Getting a Kali Linux instance up and running has become so convenient, one doesn’t need a computer!
Introduction
Unrestricted File upload challenges in CTFs are very common these days. A file containing executable code is uploaded to achieve remote code execution (RCE). If a reverse shell is uploaded, how does one handle the callback?
If your attacking machine is in the same network as the challenge server, it would be very straightforward: configure the reverse shell to callback the attack box's IP. But what if you're accessing the challenge server via the internet? Configuring your reverse shell to callback your private IP won't work.
The easiest solution is to deploy a virtual machine in the cloud, since it has a public IP. But what if we could take it a step further?
Mobile hacking
I don't mean hacking mobile devices, but hacking with a mobile device. How is that even possible? By exploiting cloud providers and some SSH.
1. Choose a cloud provider
I recommend Microsoft Azure. It provides a ready to deploy Kali Linux instance and free $100 credit if you are eligible for Azure for Students. I'll be using that $100.
2. Configure a new virtual machine
Select “Virtual machines”. Create a new virtual machine and call it whatever you want. I’ll put “kali”. For the image, select “Browse all public and private images” and search for “Kali Linux”.
Decide on the size of this machine. Size simply means performance specs. Larger sizes (better specs) cost more. I chose “Standard_B1ls” which is the cheapest. You can change to a larger size if you feel it’s too slow.
Now configure the Administrator account. I’ll choose password based authentication for the sake of this demonstration.
Tap next till you reach “Review + Create”. The virtual machine will be created once validation has passed. A short while later, you should receive this notification. Tap “Go to resource”.
3. Get connected
Note down the public IP address. Let’s connect to it via SSH. I’m using an Android device so I’ll use JuiceSSH app. For Apple devices there’s Termius.
Select “Quick Connect” and enter your username and your public IP in the following format: username@your.public.ip.address. Then enter your password when prompted.
Enjoy your new instance :)
Conclusion
In retrospect, there are many benefits to launching a virtual machine in the cloud other than a public IP. Running virtual machines is a very resource intensive task. Enough RAM is crucial and so is a fast CPU. Not to mention, storage becomes an issue as virtual machines grow in size. Good hardware costs money. On top of that, there are configuration issues, stability issues… I could go on. But that's for another post.
Top comments (0)