Kali Linux on Windows 10

tedjamestedjames Scruffy-looking nerfherdrMember Posts: 1,106 ■■■■■■■■□□
https://www.microsoft.com/en-us/store/p/kali-linux/9pkr34tncv07?rtc=1#

Has anybody installed this yet? What are your opinions? Essentially, it's a barebones shell and you have to install the tools after the fact. It means not having to use a virtual machine. Is it ready for prime time?

Comments

  • yoba222yoba222 Senior Member Member Posts: 1,087 ■■■■■■■■□□
    Not sure how to feel about this. I don't have convenient access to Windows 10 and won't any time soon, so I haven't installed it.

    : Dons tin-foil hat :

    On one hand, maybe this is a win for society in general from the perspective of catching script kiddies up to no good. Said script kiddies a install gimped down version of Kali in Windows 10, an OS that has key stroke logging baked in (Microsoft rewords the EULA and privacy policy to describe this "feature" more vaguely these days, but the wording is still there).

    But then again, I don't think whatever agency that can take advantage of this feature will do so yet for something so trivial. The data sniffing features are probably not there to catch criminals and are there instead to make money off of datamining.
    Good luck to Microsoft in figuring out how to actually do that in a competent manner--they can't even figure out how to sell a phone correctly. Hanlon's razor and all.


    On the other hand, this is a bit of a lose for Linux and for open source in general. Microsoft remains as an unconvicted monopolist at-large. This can't be a good idea from that perspective.

    But then again, Microsoft didn't write this, Offensive Security (the creators of Kali Linux) did.

    : Doffs tin foil hat :
    2017: GCIH | LFCS
    2018: CySA+ | PenTest+ |CCNA CyberOps
    2019: VHL 20 boxes
    2020: OSCP 2020
  • tedjamestedjames Scruffy-looking nerfherdr Member Posts: 1,106 ■■■■■■■■□□
    Yeah, I'm a little concerned because it's Microsoft. Then again, as you say, Offensive Security created it. Who knows if anything transpired between the two companies? Probably not. It's ok to be a little paranoid. Good point about data mining. I doubt it, but I wouldn't be surprised. Maybe I'll install Windows 10 on a VM and then install Kali Linux inside that Windows 10 VM...

    Re: script kiddies, what's to stop them from just installing a free VM and Kali? It's not that hard. There's plenty of free instruction on YouTube.
  • NetworkNewbNetworkNewb Member Posts: 3,291 ■■■■■■■■■□
    I'll probably give this a try this week. Thanks for the share!
  • thedudeabidesthedudeabides Member Posts: 89 ■■■□□□□□□□
    Interesting. I currently have a Kali VM in VMWare Workstation on Windows 10, which works fine for me. But I might have to give this a try anyways.
    2019 Goals: CCNP R&S
  • Mike7Mike7 Member Posts: 1,072 ■■■■□□□□□□
    It works; to a certain extent.

    Do remember to add anti-virus exclusion when installing packages.
    There is no systemd; so you will have to start programs such as postgresql manually before running say metasploit.
    Most of the command line utilities work. You can install xrdp server and RDP in to get a UI; there is a guide on Kali web site.
    However, there is no raw socket support so tools such as nmap and hping3 does not work as expected.
  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+, Linux+, AWS SAA, CCSK Member Posts: 460 ■■■■■■□□□□
    It doesn't have any business replacing an actual install or VM for me.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+, Linux+, AWS SA-A, CCSK
    2020 goals: AWS Security Specialty, AWAE or SLAE, CISSP-ISSAP?
  • NetworkNewbNetworkNewb Member Posts: 3,291 ■■■■■■■■■□
    Obviously not "needed" but looks interesting to try out to see how well it works imo. My curiosity will give in and give it a go.
  • mrkdiskmrkdisk Member Posts: 18 ■■■□□□□□□□
    Tried it and didn't like it. It kept setting out my anti-virus program. So I went back to VM.
  • PC509PC509 CISSP, CEH, CCNA: Security/CyberOps, Sec+, CHFI, A+, Proj+, Server+, MCITP Win7, Vista, MCP Server 2 Oregon, USMember Posts: 788 ■■■■■■□□□□
    I have a dedicated laptop for it, but I'm installing it on my Win10 machine for shits and giggles. Just to play with. Might as well know all the toys and their limitations just in case I run across it in the future and am forced to use it...

    Or, maybe someone has it installed on a vulnerable machine and it's another way to exploit their network. If they have the tools available to me from within their own network, it makes things a lot easier.

    But, from an end user perspective, I'll use it just to play around with it.
  • NetworkNewbNetworkNewb Member Posts: 3,291 ■■■■■■■■■□
    mrkdisk wrote: »
    Tried it and didn't like it. It kept setting out my anti-virus program. So I went back to VM.

    Yea their article mentions that will happen: https://www.kali.org/news/kali-linux-in-the-windows-app-store/

    "[FONT=&quot]Note:[/FONT][FONT=&quot] Some Kali tools are identified by antivirus software as malware. One way to deal with this situation is to allow antivirus exceptions on the directory in which the Kali chroot resides in. "[/FONT]
  • tedjamestedjames Scruffy-looking nerfherdr Member Posts: 1,106 ■■■■■■■■□□
    Thanks for the info. It appears that the normal, tried and true methods are still best.
  • beadsbeads Senior Member Member Posts: 1,467 ■■■■■■■■□□
    Say wha? A MS version of Kali? What pray tell is the point of a penetration distro with NO TOOLS installed? I am sure this is reassuring to the rest of the community of people who wear tin foil hats and think that they have the world in there hands because they have "sekretly" downloaded a copy of Kali. Use your secret decoder ring to decipher the message between the quotes.

    Yeah and the FBI now has to make more room in cabinet to store your file. Its getting thicker, just ask them. Nothing but trouble for these people.

    A neutered version of Kali - nice. Go for it.

    - b/eads
  • NetworkNewbNetworkNewb Member Posts: 3,291 ■■■■■■■■■□
    beads wrote: »
    What pray tell is the point of a penetration distro with NO TOOLS installed?

    All the penetration tools are all still located right in the Kali software repository. Where they are not all located in the other Linux distributions repositories. Takes one line to pick and choose which ones you'd like installed.
  • shochanshochan Member Posts: 903 ■■■■■■□□□□
    Have you tried Parrot OS?

    www.parrotsec.org



    "It's not good when it's done, it's done when it's good" ~ Danny Carey
Sign In or Register to comment.