reading-notes

Dedicated to my thoughts while learning cybersec

View the Project on GitHub jakeoverall/reading-notes

Kali Linux and Metasploit

10/5/2020

What is Kali Linux?

kali-logo

Kali Linux is a special distro that has been designed specifically to for Penetration Testing, Ethical Hacking and Network Security Assessments. The Distro is maintained by Offensive Security and has over 600 programs built in to help perform assessments. The distro and tools follow the Linux ecosystem and belief of open source free to use software. The Linux core team takes special care to ensure the integrity of the distro despite its open source nature. The code is always available on gitlab/kalilinux for anyone to see at anytime. Kali also has the coolest logo of any linux distro 🐲

What is Metasploit?

metasploit-logo

Metasploit is a collection of tools specifically targeting penetration testing. More than simply being a collection of assorted tools Metasploit is a framework that these tools can be built upon and all work in conjunction with each other. This framework provides a huge benefit to the developer and pentester community because it helps to normalize and standardize how tools should be written. This adheres to the fundamentals of application development focusing on the single responsibility principle using abstraction and encapsulation.

What is Meterpreter?

Shell

Meterpreter is a Metasploit attack payload that provides an interactive shell. Once a shell has been established an attacker gains next to free reign of a system allowing them to explore the machine and execute code. Apart from the extreme danger of an open shell Meterpreter uses a pure in-memory setup that once torn down leaves no trace of its execution. This makes backtracking incredibly difficult.

root != sudo

In kali make sure you have root access. Sometimes sudo is not enough :smile:

The default user is not a root user

kali
kali

by default root does not have a password set so you cannot login with the account.

To fix this login as kali then use terminal to set yourself as root and change the password for the root user.

$ sudo -i
# passwrd root
# yournewpassword

then logout and log back in as the root user. :wink: