?  Just keep in mind that your physical host machine needs to have enough physical RAM to support the increased amounts you apportion to the Kali VM.

You can also add a nice description to keep everything organized.

Awesome!

Coming Up

In the next lesson, I'll show you how to install Kali!  It's going to be awesome.  Let's keep this going! 

Don't forget to subscribe to our newsletter below to get the latest updates and tricks for passing this test and I'll see you next week!

Oh wait, I almost forgot - here's a quick video training lesson that walks you through everything we covered in this article.  Don't forget to subscribe to my Youtube channel as well so you can be the first to know when a new video drops!

 

Take the Next Step!

Join our FREE mailing list to get FREE Security+ training online. You'll get tons of Security+ videos, braindump PDFs, lab simulations and more.

Yes! I want to subscribe
Close

50% Complete

Let's do this!

Pop in your first name and best email address and we'll send you:

The latest updates on the CompTIA Security+ SY0-501 exam

Proven tips and tricks for passing the exam

Hands on video labs with complete step-by-step walk-throughs

And don't forget to refresh your inbox.  You should see us there in about 3 minutes.