Kali linux rolling release

Kali Linux 2020.1

Состоялся rolling-release Kali Linux 2020.1, который содержит множество обновлений и нововведений: non-root user by default, отказ от python 2 (deprecated), XFCE в качестве окружения рабочего стола по-умолчанию (из последних релизов 2019).

Новинки

На протяжении всей истории Kali (и его предшественников BackTrack, WHAX и Whoppix) учетные данные по умолчанию были root/toor. Больше не используется учетная запись суперпользователя root по умолчанию в Kali 2020.1. Учетная запись пользователя по умолчанию теперь является обычным непривилегированным пользователем (kali/kali — не забываем сменить пароль).

Больше не предлагаются отдельные образы для каждой среды рабочего стола (DE). Вместо этого теперь есть один образ с возможностью выбрать свой DE во время установки. Это означает, что нет ссылки на скачивание для Xfce (которая является средой по умолчанию с 2019.4 ), GNOME, KDE, MATE или LXDE. Только один образ, чтобы выбрать любое из окружений.

По умолчанию образ содержит kali-desktop-xfce и kali-tools-default пакеты, что позволяет произвести автономную установку Кали. Выбор любых инструментов не по умолчанию потребует подключения к сети.

Мобильная платформа для тестирования на проникновение, Kali NetHunter, также претерпела некоторые улучшения. Теперь вам больше не нужно рутовать свой телефон для запуска Kali NetHunter, правда это имеет некоторые ограничения.

• NetHunter — требует рут-устройств с рекавери и патченым ядром. Не имеет ограничений.
• NetHunter Light — требует рут-устройств с кастомным рекавери, но без патчинга ядра. Имеет незначительные ограничения, т.е. отсуствие Wi-Fi инъекций или поддержка HID.
• NetHunter Rootless — устанавливается на все стандартные немодифицированные устройства с использованием Termux. Некоторые ограничения, такие как отсутствие поддержки db в Metasploit и отсутствие рут-разрешений.

Теперь для пользователей GNOME появилась новая тема, а в качестве дополнительного бонуса — возможность выбора между светлой и темной темой.

Продолжая тему Kali 2019.4, Kali-undercover (крайне положительно отмеченную сообществом) теперь еще более похожа на Windows, чтобы помочь работать в скрытом режиме.

Добавлены следующие новые инструменты: cloud-enum, emailharvester, phpggc, sherlock, splinter.

Несколько новых (kali-community-wallpapers) и старых (kali-legacy-wallpapers) обоев, которые вы можете использовать в ностальгические моменты.

Python 2 — конец поддержки, будут удалены все инструменты, зависящие от Python 2.

Источник

Kali Linux 2016.1 Release — Rolling Edition

Our First Release of Kali-Rolling (2016.1)

Today marks an important milestone for us with the first public release of our Kali Linux rolling distribution. Kali switched to a rolling release model back when we hit version 2.0 (codename), however the rolling release was only available via an upgrade from 2.0 to kali-rolling for a select brave group. After 5 months of testing our rolling distribution (and its supporting infrastructure), we’re confident in its reliability — giving our users the best of all worlds — the stability of Debian, together with the latest versions of the many outstanding penetration testing tools created and shared by the information security community.

What’s new in Kali Rolling?

Kali Rolling Release vs Standard Releases

To get a better understanding of the changes that this brings to Kali, a clearer picture of how rolling releases work is needed. Rather than Kali basing itself off standard Debian releases (such as Debian 7, 8, 9) and going through the cyclic phases of “new, mainstream, outdated”, the Kali rolling release feeds continuously from Debian testing, ensuring a constant flow of the latest package versions.

Continuously Updated Penetration Testing Tools

Our automated notification system of updated penetration testing tool releases has been working well over the past 5 months and has ensured that the kali-rolling repository always holds the latest stable releases of monitored tools. This usually leaves a gap of around 24-48 hours from notification of a new tool update, to its packaging, testing, and pushing into our repositories. We would also like to introduce our new Kali Linux Package Tracker which allows you to follow the evolution of Kali Linux both with email updates and a comprehensive web interface. The tracker can also help in identifying which versions of various tools and packages are in our repository at any given moment. As an example, the screenshot below shows the timeline of the nmap package in Kali and tracks its repository versions.

VMware Tools vs Open-VM-Tools

This release also marks a dramatic change around how VMware guest tools are installed. As of Sept 2015, VMware recommends using the distribution-specific open-vm-tools instead of the VMware Tools package for guest machines. We have made sure that our package installs and works correctly with the latest Kali rolling kernel and are happy to see that all the needed functionality such as file copying, clipboard copy/paste and automatic screen resizing are working perfectly. To install open-vm-tools in your Kali Rolling image, enter:

Transitioning From Kali 2.0 to Kali Rolling

Migrating from Kali sana (2.0) to Kali rolling is simple. As root, you can run the following commands and be on your way:

Please note that the Kali sana repositories will no longer be updated and will be EOL’d on the 15th of April 2016.

Kali Penetration Testing Tools Site Refresh

Our on-going mission to give all our Kali sites a facelift and common look and feel has made its way to the Kali Tools website. Beyond its clean good looks, the Kali tools site includes descriptions and sample usage for virtually every tool in the Kali Linux arsenal. You can quickly select tools by what they do, such as conducting information gathering, cracking passwords, doing DNS enumeration, evaluating wireless networks, and much, much more. In addition, we have started adding community driven videos to some of the tool entries, currently taken from @10101_Brew. Keep them coming!

Download Kali Linux Rolling 2016.1

Full, Light and Mini Kali Linux ISO downloads

We try to keep our release notes to a minimum but there’s just so much to say! As with our Kali 2.0 release, we’re putting out two ISOs — a full ISO image with Gnome, and a “light” ISO, which just includes the “top 10” metapackage and XFCE. As usual, feel free to engage the community, report bugs, or join our forums for more discussions about the Kali OS.

Kali Rolling VMware, Virtualbox, and ARM Images

We will be releasing VMware and VirtualBox images of Kali rolling 2016.1 next week via the Offensive Security website, as usual. We will also have a barrage of fresh new Kali Rolling ARM images for the various ARM devices we support. The transition to Kali Rolling in the ARM arena will bring in new opportunities to ARM enthusiasts, as these devices will also enjoy the fresh stream of tool updates in Kali Rolling. Get those Raspberry Pi’s warmed up for next week!

Shameless Kali Linux Promotions

PWK, AWAE and AWE in Black Hat USA 2016

We noticed that the Black Hat USA 2016 training schedule went online today, and figured this would be a good opportunity to give everyone a “heads up” about it. Our classes usually fill up quickly, and late comers are often disappointed. If you’re looking to sign up for one of our courses at BlackHat, our advice is “don’t’ wait”. In addition to our regular courses, we hope to be running another Kali Dojo, similar to the 2015 event. Register quickly if you want to join any of these events, you’ve been given fair warning!

OSCP? Try Harder and Win a NetHunter

A couple of weeks ago we released a blog post about “What it means to be an OSCP” in our eyes. If you’re an OSCP and would like a chance to Win an awesome OnePlus One NetHunter device, go ahead and read our previous blog post! We’ve extended the offer till the end of January, when our winner will be announced.

Источник

Kali Linux 2020.1 Release (Non-Root, Single Installer & NetHunter Rootless)

We are here to kick off our first release of the decade, with Kali Linux 2020.1! Available for immediate download.

The following is a brief feature summary for this release:

Non-Root

Throughout the history of Kali (and its predecessors BackTrack, WHAX, and Whoppix), the default credentials have been root/toor . This is no more. We are no longer using the superuser account, root, as default in Kali 2020.1. The default user account is now a standard, unprivileged, user.

For more of the reasons behind this switch, please see our previous blog post. As you can imagine, this is a very large change, with years of history behind it. As a result, if you notice any issues with this, please do let us know on the bug tracker.

root/toor is dead. Long live kali/kali .

Kali as your Main OS

So with this, should you use Kali as your daily driver, as the primary OS? It’s up to you. There wasn’t anything really stopping you before, we just don’t encourage it. We still don’t. But its a helping hand for the people who are familiar with Kali enough.

Why do we not recommend it? Because we are unable to test for that usage pattern and we don’t want the influx of bug reports that would come with it. If you are brave enough to try it, you may wish to switch the branch from “rolling” to “kali-last-snapshot” to try and be more stable.

Kali Single Installer Image

We took a good hard look at the usage of Kali, what images are actually downloaded, how they are put to use, and so on. With this information in hand, we decided to completely restructure and simplify the images we release. Going forward, we will have an installer image, a live image, and a network installer image.

These changes should allow for easier selection of the right image for you to download, while increasing flexibility on installation and further reducing download sizes.

Our Installer Image

• This is what we recommend for most users that want to install Kali on their system
• Doesn’t require a network connection (aka offline install) for the default package selection
• Able to select desktop environment to install (Previously there was a separate image for each DE: XFCE, GNOME, KDE, etc.)
• Able to select tools to install at install time
• Can’t be used to boot a live system. This is just an installer image.
• Filename:
  • kali-linux-2020.1-installer-.iso

We are no longer offering separate images for every desktop environment (DE). Instead, we now have a single image with the option to pick your DE during installation. This means there isn’t a download link for Xfce (which is our default option since 2019.4), GNOME, KDE, MATE or LXDE DEs. Just one image to rule them all.

At install time, you may select the tools included with Kali (or none at all)! This gives you more control over what you want. We understand that Kali comes with more tools than some people use, or they have their own select tools they use. Now they can install Kali without any metapackages, giving them a bare Kali installation, so they can individually select what tools they want (rather than groups/).

The default image contains the kali-desktop-xfce and kali-tools-default packages, allowing for an offline installation of Kali (as it always has been). Selecting any non-default tools will require a network connection.

Note: “Kali Live” is not included in this image. If you wish to use live mode, you’ll need the live image.

Network Install Image

• Smallest image to download
• This requires a network connection to install
• During setup, it will download the latest packages every time it’s used
• Able to select desktop environment to install
• Able to select tools to install
• Can’t be used to boot a live system. This is just an installer image.
• Filename:
  • kali-linux-2020.1-installer-netinst-.iso

It’s a very small image, containing only enough to install the base system, but behaving exactly like the full installer image, allowing you to install everything that Kali offers, provided that you have enabled network connectivity.

Live Image

• Its primary use is to be able to run Kali, without installing it
• But it also contains an installer, behaving like the “Network Install Image” described above
• Filename:
  • kali-linux-2020.1-live-.iso

“Kali Live” hasn’t been forgotten about — it’s just moved to its own image. This allows you to try Kali without installing it and is perfect for running off a USB stick. You can install from this image, however, it will require a network connection (this is why we suggest the stand-alone install image for most users).

Alternatively, you can generate your own image, in particular if you want to use another desktop environment instead of our default Xfce. It’s not as hard as it sounds!.

ARM Images

You will probably notice a bit of a change in the ARM images starting with our 2020.1 release. There are fewer images available for download, due to both manpower and hardware constraints, some images won’t be posted without community assistance. The scripts are still updated, so if an image doesn’t exist for a machine you use, you will have to create it by running the build script on a Kali machine.

ARM images for 2020.1 will still run as root by default.

The sad news that a lot of people didn’t want to hear… an image for the Pinebook Pro isn’t included in the 2020.1 release. We are still working on getting it added, and as soon as it is ready we will post it.

NetHunter Images

Our mobile pen-testing platform, Kali NetHunter, has also had some new improvements. You are now no longer required to root your phone in order to run Kali NetHunter, but that does come with some limitations.

To suit everybody’s needs, Kali NetHunter now comes in the following three editions:

• NetHunter — Needs rooted devices with custom recovery and patched kernel. Has no restrictions. Device specific images are available here.
• NetHunter Light — Needs rooted devices with custom recovery but no custom kernel. Has minor restrictions, i.e. no WiFi injection or HID support. Architecture specific images are available here.
• NetHunter Rootless — Installable on all stock standard, unmodified devices using Termux. Some limitations, like lack of db support in Metasploit and no root permissions. Installation instruction is available here.

The NetHunter documentation page includes a more detailed comparison. Each NetHunter edition comes with both the new “kali” user as well as root. KeX now supports multiple sessions so you can opt to run your pentest in one whilst writing a report in another.

Please note that due to how Samsung Galaxy devices function, the non-root user might not be able to run sudo but has to use su -c instead.

One of the peculiarities of the new “NetHunter Rootless” edition is that the default non-root user has almost full privileges in the chroot due to how proot containers work.

Theming

With our last release, we made a major change switching from GNOME to Xfce. That wasn’t the end for us; we have kept on going with the design work, and have more updates:

GNOME There is now a new theme for GNOME users and as an additional bonus, there is a light and dark theme!

Tools We are giving the tools that you are very fond of a makeover too! We are slowly working through our collection, refreshing them and adding in new icons.

Menu Eagle-eyed users may also notice the icons used in the menu have also been replaced.

Setup And if you opt to use the graphical installer of Kali, it’s also been updated (Before and after shots)

Kali-Undercover

We were not expecting the community’s overwhelming response to kali-undercover. So carrying on from Kali 2019.4 release, Kali-undercover now starts to feel even more like Windows to help blend in.

New Packages

Kali Linux is a rolling distribution, so it gets updates as soon as they are available, rather than waiting for “the next release”. So since the last release, we have the normal tool upgrades as well as a few new tools added, such as: cloud-enum , emailharvester , phpggc , sherlock , splinter .

We have a few new ( kali-community-wallpapers ) and old ( kali-legacy-wallpapers ) wallpapers to offer up if you want to customize or are feeling a little a little nostalgic.

Python 2 End Of Life

As a reminder, Python 2 has reached “end of life” on the 1st of January 2020. What this means is, we are removing tools that depend on Python 2. Why? Because they are no longer being maintained, they are not receiving updates, and they need replacing. The pentesting landscape is a dynamic field that is forever changing. It’s time to keep up. We will be doing our best to find alternatives that are actively worked upon.

Giving A Helping Hand

If you want to contribute to Kali please do! If you have an area, idea of something YOU would like to work on, please dig in. If you want to help, but don’t know where to start, please see our docs page. If you have a suggestion for a feature, please record it on the bug tracker.

Note: the bug tracker is for bugs & suggestions. Its not a place to get help or support — that’s for the forums.

Download Kali Linux 2020.1

Fresh images Why are you waiting? Start downloading now!

Existing Upgrades If you already have an existing Kali installation, remember you can always do a quick update:

You should now be on Kali Linux 2020.1. We can do a quick check by doing:

NOTE: The output of uname -r may be different depending on architecture.

As always, should you come across any bugs in Kali, please submit a report on our bug tracker. We’ll never be able to fix what we don’t know is broken.

Источник