Lab 6: Using Kali Linux | Ian Neil’s Security+ Study Materials

Kali Linux Tools

This article is for educational purposes in the area of computer security and must not be used for any illegal activities.
The authors or publishers are not responsible for any misuse.
In this exercise, you will install Kali Linux so that you can carry out activities around the exam objectives related to theHarvester and nmap.

Kali Linux Sources

Microsoft
Microsoft has a version of Kali Linux that you can install using the “Turn Windows Features on or off” tool, then checking the box next to “Windows Subsystem for Linux (WSL)“.
You can then download a version of Kali Linux from the Microsoft store.
Go to the Microsoft Store and enter “Kali” in the search.
You will see it as an app which you can then download.
For the purposes of this exercise, it is recommended that you do not follow this approach.
Instead, you are advised to use the method outlined below.

Kali.Org
If you go to https://www.kali.org/downloads/, you can download iso images for various versions of Kali Linux.
At the bottom of the page, you can download virtual software to host your Kali Linux environment.
Both are recommended and shown below:

An already configured full version of Kali Linux is available from the Offensive Security VM Download Page.
The recommended route to take is to download Kali Linux for VMWare and then install the virtual machine from Offensive Security.
The steps for this are detailed below.

Download a VM Workstation Player

Go to “VMware Workstation Player – My VMware“, then choose “Go To Downloads”, select the Windows version, and download.

It will be saved to the “Downloads” folder and should look like this:

Click on the .exe file and the install should commence.
A logo should appear for a few seconds.
Go to the foot of the page and choose “Run”.
The installation wizard will appear.
Press “Next”, then accept the license agreement.
On the custom setup screen, choose the “enhanced keyboard” option, then select the default settings and click “Install”.
When installation is complete, you will need to reboot your computer.
After the reboot, you should see a VMware workstation shortcut on your desktop.
It will look like this:

Download Kali Linux Virtual Images

Go to https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/ and choose Kali Linux WMware 64-bit (7z) link.
It looks like this:

It will appear in your “Downloads” folder, though it may take 10-15 mins as it is 2.4GB.
It should look like this:

Create a folder on your desktop called “Kali Install”.
Go to the “Downloads” folder, right-click the file, choose “Open With”, and then choose “7-zip File Manager”.
When you open it in the Kali Install folder, it will look like the image below.
If you don’t have 7-zip, you can download it from https://www.7-zip.org/download.html

In the VMware Player menu, choose Open a Virtual Machine.
Select Kali-linux-2021-vmware-amd64.vmwarevm and click Open.
It should appear as follows in the VMware interface:

Click “Play virtual machine“.
A warning will appear; click “OK” to ignore it.
If you get a warning that asks whether you have moved or copied it, select the ‘copied it’ option.
The login screen will appear.
For username, type “kali”, and for password, also type ‘kali”.
The screen should like the following image:

Your Kali Linux desktop should look like this:

Kali Linux tools

You are going to use two Kali Linux tools in this exercise:

theHarvester
NMAP

Opening the Terminal

Double-click the Home icon, choose File, then Open Terminal Here.
It should look like this:

The terminal is where you will launch the tools that you are going to use.
It should look like this:

The open terminal has very small font, so go to “File”, then “Preferences”, and you will see that the font is size 10.
Choose “Bitstream Vera Sana Mono”, and then change it to 20pt.
Click “Apply” and “OK” at the foot of the page.
Your screen should look like the following:

theHarvester

theHarvester is a tool for gathering email addresses from the internet.
It uses the following switches:
-d = Domain that you wish to collect addresses from
-l = Limit. The number after this switch defines the number of email addresses to be produced.
-b = Source. This defines the sources that you will search.
In the example below, you are going to search packtpub.com for the first 10 addresses and use Google as the search engine.
Go to the open terminal, and type theHarvester (it is case sensitive, so ensure the H is in uppercase).
As you are typing it in, it will appear red, but once your command is complete, it will turn to green.
Your output should look like the following:

Insert the command theHarvester -d packtpub.com -l 10 -b Google
Here is the output:

This could be used by an attacker to launch a phishing attack.
Enter the command “exit” to leave the terminal.

NMAP

NMAP can be used to scan the whole network as well as for banner grabbing.
In the following sections, you will complete some tasks that can be performed on a local computer.
You will need your IP address; this can be obtained opening a command prompt and entering ipconfig.

NMAP Installation

To install NMAP, run the command sudo apt-get install nmap.
It will then ask for your admin password.
When you type it in, you will not see anything.

Scanning Top 5 ports.

Scan for the top 5 ports on your computer that have an IP address of 192.168.44.1.
Run the command nmap –top-ports 5 192.168.44.1

An attacker could use a larger number to see what ports are open on a target computer.

Operating System Scanning

To scan an operating system and collect details, you need to use sudo so that the command is run under admin credentials.
Enter the command sudo nmap -O 192.168.44.1 (be sure to type an upper-case O, not zero).
Your output should be similar to the following:

Software Version

This can return more detailed information about a host.
You need to run the command nmap 192.168.44.1 -sV.
Your output should be like the following:

Web Server Software Version

Run the command comptia.org -p 80 -sV.
Your output should be like the following:

If you want more information on Kali Linux, there is a great book by Glen Singh called:
Learn Kali Linux 2019: Perform powerful penetration testing using Kali Linux, Metasploit, Nessus, Nmap, and Wireshark

Check out the book CompTIA Security+: SY0-601 Certification Guide to help you pass on the first attempt.

Cookie	Duration	Description
_GRECAPTCHA	11 months	This cookie is used by Google Recaptcha
cookielawinfo-checkbox-advertisement	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	This cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	11 months	This cookie Records the default button state of the corresponding category along with the status of CCPA.
viewed_cookie_policy	11 months	This cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not the user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	11 months	This cookie is used by Google Analytics
_gat_gtag_UA_284627_22	11 months	This cookie is used by Google Analytics
_gid	11 months	This cookie is used by Google Analytics