🐉

Hacking with Kali Linux - Part 1

Introduction
VirtualBox & VMware installation
Virtualbox Installation Steps
Step 1: Download and install virtualbox
Step 2: Download Kali Linux ISO Image
Step 3: Create Kali Linux VirtualBox Instance
Step 4: Configure the network for your hacking lab
Step 5: Configure Virtual Machine Settings and Start VM
Step 6: Perform Initial Configuration
Step 7: Configure Host, User, and Time Zone
Step 8: Create Hard Disk Partitions
Step 9: Customize Kali Linux Installation
Running Kali Linux Pre-Built VM on VirtualBox
VMware Installation Steps
System Requirements
Downloading and Installing VMware
Installing VMware Workstation Pro
Downloading Kali
Using a Virtual Machine Image
Installing Kali Linux on VMware
VMware Workstation Pro
Installing Kali Linux From an ISO File
Performance and Setup
Increase RAM Allocation
Creating Snapshots
Cloning a VM
VMware Network Configuration
VirtualBox updates
Machine networking configuration
Exploring Kali Linux
The command line & using sudo
Sudo Usage

Hacking with Kali Linux - Part 1 1

 Best practices
Switching to root
Using the terminal
Running commands & Navigating the file system
Clearing the screen
Relative paths and absolute paths
Using man pages
Hidden Files and Folders
The echo command
The locate command
Autocompleting commands
The passwd command
Users and privileges
Understanding user permissions
Understanding groups
Changing permissions on files
Changing permissions on files continued
Adding a new user
Examining the Sudo Group
Networking commands
Ifconfig
The IP and ARP commands
The ping command
Creating, viewing and editing files
Using mousepad Instead of gedit
Starting and Stopping Services
Installing and Updating Tools
Git & GitHub
Aquatone & Pimpmykali
Installing Aquatone
Installing Pimpmykali

Introduction
Welcome to hacking with Kali Linux!

This Kali Linux course covers the basics and does not require any prior knowledge
of Linux or ethical hacking.

Hacking with Kali Linux - Part 1 2

 We will use virtual machines (VMs) to create isolated environments on your
system. Running Kali Linux on Windows, for example, allows you to switch
between systems easily, enabling lab setups without extra hardware.
Note that VMs can be resource-heavy, especially if your system has only 8 GB of
RAM. However, this setup is still manageable for most users. VMs are usually
preferred over installing directly on hardware.
In the next section, we'll install VirtualBox and VMware to prepare your
environment.

VirtualBox & VMware installation

There are two ways to set this up: If you're on Windows, you can use VMware
Workstation Pro. For Mac users, you'll use Oracle VirtualBox. The installation steps
for both will be covered in the following sections.

Virtualbox Installation Steps

Step 1: Download and install virtualbox
1. Go to the following URL or search virtualbox download in a browser. Click on the
appropriate install instructions for your machine:

Downloads – Oracle VM VirtualBox

Here you will find links to VirtualBox binaries and its source code.
https://www.virtualbox.org/wiki/Downloads

Hacking with Kali Linux - Part 1 3

 2. Run the downloaded installer as administrator. Follow the prompts and agree
to any license agreements.

Hacking with Kali Linux - Part 1 4

 3. Open VirtualBox to view your virtual machines on the left hand side. As this is
a fresh install, your machines list will be empty

Step 2: Download Kali Linux ISO Image

Kali Linux offers ISO images for 32-bit, 64-bit, and ARM64 architectures. To
download an ISO file:

1. Visit the installer section of the Kali Linux official website.

Hacking with Kali Linux - Part 1 5

 2. Select the host OS architecture and download the ISO by clicking the button in
the installer's bottom-left corner.

Step 3: Create Kali Linux VirtualBox Instance

Create and configure a new virtual machine to run Kali Linux by following the
steps below in VirtualBox.

1. Open VirtualBox Manager and click the New icon.

Hacking with Kali Linux - Part 1 6

 2. Specify a name for the VM and provide the path to the ISO image. Select
Next.

3. Allocate memory and virtual CPUs to the VM, with a minimum of 2 GB of RAM
and 1 CPU recommended for Kali Linux. Click Next when done.

Hacking with Kali Linux - Part 1 7

 4. Create a virtual hard disk for the VM, with at least 25 GB recommended. You
can also use an existing disk or skip adding one. Click Next to continue.

5. Review the new VM setup on the Summary page. Select Finish to create the
virtual machine.

Hacking with Kali Linux - Part 1 8

 The VM appears on the list in VirtualBox Manager.

Step 4: Configure the network for your hacking lab

1. Click on tools and select network

2. Select NAT Networks and click Create

Hacking with Kali Linux - Part 1 9

 3. Give your network a name, set the IPv4 Prefix to 192.168.57.0/24 . This will be
the virtual network that all your virtual machines are run on. Also make sure
Enable DHCP is ticked. In this case I have named the network ‘BOXHOSTING’

Hacking with Kali Linux - Part 1 10

 Step 5: Configure Virtual Machine Settings and Start VM
Before starting the VM and beginning the installation process, follow the
steps below to perform additional adjustments on the VM:

1. Select the Kali Linux VM and click the Settings icon.

Hacking with Kali Linux - Part 1 11

 2. Select the Advanced tab in the General section and change the Shared
Clipboard and Drag'n'Drop settings to Bidirectional. This feature allows the
host and the guest machine to exchange files.

3. Ensure the network your Kali machine is running on is set to NAT network , and
the previously created network is selected.

Hacking with Kali Linux - Part 1 12

 4. Click Start to begin installing Kali Linux.

Step 6: Perform Initial Configuration

When the new VM is started, the Kali Linux installer menu appears.
Start the installation procedure by following the steps below:

1. Select the Graphical install option.

Hacking with Kali Linux - Part 1 13

 2. Choose the system's default language, which will also be used during
installation.

3. Find and select your country from the list, or choose other.

4. Decide which keyboard mapping to use.

Step 7: Configure Host, User, and Time Zone

The following installer steps set up the hostname and domain of the system and
configure the user:

1. In the Configure the network section, enter a system hostname.

2. Type a domain name that the OS will use to identify the VM within a network.
Specifying a domain name is not necessary if the VM is not part of an extensive

Hacking with Kali Linux - Part 1 14

 local network.

3. Create a user account by providing the user's full name and username.
4. Create a strong password for the user account.

5. Select the correct time zone from the available options.

Step 8: Create Hard Disk Partitions

Proceed with the following steps to create a bootable partition on the virtual hard
disk:

1. Select how to partition the hard disk. The default option is Guided - use entire
disk.

Hacking with Kali Linux - Part 1 15

 2. Select the disk you want to use for partitioning. The only available option is the
disk created during the VM creation.
3. Select the partitioning scheme. The default option is All files in one partition.

4. The wizard provides an overview of the configured partitions. Ensure that the
Finish partitioning and write changes to disk option is selected.
5. Confirm the choice by selecting Yes on the next screen.

Hacking with Kali Linux - Part 1 16

 The wizard starts installing Kali.

Step 9: Customize Kali Linux Installation

After installing the system's core, Kali enables users to customize
the OS further. Choose the components to install by executing the
following steps:

1. Select the desktop environment and the tools you want, or click Continue to
proceed with the default options.

2. Select whether you want to use a network mirror.

3. If you use an HTTP proxy, enter the necessary information. Otherwise, leave
the field blank.
4. Install the GRUB bootloader on the hard disk. Select Yes and Continue.
5. Select a bootloader device to ensure the newly installed system is bootable.

Hacking with Kali Linux - Part 1 17

 When Kali finishes installing, the Installation is complete message appears.
6. Click Continue to reboot your VM. After rebooting, the Kali login screen
appears.
7. Enter the username and password created in the previous steps.
The Kali Linux desktop appears on the screen.

Hacking with Kali Linux - Part 1 18

 Running Kali Linux Pre-Built VM on VirtualBox
A quick way to run a Kali Linux VM is by using a pre-built VirtualBox
image. The section below explains how to obtain and start a pre-built
Kali Linux image on VirtualBox.
1. Visit the Pre-built VMs page on the official Kali Linux website.

2. Select the desired architecture and click the download button in the bottom left
corner of the VirtualBox card.

Hacking with Kali Linux - Part 1 19

 3. Wait for the 7z file to download, then unpack it to a directory of your choice.
4. Open VirtualBox Manager and select the Add button in the top menu.

5. Locate the virtual machine file you downloaded and unpacked. Double-click the
file to open it.

A Kali Linux VM instance appears in the menu on the left side of the screen.
6. Select the instance and click the Start button in the top menu.

Hacking with Kali Linux - Part 1 20

 Wait for the system to boot up.
7. On the login screen, use username kali and password kali to log in.

VMware Installation Steps

System Requirements
The requirements for VMware Player and VMware Workstation Pro are very
similar, as detailed below.

CPU: You'll need a 64-bit processor with a core speed of at least 1.3 GHz.

RAM: A minimum of 2 GB of memory is necessary, but we recommend 4 GB

or more.

Disk Space: Workstation Player only requires 150 MB of free disk space for
installing the software. If you install Workstation Pro, you'll require
approximately 1.2 GB of free disk space for the application installation.

Here are the minimum system requirements for installing Kali Linux on VMware:

At least 2 GB of RAM, although we recommend 4 GB or higher.

At least 20 GB of free hard disk space.

Downloading and Installing VMware

Hacking with Kali Linux - Part 1 21

 Before we show you how to install Kali Linux on VMware, you need to
have VMware installed on your system. VMware workstation player is no longer
available, however VMware Workstation Pro is now free for commercial use.

Installing VMware Workstation Pro

With VMware Workstation Pro, you can create and run
virtual machines on your desktop or laptop, as well as on servers.

Additionally, it has advanced features, such as the ability to create

snapshots, clone a VM, and change the virtual network settings.
To download and install VMware, follow these steps:
Go to the VMware Workstation Pro website.
Click the "Download Now" button for the version you want to download.

You will be taken to the Broadcom website where you must create an account and
sign in.

Hacking with Kali Linux - Part 1 22

 Once you have signed up and signed in, select the relevant installer from the
download list, making sure it is for personal use.

Hacking with Kali Linux - Part 1 23

Hacking with Kali Linux - Part 1 24
 Download the installer, and when completed, double-click on the VMware installer
file from the folder you saved it to and start the installation process. Click Next.

Accept the license agreement and click Next. Click Next three more times, and
finally, click Install. Once VMware is installed, click Finish, and you can proceed to
install Kali on VMware.

Hacking with Kali Linux - Part 1 25

 Downloading Kali
There are two ways to install Kali on VMware: using the .iso file or the prebuilt
VMware image. The prebuilt image is fully configured, making it quicker and
easier to set up.

Alternatively, if you want to download the .iso file, head over to the Kali website
and download the
Kali installer image.

Hacking with Kali Linux - Part 1 26

 Using a Virtual Machine Image
To download the Kali VMware image, follow these steps:
1. Go to the official Kali Linux website (Download Kali).
2. Scroll down to the "Virtual Machines" section.

Hacking with Kali Linux - Part 1 27

 3. Choose the VMware platform and click on the download link.

Installing Kali Linux on VMware

After downloading, you'll see a .zip file. Double-click it to open with your default
zip program. If needed, use 7Zip. Choose a destination for extraction and click OK.

We will show you how to Install the image on both the Pro version.

Hacking with Kali Linux - Part 1 28

 VMware Workstation Pro
Here is how to install Kali Linux on VMware Workstation Pro. Open VMware Pro
and click on “Open a Virtual Machine.”

Locate the extracted Kali VMware virtual configuration file and click Open.

Hacking with Kali Linux - Part 1 29

 Click on “Power on this virtual machine” and Kali will load.

Hacking with Kali Linux - Part 1 30

 The default login credentials are

Username kali

Password kali

Installing Kali Linux From an ISO File

Installing the Kali Linux .iso on VMware Workstation Pro allows customization with
advanced options like SCSI controller type and virtual disk type, but for most
users, the typical install is sufficient. Open VMware Pro and select "Create a New
Virtual Machine.”

Hacking with Kali Linux - Part 1 31

 Browse to the location where the .iso is saved, then click Next.

Hacking with Kali Linux - Part 1 32

 In the dialog box, select Linux as the Guest operating system and Debian 10.x 64-
bit as the Version.

Hacking with Kali Linux - Part 1 33

 Next, name your virtual machine and choose a folder for its location. You can
select any folder you prefer.

Hacking with Kali Linux - Part 1 34

 Next, allocate disk space for your Kali virtual machine. While Kali requires a
minimum of 20 GB, it's recommended to set it to about 35 GB if you have the
space. Choose to split the virtual disk into multiple files, which allows the disk to
expand based on usage, up to the maximum size specified. A new installation
typically uses about 10 GB, growing as you install more software in Kali.

Hacking with Kali Linux - Part 1 35

 At this point, you can click finish to complete the installation.

Hacking with Kali Linux - Part 1 36

 Once booted, installing Kali is the same whether it's on bare metal or through
VMware. For a step-by-step guide on installation after setting up the .iso, refer to
the previous steps in the VirtualBox Installation file.

Performance and Setup

VMware lets you adjust various settings in your virtual machine, such as RAM
allocation and processor usage. Features like snapshots, VM cloning, and network
configuration changes are only available in VMware Pro. To access the settings
menu in either edition, click "Edit virtual machine settings" from the main screen.

Hacking with Kali Linux - Part 1 37

 Increase RAM Allocation
To allocate more RAM to Kali Linux, click the "Memory" option and use the slider
to adjust the size. VMware recommends optimal RAM allocation, allowing you to
assign between 4 MB and 64 GB (depending on your host system). For a smooth
experience, we suggest allocating 4 GB, but Kali Linux can still run effectively with
just 2 GB.

Hacking with Kali Linux - Part 1 38

 Creating Snapshots
A useful feature in VMware is the ability to create snapshots, which capture the
current state of your VM, including all settings and data. This allows you to revert
to that state if needed. If you’re using Workstation Pro, create a snapshot after
your initial Kali installation, naming it something like "fresh install."
It's also advisable to create a snapshot before any major changes, like updates or
configuration adjustments. To create a snapshot in Workstation Pro, go to the VM
menu, select Snapshot, and then click "Take Snapshot.”

Hacking with Kali Linux - Part 1 39

 Name your snapshot to reflect its purpose and provide a brief description.

Hacking with Kali Linux - Part 1 40

 If you need to revert back to your snapshot. Head to the VM menu, select
Snapshot, and then select “Revert to Snapshot.”

Cloning a VM
Another great feature in VMware Pro is the ability to clone a VM, allowing you to
create multiple base systems for testing different configurations. Unlike
snapshots, which can't run simultaneously with the original, VM clones can
operate at the same time. Keep in mind that cloning requires additional disk space
since it creates another VM. To create a clone in VMware Pro, open the VM menu,
click on Manage, and then select "Clone.”

Hacking with Kali Linux - Part 1 41

 Click Next to start the Clone Virtual Machine Wizard.

Hacking with Kali Linux - Part 1 42

 Choose where you want to clone from and click Next.

Hacking with Kali Linux - Part 1 43

 Choose “Create a full clone” (recommended) and click Next.

Hacking with Kali Linux - Part 1 44

 Finally, name the new clone and decide where you would like it to be saved.

Hacking with Kali Linux - Part 1 45

 The cloning process will take a few minutes to complete.

Hacking with Kali Linux - Part 1 46

 You now have a cloned VM.

Hacking with Kali Linux - Part 1 47

 VMware Network Configuration
Ensure you are running on a NAT network. Click virtual machine settings > network

adapter > NAT used to share the host's IP address

Hacking with Kali Linux - Part 1 48

 VirtualBox updates
This section is about VirtualBox updates. If you’re not using VirtualBox, skip this.
For users of VirtualBox, we need to update a few things. Google VirtualBox extension

pack ,

Go to the downloads page, scroll down and click all supported platforms to download.

Hacking with Kali Linux - Part 1 49

 Open VirtualBox, click on tools , then extension pack manager .

Click the plus sign, find your download, and install it, making sure to accept the
terms.

Hacking with Kali Linux - Part 1 50

 Click install

Agree to the terms and conditions

Hacking with Kali Linux - Part 1 51

 The extension pack has been successfully installed

Lastly, go to the network tab and click create while inside the NAT Networks window.

Hacking with Kali Linux - Part 1 52

 Add a NAT network and change the default to 192.168.57.0/24 , which will be used
throughout the course. Ensure DHCP support and set it to NAT network for every
machine you use in this course if you’re using VirtualBox.

Hacking with Kali Linux - Part 1 53

 Machine networking configuration
Now for setting Up Machines, Click on a machine, go to settings, then network,
and select NAT network.

1. Click on the machine you want to set the NAT Network connection for, and
click settings

2. Click the networking settings in Adapter 1 . Make sure NAT Network is

selected. Choose the network created in the previous step.

Hacking with Kali Linux - Part 1 54

 This sets it up automatically. When running multiple machines (like Kali, Kioptrix,
or an Active Directory lab), ensure they’re on the SAME NAT network to avoid IP
conflicts or network issues. It’s crucial to set the NAT network for every machine
you set up. Now, let’s move on to the next section.

Exploring Kali Linux

Before diving into commands, let’s familiarize ourselves with Kali Linux. Although
different versions may appear throughout the course, the commands will remain
the same.
Interface Overview: Clicking the Kali logo reveals favorites like the terminal, text
editor, and Firefox. Scrolling through, you’ll find applications categorized by
hacking stages, from information gathering to exploitation and post-exploitation,
each containing relevant tools.
Using the Terminal: Most of our work will be done in the terminal, similar to the
command line in Windows. While the GUI is available, we will primarily operate in
the terminal.

Click the icon in the upper left to open the terminal

Hacking with Kali Linux - Part 1 55

 Press ctrl + or command + if on a Mac

Hacking with Kali Linux - Part 1 56

 The command line & using sudo
As we progress, we’ll explore the command line and its benefits. The next section
will cover the sudo feature, a crucial change since Kali Linux 2020.1. Previously,
we operated as ‘root’, the ultimate user. Now, we operate as ‘Kali’, without direct
root privileges for improved security.

Sudo Usage
The sudo command, short for superuser do , allows us to run commands with
elevated privileges. For instance, to view the sensitive /etc/shadow file, we use sudo

cat /etc/shadow . This command runs as root , granting access to the file.

sudo cat /etc/shadow

Best practices
While most commands in this course may require sudo , it’s best to run commands
as a regular user and use sudo only when necessary. This is possible because
‘Kali’ is part of the ‘sudoers’ file, granting it permission. Not all users have this
privilege; a new user ‘john’ would need permission to run commands as ‘root’.
Thus, ‘Kali’ acts as an administrator only when needed.

Hacking with Kali Linux - Part 1 57

 Switching to root
You can switch to root using sudo su . This is only for the current instance. You
could change the root password and log in as root, but it’s not the best security
practice. It’s recommended to stay as kali and use sudo as needed.

sudo su

Using the terminal

While Linux has a GUI, we’ll spend most of our time in the terminal. The terminal
displays your user, hostname, and current directory. Use the pwd command to see
your current directory.

pwd

Hacking with Kali Linux - Part 1 58

 The tilde (~) represents the home directory, which varies for each user.

You can run sudo su to switch to root and su kali to switch back to kali.

sudo su
su kali

Hacking with Kali Linux - Part 1 59

 Running commands & Navigating the file system
If a command fails or shows 'access denied,' try running it with sudo . This is
essential for commands in this course.

Clearing the screen

To clear the screen, type clear or ctrl l

clear

We’ll now explore file system navigation with the ls and cd (list and change
directory) commands.
To list the contents of the directory you’re currently in, type ls :

ls

Hacking with Kali Linux - Part 1 60

 To move from the ‘kali’ folder to ‘downloads’, use cd Downloads .

cd Downloads

Hacking with Kali Linux - Part 1 61

 cd .. moves up one level—so from ‘kali’ to ‘/home’,

cd ..

For the root directory use ./ . You can’t go beyond this.

Hacking with Kali Linux - Part 1 62

 cd ./

To clear the screen, use Ctrl + L. To list files and folders in the current directory,
use ls . Folders appear in dark blue, and files in various colors.

To return to the ‘home’ folder, type cd h and hit Tab for auto-completion. If there
are multiple options, type enough to differentiate and press Tab.

cd home

Hacking with Kali Linux - Part 1 63

 Finally, use cd kali and ls to view contents like ‘desktop’, ‘documents’, and
‘downloads’, similar to the graphical user interface."

cd kali

Relative paths and absolute paths

"To access the 'etc' folder from the base directory, you can't just use cd etc

because it’s not directly accessible. You need to use the full path, like cd /etc , to
navigate to it from anywhere. Use Tab to see available folders and ls to list
contents.

cd /etc

ls

Hacking with Kali Linux - Part 1 64

 You can return to the home folder with cd ~ and clear the screen with Ctrl + l .

cd ~

If you want to list files in 'etc' without changing directories, just use ls /etc .

ls /etc

Hacking with Kali Linux - Part 1 65

 Now, let's make a directory. Use mkdir test , and you’ll see it listed when you run
ls . You can navigate into it with cd test , and if you want to remove it, use cd .. to

exit the directory, and rmdir test to remove it.

mkdir test
ls
cd test
cd ..
rmdir test

Hacking with Kali Linux - Part 1 66

Hacking with Kali Linux - Part 1 67
 Using full file paths allows you to work from any directory, like creating or
removing folders anywhere on your system.
Next, we'll use ls -la to list all files, including hidden ones (those starting with a
dot). This command provides more details, like file permissions and ownership.

ls -la

To understand these commands better, you can visit explainshell.com. For

example, entering ls -la there will break down the command: ls lists directory
contents, -l is for long listing format, and -a shows all files, including hidden
ones. We’ll dive deeper into these details in upcoming sections.

Hacking with Kali Linux - Part 1 68

 Using man pages
We can use man pages, which are manuals for commands. For example, man ls

shows that ls lists directory contents. Press q to quit.

man ls

Hacking with Kali Linux - Part 1 69

 The a option means "show all files, including those starting with a period," and l

means "use a long listing format." Press q to quit.

Hacking with Kali Linux - Part 1 70

 ls -a

Hidden Files and Folders

If we run ls -la , we can see hidden folders and files, like .cache . Hidden files
might be important, especially for pen-testing, so using ls -la can help you find
them.

ls -la
cd ~

Let's cd back to our home folder. Now, I'll introduce the echo command. For
example, echo 'hi' simply prints "hi" to the screen. We'll cover echo in more detail
later.

The echo command

We're creating a file named test.txt using the echo command and redirection
operator ( > ). You can verify the file's contents with cat test.txt .

echo test > test.txt

cat test.txt

Hacking with Kali Linux - Part 1 71

 After confirming the file's existence with ls , we'll use the cp command to copy
test.txt to the downloads folder. Checking both directories with ls will show the
file in both places.

cp test.txt Downloads
ls Downloads

Hacking with Kali Linux - Part 1 72

 To remove the file from downloads , we use rm .

rm Downloads/test.txt

and to move the file entirely, we use mv , which relocates it without leaving a copy
behind. The key difference is that cp copies while mv moves the file.

mv test.txt Documents/

Hacking with Kali Linux - Part 1 73

 The locate command
Let's explore the locate command. For example, to find test.txt , use locate

test.txt . Initially, it may not return the file if the database isn't updated.

locate test.txt

Hacking with Kali Linux - Part 1 74

 If you can't find a file, run sudo updatedb to update the database. You may get a
permission denied error, so use sudo .

sudo updatedb

Enter your password to update the database. Then, rerun locate test.txt , and
you'll see the correct file path, like /home/kali/downloads/test.txt . Hitting the right
arrow can also auto-complete your previous command.

Autocompleting commands
To navigate previous commands, use the up and down arrows. For example, to
quickly re-run locate test.txt , hit the up arrow on your keyboard and press Enter.
Also, remember that file and folder names are case-sensitive. For instance, cd

downloads won't work if the directory is named Downloads . To navigate correctly, use
the right case. Auto-complete can help—type cd d and press Tab to auto-
complete to Downloads if it exists.

Hacking with Kali Linux - Part 1 75

 The passwd command
Finally, let’s use the passwd command to change our password. A good security
practice is to use a strong password, but for demonstration, I’ll use 'password' so
we can later discuss password cracking.

passwd

Enter your current password (e.g., kali ), then type your new password (e.g.,
'password'). Your password will be updated successfully. That covers all the
commands for this section. See you in the next section.

Users and privileges

Let's discuss users and privileges. In the last section, we used ls -la to view files.
I’m in my home folder ( ~ ), and running ls -la shows detailed information about
files, including ownership and file size. This command provides more than just
hidden files; it offers a broader view of file details and permissions.

ls -la

Hacking with Kali Linux - Part 1 76

 Understanding user permissions
In the first column of the ls -la output, we see indicators of whether an item is a
directory ( d ), a file ( - ), or a link ( l ). Directories are color-coded blue, files are
white, and links are a lighter blue.
The next part shows permissions: rwx represents read, write, and execute
permissions. Missing permissions are indicated by dashes. For example, rwxr-xr--

means the owner has read, write, and execute permissions, while others have
read and execute permissions only.
Permissions are grouped into three sets: for the owner, the group, and others. For
instance, if the owner is kali , the first set of permissions ( rwx ) applies to k ali . In
our home folder, files are typically owned by the user kali .

Understanding groups
Let's discuss group and other user permissions. Group members can read and
execute, but not write to files or directories. All other users can also read and
execute, but cannot write.
For example, in the tmp folder, which has read, write, and execute permissions,
it's a useful location for pen testing. You can drop and execute files here without
worrying about permissions. This folder is often used to upload malware or write
malicious files during attacks.

Hacking with Kali Linux - Part 1 77

 cd /.
ls
ls -la | grep tmp

In pen testing and scripting, having execute permissions is crucial. If you can't
execute a script, you'll need to change its permissions first, especially when
working with downloaded files or scripts in our bash scripting section.

Changing permissions on files

Let's create a text file in the tmp directory and check its permissions. We'll use
to create hello.txt . Running ls -la shows that hello.txt
echo "hello" > hello.txt

has read and write permissions but no execute permissions. This means it can't
be run as a script.

cd tmp
echo "hello" > test.txt
ls -la | grep hello.txt

Hacking with Kali Linux - Part 1 78

 To change permissions, use chmod , which stands for "change mode." You can use
chmod +rwx hello.txt to give read, write, and execute permissions.

chmod +rwx hello.txt

After running this command and checking with ls -la , you'll see the permissions
have changed.
Alternatively, you can use chmod 777 hello.txt , which sets full read, write, and
execute permissions for everyone.

Hacking with Kali Linux - Part 1 79

 This numerical mode 777 is a shorthand for setting all permissions.

Changing permissions on files continued

Let's look at how numeric permissions work with chmod . For example, chmod 777

sets read (4), write (2), and execute (1) permissions for all users, totaling 7. Here's
a quick breakdown:

7 = 4 (read) + 2 (write) + 1 (execute)

0 = no permissions

644 = owner has read/write, others have read only

400 = owner has read only (common for SSH PEM files)

You can refer to a chart or search online for more details on chmod numbers. For
full permissions, use 777 , but for specific files like PEM files, you might use 644 or
400 .

Adding a new user

On your Kali machine, clear the screen with Ctrl + L . To add a user, use sudo
adduser followed by the desired username (e.g., john ). Enter your sudo password,

then set and confirm a password for the new user.

Hacking with Kali Linux - Part 1 80

 I’m using the password kali . You can press enter to skip through any other
information to be entered, as this is not important. Press y when prompted to
finish the user setup.

After setting up the user, switch to John using su john and enter John's password.

su john

Hacking with Kali Linux - Part 1 81

 To view user information, use cat /etc/passwd . This file lists users and their details.
The etc/passwd file doesn't store passwords directly but uses placeholders for
security.

For passwords, check cat /etc/shadow (requires sudo access). If John lacks sudo
privileges, switch back to Kali using su kali and run sudo cat /etc/shadow .

Hacking with Kali Linux - Part 1 82

 The shadow file contains password hashes. It’s best practice to avoid setting a root
password directly. Instead, use user accounts with sudo for elevated privileges.
Note that different hashes for the same password indicate varied hashing
algorithms.

Next, review the sudoers file with sudo cat /etc/sudoers . This file defines who can
execute commands with sudo.

sudo cat /etc/sudoers

Hacking with Kali Linux - Part 1 83

 Look for lines like "Allow members of a group sudo to execute any command" and
%sudo , which grants group members root-level access.

Examining the Sudo Group

To check who is in the sudo group, use the grep command. Grep acts as a filter:

sudo cat /etc/group | grep sudo

This will list users with sudo privileges, such as Kali in this case. To grant sudo
access to John, add him to the sudo group in /etc/group or configure specific
permissions in the sudoers file using the following:

sudo usermod -aG sudo john

Hacking with Kali Linux - Part 1 84

 When examining privileges, use sudo -l to see what commands can be run.
Privileges can be restricted, allowing users like John to run only specific
commands, such as Python, while limiting access to others.

sudo -l

This flexibility helps tailor permissions based on user needs.

That’s it for this section. See you in the next one!

Hacking with Kali Linux - Part 1 85

 Networking commands
For penetration testing, you'll use networking commands like ip . Running ip a (or
ip addr ) shows all network interfaces. You'll see the loopback address, Ethernet
address ( eth0 ), and details such as IPv4 address (e.g., 192.168.138.140 ), subnet
( /24 ), broadcast address, IPv6 address, and MAC address.

ip a

ip addr

Ifconfig
You can also use the ifconfig command to view network information, which
provides similar details as ip a . ifconfig is the older method and might require
sudo or be absent on some systems, while ip is newer and more colorful.

ifconfig

Hacking with Kali Linux - Part 1 86

 ifconfigtypically shows only Ethernet connections, while iwconfig is used for
wireless connections.

The IP and ARP commands

Clear the screen and let's cover the ip n command, which shows the neighbor
table.

ip n

This is similar to the arp -a command. ARP (Address Resolution Protocol) maps IP
addresses to MAC addresses. When querying ARP, a broadcast message asks,

Hacking with Kali Linux - Part 1 87

 "Who has this IP?" The device with that IP responds with its MAC address, linking
the two.

arp -a

You can use either the ip command or the older arp command, with ip being
more modern and user-friendly.
Another useful command is ip r (for route), similar to route . This displays the
routing table, showing how traffic is directed. For example, it shows the gateway
and network mask. Understanding routing is crucial, as you might find routes to
networks outside your current subnet.

ip r

This knowledge is vital during pen tests, where routes might be adjusted to
access otherwise isolated networks. Knowing how to add and remove routes is
essential for effective network navigation and penetration testing.

The ping command

Hacking with Kali Linux - Part 1 88

 The last command to cover is ping . Use it to check connectivity by sending ICMP
packets. For example, ping google.com tests if the gateway responds. On Windows,
ping sends four packets by default, while on Linux, it continues indefinitely until
interrupted with Ctrl + C .

ping google.com

The ping command verifies if a machine is online and responds to ICMP requests.
However, a lack of response might mean ICMP is disabled or the host is
unreachable. For instance, pinging an unused IP address might show "host
unreachable," indicating either the host is not present or ICMP is disabled.
Ping sweeping is useful for network host discovery, which will be covered in more
detail later. Although we didn't cover netstat in this section—used for identifying
open ports and services—it will be discussed later in the course.

Creating, viewing and editing files

Let's cover file operations: viewing, creating, and editing. We've seen basic
commands like echo hello to print to the screen. You can also redirect output to a
file using echo hello > hey.txt , and view it with cat hey.txt .

cd /tmp
echo hello

Hacking with Kali Linux - Part 1 89

 sudo echo "hello" > hello.txt
cat hello.txt

To append to a file, use >> instead of > . For example, echo hello again >> hey.txt

adds to the file without overwriting. This is useful for scripting where you might
gather data (like IP addresses) and need to append multiple entries.

echo "hello again" >> hello.txt

cat hello.txt

To create a new file, use touch newfile.txt .

touch newfile.txt

To edit files, you can use terminal editors like nano (my preferred choice for
simplicity) or vi / vim . For instance, nano newfile.txt allows you to edit and save the
file.
For graphical text editing, mousepad is an option similar to Notepad. You can open
and modify files with mousepad newfile.txt , and save changes with Ctrl+S.

Hacking with Kali Linux - Part 1 90

 mousepad newfile.txt

#make your edits and save the file using CTRL + S

cat newfile.txt

With editors like nano or mousepad , you can create new files. For example, use nano

brandnewfile.txt , type your content, then save with Ctrl+X, Y, and Enter. You can
verify the file with cat brandnewfile.txt .

Using mousepad Instead of gedit

Use mousepad instead of gedit since gedit is deprecated in Kali Linux. While you
can install gedit , we'll stick with mousepad for simplicity.
That's it for this section—see you in the next one!

Starting and Stopping Services

Let's discuss starting and stopping services. In Kali Linux, you might need to start
services like a web server, SSH, or SQL, either manually or automatically at boot.
This is similar to programs that start automatically when Windows loads.
We'll start by looking at the Apache service. First, let's confirm that our web
server isn't running.
Check your IP address with ifconfig , and try accessing it via Firefox. You should
see a "Unable to connect" message, as expected.

Hacking with Kali Linux - Part 1 91

 Now, let's start the Apache service with sudo service apache2 start . After entering
your password, refresh the browser, and you'll see the Apache default page
hosted on port 80.

Open a web browser - type:

http://127.0.0.1:80

Hacking with Kali Linux - Part 1 92

 To stop the service, use sudo service apache2 stop , and you'll notice the connection
is lost again.

sudo service apache2 stop

The files served by Apache are located in the /var/www/html directory. You can host
any file there, including malicious ones if needed.
While Apache is useful, I now prefer Python for quick and easy file hosting. To do
this, create a file with echo hello > hello.txt , then start a web server with python3 -m

http.server 80. This will serve all files in the current directory on port 80. It’s a fast
and efficient way to host a web server without managing services.

cd tmp
echo hello > hello.txt
do python3 -m http.server 80

Hacking with Kali Linux - Part 1 93

 Navigating to localhost:80 in a web browser, the created file can be viewed

Hacking with Kali Linux - Part 1 94

 If you want a service to start automatically at boot, use systemctl . For example, to
enable SSH at startup, run sudo systemctl enable ssh . To disable it, use sudo systemctl

disable ssh . These commands are crucial for managing services and ensuring they
run when needed.

sudo systemctl enable ssh

sudo systemctl disable ssh

Hacking with Kali Linux - Part 1 95

 That's it for this section—see you in the next one!

Installing and Updating Tools

Let's talk about installing and updating tools in Kali Linux. Like any OS, Linux
requires regular updates for optimal performance and security. To update and
upgrade your machine, use the following command:

sudo apt update && sudo apt upgrade

Hacking with Kali Linux - Part 1 96

 The update command checks for the latest packages in your repositories, while
upgrade installs any available updates. It's essential to run both commands to
ensure your system is up-to-date.
Sometimes, you'll need to be the root user to execute certain commands. To
switch to root, use:
sudo su

sudo su

Then, run the update and upgrade commands again. You'll see a list of packages
that need upgrading, and you'll be asked if you want to proceed. Be cautious, as
updating Kali can sometimes break tools. Always back up your system before
making significant changes.
If you need to install specific tools, you can do so with the apt install command.
For instance, to install gobuster and seclists , you would run:
sudo apt install gobuster seclists

Gobuster is a tool used for brute-forcing URIs (directories and files) in web
servers, as well as DNS subdomains, making it valuable in penetration testing.

SecLists is a collection of multiple types of lists used during security

assessments, including wordlists for brute force attacks, directories, and DNS
subdomains.

sudo apt install gobuster seclists

Hacking with Kali Linux - Part 1 97

 By using apt install , these tools will be downloaded and installed if they are
available in your repositories. We're not going into adding or updating repositories
now, but just remember that your system pulls packages from these sources.
Finally, we'll explore the git command next.

Git & GitHub

I'm going to open up Firefox and make it a bit larger. We'll head over to Google, as
we'll often be searching for tools during our ethical hacking careers. For example,
if we want a tool that brute forces Office 365, we might search for something like
"GitHub Office 365 brute force," and you'll find tools like DaftHack. Clicking on
one of these results will often provide you with installation instructions, but
sometimes all you need to do is download the code.

Hacking with Kali Linux - Part 1 98

 Let's go through an example. Search for "Pimp My Kali" on Google. Once you find
it, you'll see that it's available for download. A quick way to gauge the relevancy of
a tool on GitHub is by checking its stars and forks. A tool with around 700 stars is
generally reputable. Additionally, check the last update date; if it was updated
recently, that’s a good sign.

Aquatone & Pimpmykali

DeWalt created the Pimpmykali tool to address issues with freshly installed tools
on Kali Linux, especially in the 2022.2 version. Many tools can break, and this
script helps fix various issues, like downgrading tools or fixing GoLang and
Impacket. You don’t need to worry about the details now, but this tool is invaluable
for setting up your lab machines or even hacking on client machines.

Installing Aquatone
Before diving into Pimpmykali, let's install Aquatone, a tool used for visual
reconnaissance of websites across a large number of hosts. Here's how to get it
up and running:

1. Download the Precompiled Binary:

Hacking with Kali Linux - Part 1 99

 Visit the Aquatone GitHub releases page and download the latest
precompiled binary for your operating system. Since Kali Linux is being
used, select the Linux AMD64 architecture option to download.

2. Move the Binary to /usr/bin :

After downloading, unzip and move the binary to a directory in your

system's PATH. This ensures you can run it from anywhere:

unzip <aquatone_filename>

move <aquatone_filename>

Hacking with Kali Linux - Part 1 100

 sudo mv aquatone /usr/bin/

3. Set Permissions:

Ensure the binary is executable:

sudo chmod +x /usr/bin/aquatone

Aquatone is now installed and ready to use for scanning and visualizing websites.

Installing Pimpmykali

Hacking with Kali Linux - Part 1 101

 1. Switch to the kali User:

If you're not already the kali user, switch by running:

su kali

Hacking with Kali Linux - Part 1 102

 2. Clone the Repository:

I prefer to install tools in the /opt directory, so run:

sudo git clone https://github.com/Dewalt-arch/pimpmykali /opt/pi

3. Navigate to the Directory:

After cloning, navigate to the directory:

cd /opt/pimp-my-kali

4. List the Contents:

List the directory contents to ensure everything is there:

ls

You should see the pimpmykali.sh script.

5. Run the Script:

To run the script, use:

sudo ./pimpmykali.sh

Then follow the prompts of the script. I recommend the N option since this is a
new VM setup.

Hacking with Kali Linux - Part 1 103

 The script provides various options, such as setting up a new VM, which fixes all
the necessary issues. Let it run, as it will fetch packages, run apt update , and
handle installations and removals.

After a few minutes, you'll be asked if you want to enable root login. In Kali 2019.x,
the default user was root, but now it's kali . If you feel comfortable running as
root, select "yes" and set a new root password. If not, sticking with the kali user
is perfectly fine.

If you choose to copy everything from the kali folder to the root folder, that's up
to you. I chose "no," but this step is optional.

Once everything is done, you'll see an "All done, happy hacking" message. If you
chose the root option, you can log out and back in as root; otherwise, continue
using the kali user.

We'll move on to the next lesson in the following section.

Hacking with Kali Linux - Part 1 104

Hacking with Kali Linux - Part 1 105