It’s that time again when our perennial hacking feature, always a favourite, comes to light [that time was supposed to be two weeks ago – ed]. This isn’t all dark glasses and hoodies, though; we don’t enforce any kind of dress code. But we do have a comprehensive guide that will get you started with Kali Linux, the ultimate distro for security newbies and penetration-testing professionals alike. We’ll get you using coding with Python and using the RapidScan script to automate scans, so you can defend your network.
Hacking in its purest sense means using tools (hardware or software) to do things that they weren’t initially supposed to do. The term and culture (along with the word ‘foo’ that proliferates across programming textbooks) originated at a model railway club at MIT. You might want to relive some of that unofficial tweaking spirit by hacking (OK, recompiling) the kernel – the very engine of your Kali install.
Or, if you’d rather not be derailed by train metaphors, we’ll also cover keyloggers and have a go at port-scanning with Nmap and password-cracking with John the Ripper. And if that’s not enough, we’ll finish with a foray into the mighty Metasploit, showing you how it can be used to craft payloads for attacking Android mobile devices. All aboard!
Kali Linux hacking
Kali Linux is jam-packed with everything you need to start your hacking career. Or end it, if you don’t obey the law.
Kali Linux is a Debian-based distro that we can guarantee appears in pretty much any ‘how K to hack’ tutorial you might find. It’s possible to use it straight from live media; indeed, in the early days, this was the only way to run it. Kali Linux used to run everything as root. This made it a terrible choice for doing anything other than pen-testing work. But now you can install and use it just as you would any other distro, with an unprivileged user account. Certain tools require root to work, but we’re already getting ahead of ourselves. Let’s get on with the installation.
First, download an ISO from www.kali.org/get-kali. The default Installer image is 3.9GB and has everything you need to get started. There is also a cutting-edge weekly release, a NetInstaller or a full-blown airgapped install (at a chunky 11GB). If you have an old machine you want to transform into a hacking station, Kali still ships a 32-bit edition. You’ll also find live media via the links. And prerolled images for virtual machines, Windows Subsystem for Linux, Android devices, cloud installs, containers and even Raspberry Pi.
But never mind those, we’re going with a traditional install. You might want to do this in a virtual machine (VM), but there are caveats. Certain network hijinks require direct access to hardware (particularly Wi-Fi hacking) and brute force password-cracking can offload work to graphics cards. Neither of these is readily available in a VM, but the virtual approach obviates the risk of any dual-bootrelated mishaps. Kali Linux only supports installation to a
