DEV Community

Cover image for Kali Linux on iPad
aakhtar3
aakhtar3

Posted on

Kali Linux on iPad

This guide will go over how to run a virtual instance of Kali Linux on your iPad using a two iPad applications and provisioning a server on Digital Ocean

Cost

SSH VNC Kali
Port 22 5900 22
Site Blink JumpDesktop Digital Ocean
Cost $19.99 $14.99 -
Cost Per Month - - $15.00

Blink SSH Key

# Use blink to create a SSH key
ssh-keygen -t rsa -b 4096 -C โ€œyour@email.comโ€

# Copy public key
cat ~/.ssh/id_rsa.pub | pbcopy

# Copy private key
cat ~/.ssh/id_rsa | pbcopy
Enter fullscreen mode Exit fullscreen mode

Digital Ocean Server

Choose Debian 9 for the OS

OS

Choose Basic plan $15.00/mo so that you can properly install the OS without errors

Basic Plan

Choose Datacenter

Data Center

Add SSH key from the previous blink step

Alt Text

Get IPv4 address

Alt Text

Mosh

mosh is like ssh, but allows intermittent connections

Host

config

Click on Hosts

Hosts

Enter the hostname values and use the SSH key that you created in the previous steps

hostname

Install

# Log into your host with ssh2
ssh2 kali

# Update and install mosh
apt-get update -y & apt-get install -y mosh

# Log out of your host
exit

# Log into your host with mosh going forward
mosh kali
Enter fullscreen mode Exit fullscreen mode

Kali

Setup Source

# Update source.lists by adding kali reference
echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list

# Update
apt-get update -y
Enter fullscreen mode Exit fullscreen mode

You will get this error if you do not have permission

W: GPG error: http://kali.mirror.garr.it/mirrors/kali kali-rolling InRelease: The following signatures couldn't be verified because the public key is not available:
  NO_PUBKEY ED444FF07D80BF6
E: The repository 'http://kali.mirror.garr.it/mirrors/kali kali-rolling InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Enter fullscreen mode Exit fullscreen mode
# Fix Error
apt-get -y --allow-unauthenticated install kali-archive-keyring

# Re-run update
apt-get update -y

# Search for Kali installation
apt-cache search kali-linux
Enter fullscreen mode Exit fullscreen mode

Distros

Install

# Install everything, which will be larger than 25GB
apt-get -y install kali-linux-everything
Enter fullscreen mode Exit fullscreen mode

You will be prompted a few questions during the installation

Select Language

Language

Install Samba

Samba

Enable Packet Capture

Wireshark

Enable Mac Changer

Macchanger

Kismet is a resource hog, but can be turned off with
systemctl stop kismet

Kismet

Add user

Kismet common

Standalone

Standalone

Restart services after installation

Restart

Restart services

Cron

Use sshd config
Sshd

Validate

Cleanup
# Finalize/cleanup Linux Kernel
apt-get -y update
apt-get -y upgrade
apt-get -y dist-upgrade
apt-get -y autoremove

# Restart
shutdown now -rf
Enter fullscreen mode Exit fullscreen mode
Check Kernel
uname -r
Enter fullscreen mode Exit fullscreen mode

uname

VNC

Enable SSH Port Local Forwarding

  • VNC is very insecure because the traffic is sent over an insecure connection
    • Unencrypted connection that can be sniffed
  • SSH Port Local Forwarding creates an encrypted session over port 22
# Enable TCP forwarding
nano /etc/ssh/sshd_config

############ START OF FILE ############
AllowTcpForwarding yes
############ END OF FILE ############

# Restart SSH
systemctl restart sshd

# Check status
systemctl status sshd
Enter fullscreen mode Exit fullscreen mode

Install

  • This startup script will enable a VNC server that listens on localhost for SSH Port Local Forwarding
  • The password will be used to login through VNC
# Install tight vnc server
apt-get install -y tightvncserver

# Create start up script
nano /etc/init.d/tightvncserver

############ START OF FILE ############
#!/bin/sh

USER=root
HOME=/root
export USER HOME

case "$1" in
 start)
   echo "Starting VNC Server"
   /usr/bin/vncserver :1 -geometry 1280x1024 -depth 16 -localhost -nolisten tcp
   ;;

 stop)
   echo "Stopping VNC Server"
   /usr/bin/vncserver -kill :1
   ;;

 *)
   echo "Usage: /etc/init.d/vncboot {start|stop}"
   exit 1
   ;;
esac

exit 0
############ END OF FILE ############

# Update the permission
chmod +x /etc/init.d/tightvncserver

# Update defaults
update-rc.d tightvncserver defaults

# Configure password
tightvncserver

# Restart
shutdown now -rf
Enter fullscreen mode Exit fullscreen mode

Validate

# Verify that VNC is listening on localhost or 127.0.0.1 and port 5901
netstat -tupln | grep vnc
Enter fullscreen mode Exit fullscreen mode

netstat

JumpDesktop

Set the hostname as localhost or 127.0.0.1 and the port as 5901

new

Edit

edit

Add SSH Tunneling

ssh

Add sever by adding the IPv4 address from Digital Ocean

Server

You will need to either copy and paste or load iTunes and store the key in the jump desktop app

Import from Itunes

Add the private key
private key

Update the icon and title
Update

Enable SSH

Enable shh

Enter VNC password that you created in the previous step

Password

Interact with GUI

GUI

Top comments (0)