Shulou(Shulou.com)06/01 Report--

You have no idea how good you are!

In 1998, I was also a self-motivated and enterprising *, and co-founded the earliest professional white hat team. At that time, we were actually a group of kids, and our dream job was to be hired to break into some of the safest computer systems, networks and tall buildings on the planet.

That sounds very attractive! But in fact, we equip ourselves with the tools we exchange and spend most of our time on keyboards. We used a relatively low-level collection of programs collected to map the network and locate targets, and then start scanning, exploiting vulnerabilities and using them as a springboard. In some cases, one of us (usually Jim Chapple) would write homemade tools to do "pranks", such as scanning a Class A network (at the time, other tools could not do this), but most of the time we would use tools written by the * community, or slightly modified before using them. In those days before Google, we often visited BugTraq,AstaLaVista,Packet Storm,w00w00,SecurityFocus,X-Force and other resources to search and build our tools.

As time is limited, we must move quickly. But that means we can't spend a lot of time fiddling with tools. In other words, we must learn the core tools and keep them available at all times, just in case. In addition, we must organize the tools, document them, and test them. Because when it comes to real work, there are no surprises. After all, if we can't break it, we'll lose our customers, and they won't take our advice seriously.

For these reasons, I spend a lot of time categorizing various tools. When a tool is released or updated, I make a routine update. I must point out that I don't know whether the tool can run on the platform or whether it is valuable, but I must update any scripts that depend on it, document and test them, including any updates to previous versions.

Then, during the evaluation process, I will categorize all the tools and put them in their respective directories according to their use. I also write packaging scripts for some tools, associate some tools together, and put them all on one CD, so that when users don't let us carry the machine or take the media out of their lab, we can bring the CD into these sensitive areas.

The process is painful, but necessary. We know that if we use our skills and expertise properly and work in an organized and efficient manner, we will be able to break into any network. While staying invincible is an incentive, it provides services to customers who need us to access their networks, so they can close loopholes and invest money in critical but neglected information security programs.

It took us many years to improve our skills and expertise, but without organization and efficiency, we would not have succeeded. If we can't find the right tool immediately when we need it, we will fail.

That's why I spent so much time researching, documenting, testing, and sorting tools, and at the turn of the 21st century, these jobs quickly became overwhelming full-time jobs. Thanks to the Internet, the variety and number of tools have grown exponentially, but maintaining them has also become a burden.

Since 2004, the explosive development of the Internet has made it not only a business foundation, but also a social platform. The computer has become something that everyone can afford and is easy to use, it can be said to be everywhere. Storage technology has evolved from M bytes to G bytes. Ethernet has grown from hundreds of kilogrammes per second to tens of megabits per second, and connections to the Internet are faster and cheaper than ever before. E-commerce is on the rise, social media sites such as Facebook (2004) and Twitter (2006) are online, and Google (1998) has made it possible for anyone, including criminals, to find anything online.

Research has become an important thing for the team because we have to keep pace with the new * and toolsets. We have to face more computational crimes, and forensics requires us to be careful, because otherwise, we may ruin the potential evidence. The concept of Live CD means that we can conduct on-site forensics on the damage calculation without damaging the evidence.

Now, our small team must manage the distribution of tools, forensics, and tools in sensitive areas; we must also keep up with all the latest * and exploit methods; you know, what we actually do is * testing, which is our highest requirement. Things got a little out of control, and before long, less time was spent on sex, and more time was spent on researching and enhancing our tools and planning.

But we are not alone in this battle. In 2004, Mati Aharoni (Muts) and security professionals released "WhoppiX" (White Hat Knoppix), a Live Linux CD he called "Ultimate Test Live CD". This CD includes all the vulnerabilities from SecurityFocus,Packet Storm, k-otik and Metasploit Framework 2.2 and more.

I remember downloading WHoppiX and thought it was a great thing. I also downloaded other Live CD, which I thought could save my life if I was strapped for money. But I don't want to rely on WHoppiX and other CD to do the work. I don't believe that any of them will meet most of my needs; these CD are not appropriate for my workflow; they are not complete and cannot be installed, and the point is that they are out of date when I download them. In this industry, the outdated toolset is the Kiss of death.

I simply added these CD images to our "weapons" library, although they are relatively large, and the painful process of maintaining the "real" toolkit continues.

But regardless of my personal opinion at the time, and perhaps regardless of Muts's expectations, WHoppiX and its derivatives had a significant impact on his life, our industry, and our community.

In 2005, WHoppiX was based on SLAX (Slackware) Live CD and evolved into WHAX after extending and updating the toolset. Muts and a growing number of volunteer teams from the community seem to realize that no matter how insightful they are, they can never foresee the growth and ups and downs of the industry and the needs of the users who use their CD. Obviously, Muts and his team actually use WHAX in this area, and they seem to be committed to making it work properly, which gives me courage.

In 2006, Muts,Max Moser and their team unified the audit security Linux (Auditor Security Linux) and WHAX into a single Linux distribution called BackTrack. Like WhoppiX, BackTrack is still based on SLAX, but adds more tools, more frameworks, extended language support, more wireless support, and meets the menu structure of beginners and professional users and a deeply modified kernel. BackTrack has become a leading secure Linux distribution, but many users like me still use it only as a backup of a "real tool."

In early 2009, Muts and his team updated BackTrack to BackTrack 4. At this point, for Muts, maintaining BackTrack is his full-time job, and BackTrack is no longer a Live CD, but a mature distribution based on Ubuntu, which in turn enriches Ubuntu's software repository. This change marks an important evolution: BackTrack 4 has an update mechanism. In Muts's own words: "when synchronizing BackTrack software repositories, you can regularly update security tools after they are released."

This is a turning point. The BackTrack team can coordinate the work they have done with written examiners, forensic analysts and other staff in the industry. Because the efforts of these people will save us a lot of time and provide a solid foundation for us to get back into battle and spend more time doing more important (interesting) work. As a result, the community was responded to by a large number of forums and wikis, and the development team contributed. BackTrack is the result of a real community led by Muts.

BackTrack 4 finally became an industry-class platform, and I and others like me breathed a sigh of relief. We can clearly feel the "pain and pain" endured by Muts and his team because we have been there before. As a result, some of us began to use BackTrack as the main basis for our work. Of course, we still play with tools, write our own code, and discover our own vulnerabilities and technologies; we still do research and experiments, but we no longer take the time to collect, update, validate, and organize these tools.

BackTrack 4 R1 and R2 were further revised in 2010, inspired by each release, and rebuilt BackTrack 5 in 2011, which is still based on Ubuntu. BackTrack is now a huge project that requires the efforts of heroic volunteers and the community, as well as funding. Muts launched Offensive Security (in 2006), which not only provides world-class training and testing services, but also provides tools for rolling BackTrack to ensure that BackTrack is still open source and free to use.

Until 2012, BackTrack continued to grow and improve (R2 and R3), maintaining the Ubuntu core, adding hundreds of new tools, including physical and hardware utilization work, support for VMware, numerous wireless and hardware drivers, and numerous stability improvements and BUG fixes. However, after the R3 release, the development of BackTrack is a bit mysterious and quiet.

There is some speculation in the industry. Some people think that BackTrack was bought out and sold their "soul" to an anonymous evil company in order to pay a lot of expenses. Offensive Security is growing into one of the most respected training companies and a thought leader in the industry. There is also some speculation, such as successfully annexing and crowding out key BackTrack developers, and so on. However, nothing can be further away from the truth.

In 2013, Kali Linux 1.0 was released. "after a year of quiet research and development, Offensive Security proudly announced that Kali Linux has been released, subject to a publicly available license, and is currently the most advanced, robust and stable test release," the release note said. it is a more mature, secure and enterprise version than BackTrack,Kali. "

Kali Linux is not a simple renaming of BackTrack. With more than 600 completely repackaged tools, it's obviously an amazing toolkit, but there's something more important than that: Kali is rebuilt based on the Debian core. For those who don't know, it doesn't seem like a big deal. But its knock-on effect is shocking. Thanks to a large number of repackaged software, Kali users can download its source code for each tool, and they can modify and ReFactor tools that only apply to them with a few key features. Unlike other mainstream operating systems today, Kali Linux synchronizes with Debian libraries four times a day, which means that Kali users can get software updates and security fixes in a timely manner. Kali developers are also involved, packaging and repairing many upstream tools, so users can save a lot of trouble. Since the root of Kali is that users of Debian,Kali can boot an installation or ISO file directly from the software repository, the software repository is completely open to Kali installation or large enterprise deployment, and can be further automated and customized with previous files. To accomplish this customization, Kali users can modify the desktop environment, modify menus, change icons, or even replace the window environment. A large number of ARM developers have opened the door to Kali Linux installation, allowing Kali Linux to be installed on a wide range of hardware platforms, including access points, single-edition machines (such as raspberry pie, ODROID,BeagleBone,CubieBoard), and ARM-based Chromebook computers. Finally, Kali LInux supports seamless minor and major upgrades, which means that enthusiasts do not need to reinstall custom Kali Linux.

The community noted that 90000 downloads were made in the first five days of Kali Linux's release.

This is just the beginning, with the release of Kali 2.0 in 2015. Subsequently, a rolling release began in 2016. In summary, "if the focus of Kali 1.0 is on building a solid foundation, then the focus of Kali 2.0 is on thoroughly improving the user experience and maintaining updated software packages and toollibraries."

The current version of Kali Linux is a rolling version that marks the end of a discontiguous version. Now, users are constantly updating and receiving updates and patches as they create the tool. Thanks to the upstream version marking system, major improvements in ease of use for the visually impaired and Linux kernel updates and patches to support wireless 802.11 injection, Kali Linux core tools are updated more frequently. Software defined Wireless (SDR) and near Field Communication (NFC) tools provide support for new areas of security testing. Thanks to LVM and LUKS, full Linux encrypted disk installation and emergency self-destruct options are available, and USB persistence options have been added to allow USB-based Kali installations to save changes after reboot and to choose whether USB drives are encrypted or not. Finally, the latest version of Kali opens the door to NetHunter, an open source operating system based on Kali Linux and Android that can run on mobile devices.

Kali Linux has evolved into not only an optional platform for information security experts, but also a truly industrial, world-class, mature, secure and enterprise version of the operating system.

Over a long period of time, Muts and his team, together with countless tireless devotees from the community, have taken on a lot of work, including organizing our work environment, freeing us of many drudgery and providing a safe and reliable foundation for us to focus on moving the industry forward to achieve the ultimate goal of securing our digital world.

Interestingly but not surprisingly, a huge community has been formed around Kali Linux. Every month, Kali Linux has 300, 000 or 400, 000 downloads. We gathered on the Kali forum and there were as many as 40, 000 people, while on the Kali IRC channel, there were as many as three or four hundred people online. We gathered together through meetings and attended Kali Dojos to learn how to make good use of Kali from the developers themselves.

Kali Linux has made the world of information security a better place, and Muts and his team have saved us all, saving us countless hours of hard work and possible setbacks, so that we can have more time and energy to move the industry forward.

But despite the amazing acceptance, support and popularity of Kali, an official manual has never been released. Now, the good news is: it's a thing of the past! I am excited to be next to the Kali development team, especially Mati Aharoni,Raphal Hertzog, Devon Kearns and Jim O'Gorman, which can be said to be the first time to offer a series of official publications on Kali Linux. In this book, we will focus on the Kali Linux platform itself and help you understand and maximize your use of it from the bottom. We won't explore the toolset included in Kali Linux, but whether you're an experienced veteran or a newcomer, this book is the best place to start if you're going to take Kali Linux deeply and seriously. No matter how long you have been in the industry, the decision to read this book will allow you to grow up with the Kali Linux community, which is the oldest, largest and most dynamic community in the industry.

On behalf of Muts and his team, congratulations on your first step in mastering Kali Linux!

Johnny Long

February 2017

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.