Headless Kali

Since I am space and RAM limited on my laptop I decided to make a headless Kali virtual machine to keep around for playing with. Since I couldn’t find a reliable tutorial for removing all the GUI stuff from a normal Kali install, I decided to create a Debian-turned-Kali machine. Currently the goal is to only use this for command line tools.

First step, install and update a minimal Debian Wheezy(7.0) machine. Mine has only SSH installed from the start.

Next, add the Kali software repositories, and update. This is where i hit my first snag, as well as my first triumph. I’m doing this to learn, after all.

  • begin by adding the following lines to the /etc/apt/sources.list file

  • deb http://http.kali.org/kali kali main non-free contrib
    deb http://security.kali.org/kali-security kali/updates main contrib non-free

  • run # apt-get update to pull the latest info. Here is where I hit my snag. I got the following warningPubKeyError copy
  • This is a missing public key for the Kali Repos. I can still pull down and install software, but it will be doing so unauthenticated. Thanks to the public-ness of PKI, this is an easy fix, once I learned a little about what I was doing.

  • Pulling this key is simple enough, # gpg --recv-keys ED444FF07D8D0BF6PubKeyFix1 copy
  • Simply getting the key is not enough, you must tell apt to use it. # gpg -a --export ED444F07D8D0BF6 | apt-key add - this will return OK, and allow apt-get update to run without any further warnings.

Now I can install any Kali tool I’d like, and run them remotely through a headless VM. How can I run something headless? EASY, both my favorite Virtual Machine managers, Virtualbox and VMWare Fusion provide LOTS of command line tools for interacting with their software.

  • for VMWare its simply $ /Applications/VMware\ Fusion.app/Contents/Library/vmrun -T fusion start "/path/to/vm.vmx" nogui
  • and for VirtualBox its $ vboxheadless -startvm VMNAME

    Next time I visit this topic it’s likely to be “how to run remote GUI tools from a headless Kali VM”, when I find a need for a GUI tool on this machine.

  • PS to remember Part 2

    Building Directories with PowerShell

    I needed to create a script that will build out directories following a pattern. In this case, Microsoft Security Updates. Perfect opportunity to practice a little coding. The script needs to be functioning in an all Windows environment, and easy to maintain. Sadly, this eliminated Python, which is more interesting to me, but PowerShell is a very close second. And despite my desire to not be a Windows guy, the almighty paycheck comes from a company that builds a product that runs exclusively on Windows. So away we go(sanitized where appropriate).

    # get current year from system and format for directories
    $year = get-date -format yyyy
    $year_short = get-date -f yy
    $month = get-date -format MMMM
    $month_short = get-date -format MM

    # constants; current month name and prefix
    $parent_dir = "$month_short - $month"
    $prefix = "\MS$year_short-"

    # actual, live working directory
    $checkifdir = "\\servername.domain\software\patches\$year\$parent_dir"
    # testing/debugging directory
    #$checkifdir = "C:\Users\wkopp\Desktop\temp\sandbox\$year\$parent_dir"

    # check if current month directory exists, if not, create (w/loop)
    # this happens without user input

    if ($checkifdir -eq $false){
    md $checkifdir

    # ask user for range of this month's bulletins(user input)
    # create the names for directories needed.
    # create directories

    $st = Read-Host "Please enter the number of the first bulletin: "
    $end = Read-Host "Please enter the number of the last bulletin: "

    $bulletin_range = $st..$end

    for ($i = 0; $i -lt $bulletin_range.length; $i++){
    $string_name = $prefix + $bulletin_range[$i].ToString("000")
    $folder = $checkifdir + $string_name

    Write-Host $folder

    if ($folder -ne $false){
    md $folder

    PS to remember Part 1

    Reading through this link Raphael Mudge talks about using rogue applications called notepad.exe to call back out, and then drops this tidbit(emphasis mine):

    netstat -nab is a tool to help you discover rogue notepad.exe instances connecting to the internet

    the output of which looks something like this:

    I think to myself, this is a fantastic tool to use for troubleshooting, however, the default output is huge. I need to pare it down a bit. In Bash, I would just pipe to grep and be done. I’m very new at PowerShell, but it seems overly optimistic to thing it has grep.

    After a bit of searching, no, there’s no grep. However, somewhere in the StackExchange network there was a more appropriate solution. “Out-String” and “Select-String”. Mixing all that together gave me the following:

    netstat -nab | Out-String -Stream | Select-String -pattern “ESTABLISHED” -context 1

    So what does all that mean, exactly?

    netstat: “Displays protocol statistics and current TCP/IP network connections

      -n : shows addresses and ports as numerical infomation
      -a : all connections and ports
      -b : show executable involved

    Out-String: Sends objects as strings (pipes the output of netstat as strings instead of data)

      -stream : sends each string individually rather than concatenating to a single string

    Select-String: …You can use it like Grep in UNIX…

      -Pattern “” : inside the quotes goes what you’re looking to filter with
      -context # : this is the number of lines after your match that you want to return.

    So, as a baby step into PowerShell and learning how it is not Bash, this was fun. More of these to come as I get better at it.