Previous Step
Building Kali in the Shell
The point of this exercise is to use a pre-built Kali Linux VM from Offensive Security and demonstrate to you how you can:
- Download a packaged VM using the command line
- Extract a
.QCOW2
virtual disk file - Create a VM on the command line
- Import and attach the
.QCOW2
disk to the VM - Set the disk as the primary boot method
Go to https://www.kali.org/get-kali/#kali-virtual-machines. Under QEMU, right-click the download icon:
Choose copy link address. Right-click on your Proxmox node and choose shell.
Run some commands to create a Kali VM and import the disk file and use OffSec’s prebuilt Kali VM images in Proxmox
# This is a comment. You do not need to type this in your shell.
# Install the unar package -- a universal archive decompression tool
apt clean && apt update
apt install -y unar
# Initialize a variable to hold the URL copied in step 1
# Ensure the URL you're copying points to the .7z file
url="https://cdimage.kali.org/kali-2022.4/kali-linux-2022.4-qemu-amd64.7z"
# Get the filename from the URL for use later in the process
filename=$(echo $url | rev | awk -v FS='/' '{print $1}' | rev)
# Change to the /tmp directory
cd /tmp
# Make a directory for easy cleanup and move into it
mkdir kali-download && cd kali-download
# Download the VM image (may take a while)
wget $url
# Extract the contents of the .7z file
# This is a big file, be patient
unar $filename
# Initialize a variable containing the name of the QCOW2 disk file
qcow2file=$(find $PWD -name '*.qcow2')
# Create a VM placeholder for Kali.
qm create 106 --memory 8192 --balloon 4096 --cores 2 --name Kali --description 'Kali Linux from prebuilt images' --net0 model=virtio,bridge=vmbr1 --ostype l26 --autostart 1 --startup order=10,up=30,down=30
# Attach the disk .QCOW2 disk to the Kali VM. Wait for command to finish
# local-lvm is the default VM disk storage in my setup, yours may be different
qm importdisk 106 $qcow2file local-lvm --format qcow2
# Attach the disk
qm set 106 --scsi0 local-lvm:vm-106-disk-0
# Set the disk as the primary boot
qm set 106 --boot=order=scsi0
# Clean up
cd /tmp
rm -rf ./kali-download
You should now be able to log into the Proxmox web console and start the VM.
Kali's Booted — Now What?
You'll quickly find that the default NoVNC
console for viewing your VM's desktop is fine in a pinch, but is not the greatest user experience.
NoVNC
is to install a Remote Desktop server application on your VM and connect to it with a client application.Here is a list of the things I typically do once I provision a new Kali guest.
Of the items in the link above, I view these of the most importance:
- Change the default user account
- Install a remote desktop service
Install Remote Desktop Solutions
SPICE Protocol
Enable the SPICE Display Driver on Kali
Running SPICE on Windows VMs requires some additional drivers, consult the documentation linked above.
Install the SPICE Client
Linux Clients
- Use your operating system's package manager to install
virt-viewer
- For example:
sudo apt install -y virt-viewer
virt-viewer
will be the default file handler for the.vv
files served by Proxmox
Windows Clients
- Navigate to: https://virt-manager.org/download
- Current release: https://releases.pagure.org/virt-viewer/virt-viewer-x64-11.0-1.0.msi (64-bit)
- This will install
virt-viewer
on Windows virt-viewer
will be the default file handler for the.vv
files served by Proxmox
NoMachine (NX Protocol)
Make sure you add the proper host and/or network firewall rules and routes to allow the traffic to flow from your computer to your Kali VM. See: https://benheater.com/proxmox-lab-pfsense-firewall/#optional-configuring-static-routes
Install NoMachine Service
I like to use the NoMachine server on my Linux (and Windows) guests, as it will run on a huge variety of operating systems. It works very well with clipboard support, drive mapping, dynamic screen resizing, and much more.
Install the NoMachine Enterprise Client
I'll be using the NoMachine Enterprise Client for Windows installer. Download the correct package for your operating system and complete the installation.
Making Some Tweaks to NoMachine
I keep a list of some of the configuration changes to my NoMachine environment here. You don't have to follow these recommendations, but they may improve your quality of life with NoMachine