Kali Linux on VMware Workstation
Install Kali Linux 2022 with GVM (OpenVAS), Metasploit and Nessus on VMWare Workstation Player
Published on
This guide installs Kali Linux 2022 as a VMware virtual machine and makes the basic configurations needed to run GVM (previously named OpenVAS), Metasploit and Nessus.
Note: there is a more complex but most probably better guide in Virtualized Kali Linux
Download Kali Image
Download Kali prebuilt virtual machine for VMware in the directory where you keep yor virtual machines and extract the image:
# make sure you have p7zip installed
sudo apt install -y p7zip-full
# extract the 7z archive
7z x kali-linux-2022.3-vmware-amd64.7z
# delete the downloaded and compressed image
rm -rf kali-linux-2022.3-vmware-amd64.7z
Start VMware Player, click on Open a Virtual Machine and select the .vmx file from the Kali’s virtual machine directory.
Verify the settings and change them if needed before booting the virtual machine.
These are the changes I’ve made:
- set the memory to 4GB
- set the network to
Bridged - remove the CD/DVD
The images are build with kali:kali default credentials.
Update
Update your new installation with:
# perform the standard upgrade procedure
sudo apt-get update && sudo apt-get -y upgrade
# remove PostgreSQL version 14 (obsoleted according to what a message in the previous step told)
sudo systemctl stop postgresql@14-main.service
sudo systemctl disable postgresql@14-main.service
sudo apt purge -y postgresql-14 postgresql-client-14
# distribution upgrade
sudo apt-get update && sudo apt-get -y dist-upgrade
# cleanup
sudo apt-get -y autoremove
sudo apt-get -y autoclean
Make sure postgresql is running on port 5432, check the file /etc/postgresql/15/main/postgresql.conf and change the port if it is not 5432.
Metapackages
kali-linux-everything may be too much, there is a complete list of Kali Linux Metapackages but I have used only some of those :
kali-tools-vulnerability: Vulnerability assessments toolskali-tools-web: Designed doing web applications attackskali-tools-database: Based around any database attackskali-tools-wireless: All tools based around Wireless protocols – 802.11, Bluetooth, RFID & SDRkali-tools-exploitation: Commonly used for doing exploitationkali-tools-sniffing-spoofing: Any tools meant for sniffing & spoofingkali-tools-post-exploitation: Techniques for post exploitation stage
To install them use:
sudo apt install -y kali-tools-vulnerability \
kali-tools-web kali-tools-database kali-tools-wireless \
kali-tools-exploitation kali-tools-sniffing-spoofing \
kali-tools-post-exploitation
Services
Some services are required by multiple tools. I have enabled these to start when the virtual machine boots:
sudo systemctl enable redis-server.service
sudo systemctl enable postgresql.service
Start them manually now and check their status, it should be Active (running):
sudo systemctl start redis-server
sudo systemctl start postgresql
sudo systemctl status redis-server
sudo systemctl status postgresql@15-main.service
Restart
Before configuring and installing other tools I have restarted the system.
Greenbone Vulnerability Manager (previously named OpenVAS)
It is installed by the kali-tools-vulnerability metapackage or with:
sudo apt install -y --install-recommends gvm
Run the setup using the sudo gvm-setup command.
After a very long time the automatically generated password will be displayed. If you forget it or you want to change it, use:
# use a proper password if the machine is accessible from the network !
sudo runuser -u _gvm -- gvmd --user=admin --new-password=admin
Install nsis with sudo apt install -y nsis
Check the installation with sudo gvm-check-setup and solve all problems.
Most of the time gvm-check-setup will tell you what to do.
To solve the warning: Your password policy is empty I have only uncommented the line !/^.{8,}$/ in /etc/gvm/pwpolicy.conf because this particular virtual machine is not a public accessible / production one anyway.
When there are no errors and warnings connect to the web interface of GVM.
Note: GVM worked OK after a system restart. gvm-stop and gvm-start were not enough.
Metasploit
In the Metasploit Basics post I have a quick start documentation for Metasploit, From the first start to a reverse shell on a vulnerable host.
You can also check Metasploit Unleashed and the official documentation for information on using the Metasploit Framework.
For a target to practice Metasploit Usage framework use Metasploitable 2 from SourceForge. The default login and password is msfadmin:msfadmin and here is a Metasploitable 2 Exploitability Guide on the Rapid7 website.
Before running Metasploit Framework’s tools the database should be created and initialized:
sudo msfdb init
Launch msfconsole and verify database connectivity with db_status then exit the console.
$ msfconsole -q
msf6 > db_status
[*] Connected to msf. Connection type: postgresql.
msf6 > exit
Install Nessus in Kali VM
Check Nessus 10.4.x User Guide for usage.
… using a script
For Nessus 10.4.1 you can use this script to download, check and install it:
#!/bin/bash
curl --request GET \
--url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-10.4.1-debian9_amd64.deb' \
--output 'Nessus-10.4.1-debian9_amd64.deb'
echo "0a3ce53067e9fbed2140c1b28aad83bde8e2b95f510903128666e3c649b59550 *Nessus-10.4.1-debian9_amd64.deb" \
> Nessus-CHECKSUM
sha256sum -c Nessus-CHECKSUM || exit 1
sudo apt install -y ./Nessus-10.4.1-debian9_amd64.deb
rm -rf Nessus-10.4.1-debian9_amd64.deb
rm -rf Nessus-CHECKSUM
… or the manual way
Go to Tenable Nessus Download page, select the last version and Linux - Debian - amd64 platform and click the Download button.
Verify the checksum then install it with:
sudo apt install -y ./Nessus-10.4.1-debian9_amd64.deb
rm -rf Nessus-10.4.1-debian9_amd64.deb
Configure Nessus
Start Nessus Scanner with sudo systemctl start nessusd.service then go to https://localhost:8834/ or to https://kali:8834/ to configure it.
Configuration steps for Nessus Essentials:
- On the
Welcome to Nessusscreen, selectNessus Essentials - On the
Get an activation codescreen, type your name and email address then clickEmail - Check your email for your free activation code
- On the
Register Nessusscreen, type your Activation Code - On the
Create a user accountscreen create a Nessus administrator user account that you will use to log in to Nessus