1. 背景

        如果你想在一台windows机器上安装kali,用于渗透扫描,那么这篇文章不要错过。方法简单快速。

2. 软件准备

下载virtualbox

Downloads – Oracle VM VirtualBox

下载专门用于virtualbox的kali镜像(从Pre-built Virtual Machines里面选)

Get Kali | Kali Linux

3. virtualbox安装

        双击virtualbox安装包,执行安装依次点击 “下一步”、“是”、“完成”。

        如果你出现缺少VC 2019包的情况,请访问这个博客的链接下载安装

Microsoft Visual C++ 2019 Redistributable Package (x64) is not installed. Latest binary compatible v-CSDN博客

 

         安装成功界面

4. kali安装

        将下载下来的kali安装包解压,双击蓝色文件,可以发现自动导入了virtualbox。

         点击 绿色的“启动(T)”,稍等片刻,进入kali登录界面。输入用户名密码kali/kali。

         登录成功,尝试一个小功能,测试下有没有可以使用

        OK,可以使用了。

        那么我们用于windows桌面和 kali linux环境之间的复制粘贴和文件传输是否方便呢?

        检查 "设备-共享粘贴板" 和 "设备-拖放" 都是双向,说明可以复制粘贴。

        如果再设个共享文件夹就更方便了。

         点击固定分配 ,填写windows目录和kali挂载点目录,选择 自动挂载。

        设置成功。

         往windows共享目录拖几个文件,可以发现kali挂载共享目录也有了相应文件。

5.网络设置

如果你想在kali访问互联网和扫描目标设备,应该怎么办呢?

cmd + ipconfig 检查本机ip

查看本机网络连接

根据上一步查看“网络连接”的结果,在virtualbox配置网络。这里根据WLAN的显示选择。

某次,我虚拟机内外怎么都ping不通。 将网卡1 的启用网络连接 关了,重新在网卡2做了同样设置,修复了这个问题。

配置/etc/network/interfaces,动态分配IP地址

source /etc/network/interfaces.d/*

auto eth0
iface eth0 inet dhcp

配置/etc/resolv.conf, 注意nameserver要和PC机的默认网关ip一致。nameserver可以设置多个(分行),这样你在使用无线和以太网时切换使用时只要修改virtualbox网络连接方式并执行网络重启命令就可以立即生效。

┌──(root㉿kali)-[/home/kali]
└─# cat /etc/resolv.conf                         
nameserver 192.168.43.1

执行

service networking restart

检查kali网络配置

┌──(root㉿kali)-[/home/kali]
└─# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.43.209  netmask 255.255.255.0  broadcast 192.168.43.255
        inet6 fe80::a00:27ff:fe22:464f  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:22:46:4f  txqueuelen 1000  (Ethernet)
        RX packets 7682  bytes 3505522 (3.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 11328  bytes 1428680 (1.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 4  bytes 240 (240.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4  bytes 240 (240.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

使用kali扫描本局域网的设备

┌──(root㉿kali)-[/home/kali]
└─# arp-scan -l
Interface: eth0, type: EN10MB, MAC: 08:00:27:22:46:4f, IPv4: 192.168.43.209
Starting arp-scan 1.9.7 with 256 hosts (https://github.com/royhills/arp-scan)
192.168.43.1    02:72:88:63:34:4c       (Unknown: locally administered)
192.168.43.168  88:d8:2e:f3:fa:11       (Unknown)
192.168.43.86   10:3f:44:50:5b:fd       (Unknown) (DUP: 1)

使用kali访问互联网

6. 软件升级

随着时间的推移,您一定会遇到想将漏洞利用工具更新到最新的想法。

以metasploit为例,之前安装的时候版本是6.2.9,现在我要把它升级到最新。

首先,kali更新包获取:

┌──(root㉿kali)-[/etc/apt]
└─# apt-get update
Get:1 http://kali.download/kali kali-rolling InRelease [41.2 kB]
Get:2 http://kali.download/kali kali-rolling/main amd64 Packages [19.5 MB]
Get:3 http://kali.download/kali kali-rolling/main amd64 Contents (deb) [45.4 MB]                                                                                                                                    
Get:4 http://kali.download/kali kali-rolling/contrib amd64 Packages [116 kB]                                                                                                                                        
Get:5 http://kali.download/kali kali-rolling/contrib amd64 Contents (deb) [172 kB]                                                                                                                                  
Get:6 http://kali.download/kali kali-rolling/non-free amd64 Packages [222 kB]                                                                                                                                       
Get:7 http://kali.download/kali kali-rolling/non-free amd64 Contents (deb) [931 kB]                                                                                                                                 
Fetched 66.4 MB in 24s (2,781 kB/s)                                                                                                                                                                                 
Reading package lists... Done

再次,安装最新的metasploit-framework:

┌──(root㉿kali)-[/etc/apt]
└─# apt-get install metasploit-framework 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
  ruby3.0 ruby3.0-dev ruby3.0-doc
Use 'sudo apt autoremove' to remove them.
The following additional packages will be installed:
  libc-bin libc-dev-bin libc-devtools libc-l10n libc6 libc6-dev libc6-i386 libedit2 libpq5 libruby libruby3.1 locales ruby ruby-dev ruby-ffi ruby-nokogiri ruby-oj ruby-sdbm ruby-sqlite3 ruby-unf-ext ruby-webrick
  ruby-yajl ruby3.1 ruby3.1-dev ruby3.1-doc
Suggested packages:
  glibc-doc libnss-nis libnss-nisplus clamav clamav-daemon ri
The following NEW packages will be installed:
  libruby libruby3.1 ruby-sdbm ruby3.1 ruby3.1-dev ruby3.1-doc
The following packages will be upgraded:
  libc-bin libc-dev-bin libc-devtools libc-l10n libc6 libc6-dev libc6-i386 libedit2 libpq5 locales metasploit-framework ruby ruby-dev ruby-ffi ruby-nokogiri ruby-oj ruby-sqlite3 ruby-unf-ext ruby-webrick
  ruby-yajl
20 upgraded, 6 newly installed, 0 to remove and 1755 not upgraded.
Need to get 180 MB of archives.
After this operation, 62.9 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://kali.download/kali kali-rolling/main amd64 libc-l10n all 2.36-8 [673 kB]
Get:2 http://kali.download/kali kali-rolling/main amd64 libc-devtools amd64 2.36-8 [51.4 kB]
Get:3 http://kali.download/kali kali-rolling/main amd64 libc-dev-bin amd64 2.36-8 [43.8 kB]
Get:4 http://kali.download/kali kali-rolling/main amd64 libc6-dev amd64 2.36-8 [1,897 kB]
Get:5 http://kali.download/kali kali-rolling/main amd64 libc6-i386 amd64 2.36-8 [2,457 kB]                                                                                                                          
Get:6 http://kali.download/kali kali-rolling/main amd64 locales all 2.36-8 [3,900 kB]                                                                                                                               
Get:7 http://kali.download/kali kali-rolling/main amd64 libc6 amd64 2.36-8 [2,747 kB]                                                                                                                               
Get:8 http://kali.download/kali kali-rolling/main amd64 libc-bin amd64 2.36-8 [605 kB]                                                                                                                              
Get:9 http://kali.download/kali kali-rolling/main amd64 libedit2 amd64 3.1-20221030-2 [93.0 kB]                                                                                                                     
Get:10 http://kali.download/kali kali-rolling/main amd64 libpq5 amd64 15.2-1 [185 kB]                                                                                                                               
Get:11 http://kali.download/kali kali-rolling/main amd64 ruby-webrick all 1.8.1-1 [51.4 kB]                                                                                                                         
Get:12 http://http.kali.org/kali kali-rolling/main amd64 ruby-sdbm amd64 1.0.0-5+b1 [15.4 kB]                                                                                                                       
Get:13 http://kali.download/kali kali-rolling/main amd64 libruby3.1 amd64 3.1.2-6 [5,402 kB]                                                                                                                        
Get:14 http://kali.download/kali kali-rolling/main amd64 libruby amd64 1:3.1 [4,972 B]                                                                                                                              
Get:15 http://http.kali.org/kali kali-rolling/main amd64 ruby-ffi amd64 1.15.5+dfsg-1+b1 [92.6 kB]                                                                                                                  
Get:16 http://http.kali.org/kali kali-rolling/main amd64 ruby-yajl amd64 1.4.3-1+b2 [46.8 kB]                                                                                                                       
Get:17 http://http.kali.org/kali kali-rolling/main amd64 ruby-unf-ext amd64 0.0.7.7-1+b4 [91.1 kB]                                                                                                                  
Get:18 http://http.kali.org/kali kali-rolling/main amd64 ruby-sqlite3 amd64 1.4.2-4+b3 [43.2 kB]                                                                                                                    
Get:19 http://kali.download/kali kali-rolling/main amd64 ruby-oj amd64 3.14.1-3 [189 kB]                                                                                                                            
Get:20 http://http.kali.org/kali kali-rolling/main amd64 ruby-nokogiri amd64 1.13.10+dfsg-2+b1 [256 kB]                                                                                                             
Get:21 http://kali.download/kali kali-rolling/main amd64 ruby3.1 amd64 3.1.2-6 [663 kB]                                                                                                                             
Get:22 http://kali.download/kali kali-rolling/main amd64 metasploit-framework amd64 6.3.4-0kali1 [157 MB]                                                                                                           
Get:23 http://kali.download/kali kali-rolling/main amd64 ruby amd64 1:3.1 [5,868 B]                                                                                                                                 
Get:24 http://kali.download/kali kali-rolling/main amd64 ruby3.1-dev amd64 3.1.2-6 [1,001 kB]                                                                                                                       
Get:25 http://kali.download/kali kali-rolling/main amd64 ruby-dev amd64 1:3.1 [5,116 B]                                                                                                                             
Get:26 http://kali.download/kali kali-rolling/main amd64 ruby3.1-doc all 3.1.2-6 [2,449 kB]                                                                                                                         
Fetched 180 MB in 1min 3s (2,872 kB/s)                                                                                                                                                                              
Preconfiguring packages ...
(Reading database ... 338365 files and directories currently installed.)

......

Generation complete.
Setting up ruby3.1-doc (3.1.2-6) ...
Setting up ruby-webrick (1.8.1-1) ...
Setting up libc6-i386 (2.36-8) ...
Setting up libc-dev-bin (2.36-8) ...
Setting up libc-devtools (2.36-8) ...
Setting up libc6-dev:amd64 (2.36-8) ...
Setting up libruby3.1:amd64 (3.1.2-6) ...
Setting up libruby:amd64 (1:3.1) ...
Setting up ruby-oj:amd64 (3.14.1-3) ...
Setting up ruby-sqlite3 (1.4.2-4+b3) ...
Setting up ruby3.1 (3.1.2-6) ...
Setting up ruby3.1-dev:amd64 (3.1.2-6) ...
Setting up ruby-ffi:amd64 (1.15.5+dfsg-1+b1) ...
Setting up ruby-sdbm:amd64 (1.0.0-5+b1) ...
Setting up ruby-dev:amd64 (1:3.1) ...
Setting up ruby (1:3.1) ...
Setting up ruby-yajl (1.4.3-1+b2) ...
Setting up ruby-nokogiri (1.13.10+dfsg-2+b1) ...
Setting up ruby-unf-ext (0.0.7.7-1+b4) ...
Setting up metasploit-framework (6.3.4-0kali1) ...
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for kali-menu (2022.3.1) ...
Processing triggers for libc-bin (2.36-8) ...

现在验证下版本号,变成了6.3.4,这是此刻的最新版本。

┌──(root㉿kali)-[/etc/apt]
└─# msfconsole
                                                  
                                   ___          ____
                               ,-""   `.      < HONK >
                             ,'  _   e )`-._ /  ----                                                                                                                                                                 
                            /  ,' `-._<.===-'                                                                                                                                                                        
                           /  /                                                                                                                                                                                      
                          /  ;                                                                                                                                                                                       
              _          /   ;                                                                                                                                                                                       
 (`._    _.-"" ""--..__,'    |                                                                                                                                                                                       
 <_  `-""                     \                                                                                                                                                                                      
  <`-                          :                                                                                                                                                                                     
   (__   <__.                  ;                                                                                                                                                                                     
     `-.   '-.__.      _.'    /                                                                                                                                                                                      
        \      `-.__,-'    _,'                                                                                                                                                                                       
         `._    ,    /__,-'                                                                                                                                                                                          
            ""._\__,'< <____                                                                                                                                                                                         
                 | |  `----.`.                                                                                                                                                                                       
                 | |        \ `.                                                                                                                                                                                     
                 ; |___      \-``                                                                                                                                                                                    
                 \   --<                                                                                                                                                                                             
                  `.`.<                                                                                                                                                                                              
                    `-'                                                                                                                                                                                              
                                                                                                                                                                                                                     
                                                                                                                                                                                                                     

       =[ metasploit v6.3.4-dev                           ]
+ -- --=[ 2294 exploits - 1201 auxiliary - 409 post       ]
+ -- --=[ 968 payloads - 45 encoders - 11 nops            ]
+ -- --=[ 9 evasion                                       ]

Metasploit tip: Use the analyze command to suggest 
runnable modules for hosts
Metasploit Documentation: https://docs.metasploit.com/

msf6 > 

7. 最后

        这大概是我能找到的最简单的方法了。

        之前,包括我在内的很多人都是先下载kali普通镜像,然后再虚拟机里先分配内存再做很繁杂的配置,经常出错,令人头疼。现在用这种与虚拟机直接匹配的kali镜像,直接导入,非常方便。

Logo

华为开发者空间,是为全球开发者打造的专属开发空间,汇聚了华为优质开发资源及工具,致力于让每一位开发者拥有一台云主机,基于华为根生态开发、创新。

更多推荐