My employer pays a fortune to a consulting firm to have penetration tests on our web app. I learned that Kali, a Linux distro, provides all the tools to do these tests.
My PC run on Windows 10, and I found that Microsoft App Store includes Kali to run as a Windows Subsystem for Linux (WSL). I downloaded it.
First digression : I don’t have WSL2
Writing this article, I read this Microsoft article on WSL which says there’s a much better version of WSL : WSL2. Let’s check if I have it.
Open a Powershell Terminal as an Administrator and check which version of WSL you have with this command.
PS C:\WINDOWS\system32> wsl --list --verbose
NAME STATE VERSION
* Debian Running 1
kali-linux Stopped 1
I see two Linux distro, the legacy one which I installed a year ago in a running state, and the last one I just downloaded : kali-linux which is stopped. Each one use WSL version 1.
Following Microsoft article, I upgrade to WSL2.
PS C:\WINDOWS\system32> dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart
Then I restart my machine as stated.
I downloaded the installer file (don’t trust me, recheck the URL on the original article) : https://wslstorestorage.blob.core.windows.net/wslblob/wsl_update_x64.msi
Set version 2 as default when installing a new distribution.
PS C:\WINDOWS\system32> wsl --set-default-version 2
But nothing changed on the installed distros
PS C:\WINDOWS\system32> wsl --list --verbose
NAME STATE VERSION
* Debian Stopped 1
kali-linux Stopped 1
After a quick search on how to set version 2 on installed distros
PS C:\WINDOWS\system32> wsl --set-version kali-linux 2
PS C:\WINDOWS\system32> wsl --list --verbose
NAME STATE VERSION
* Debian Stopped 1
kali-linux Stopped 2
That’s it !
Second digression : Install Windows Terminal
Well, in the installation process, Microsoft suggests to install Windows Terminal which seems better that classic console : multiple tabs, custom key bindings, search features, custom themes etc…
So I installed and ran it.
By default, you have a Powershell terminal. Click on the arrow next to the add tab icon and you’ll see the Kali terminal. Cool…
End of digression : Run Kali
So I clicked on the kali-linux item, and here we go, a brand new kali windows terminal :
┏━(Message from Kali developers)
┃
┃ This is a minimal installation of Kali Linux, you likely
┃ want to install supplementary tools. Learn how:
┃ ⇒ https://www.kali.org/docs/troubleshooting/common-minimum-setup/
┃
┗━(Run “touch ~/.hushlogin” to hide this message)
(root💀WIN10PC)-[/mnt/c/Users/PapaC]
But now, how to do penetration testing ?
The Kali editor published a tutorial for beginners like me :
I need to install Penetration Testing tools
apt-get update
apt-get install metasploit-framework
But no more, no tutorial on how to use this metasploit-framework.
Well, there are a lot of tutos out there.
My main purpose here was to install Kali Linux on WSL. Because I digressed, I make a pause and will write an other article will be on the use of Metasploit itself.