The cyber crime has taken a new landscape to the cloud. Many businesses have not taken notice the shared responsibility model when they start migrating their production and critical workloads to the cloud. I wrote a blog regarding this on Kloud blog.
2014 data breach has reached the highest point all time. Because of the public availability of hacking software and tools, the hacker of this decade could be anyone even an under-age kid.
Kali Linux is one of the offensive security (hacking) tools with more than 300 pre-installed tools. This will provide enough tools to test the security on our environment.
Writer does not responsible for any misuse of Kali Linux and this guide is written for educational purpose.
Kali Linux on AWS Step One
For the readers who want to know more regarding Kali Linux, click here . A year ago Kali Linux has finally been approved into Amazon EC2 marketplace. What does it mean for us? It means we can now boot an EC2 instance of Kali Linux using Image from AWS Marketplace and quickly take advantage of these offensive security tools to do penetration testing for our AWS environment especially.
For the readers who want to know how to start with AWS, click here.
Log into your AWS, Go to EC2 services, Go to AWS Marketplace and search for Kali Linux:
Select Kali Linux, for the lab purpose I use Micro instances and next configure the instance as required. You can launch Kali inside VPC. It is recommended :
- To use IAM (Identity and Access Management) role to secure access to your Kali Linux. The last thing you want is some bad guys using Kali inside your environment to hack your own environment. IAM best practices can be found here.
- Security Groups to be configured allowing SSH only to certain IP addresses. AWS Security Groups guidelines can be found here.
Download your keypair and keep it safely. SSH to your Kali. USERNAME = admin
Ok first step is done. Run sudo su to go to the root and we are ready for the step two
Kali Linux on AWS Step Two
The Kali-Linux provided is bare-bones Kali image. We need to install Full Kali and several other packages available.
Run : apt-get update if you got an old version of kali-archive-keyring
Run : apt-key adv –keyserver hkp://keys.gnupg.net –recv-keys 7D8D0BF6
Run apt-get install kali-linux-full to get full Kali Linux full installation
Run : apt-get install kali-linux-top10 to get the top 10 security tools in one swoop
Then the next step if you want to install X on your desktop (xfce):
apt-get install xorg xfce4 xfce4-places-plugin xfce4-goodies
You will be prompted with configuration wizard:
Then check to see if TightVNCServer is installed:
dpkg –get-selections |grep tightvncserver
If not, Run: apt-get install tightvncserver
Start the VNC server, run: vncserver :1
Check the VNC Port, run: netstat -an |grep 590
On Production environment do not allow listening to anything (0.0.0.0). Check the AWS Security Groups to allow your IP VNC to the kali linux instance.
Kali Linux on AWS Step Three (Optional)
Install GNOME Desktop (Optional) to give us user-friendly GUI driven for our Kali
apt-get install gnome-core kali-defaults kali-root-login desktop-base
To enable full GNOME instead of fallback GNOME, run:
dbus-launch gsettings set org.gnome.desktop.session session-name ‘gnome’
VNC to Kali Linux on AWS
VNC to the Kali :
Click here for the list of all Kali Linux metapackages you can install.
Next blog post we will discuss further on how to use Kali Linux
5 thoughts on “Offensive Security on AWS Part 1”
Hi! I’m getting a blank gray screen in VNC and have been unable to resolve this with the guidance I’ve found online. Any tips?
Checked whether the VNC server is running. What OS are you using to VNC to your Kali on AWS ?
good explanation 🙂
awesome waiting for next blog about using metasploit in it on different servers
Yes this is long overdue. I am working on it, maybe started looking at the threats from standard image for both Windows and Linux provided by AWS.
Thanks for reminding me.