Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save KalenWessel/0b7f4af922d09951920a4bb604e441fe to your computer and use it in GitHub Desktop.
Save KalenWessel/0b7f4af922d09951920a4bb604e441fe to your computer and use it in GitHub Desktop.

Kali Linux on GCP

Important: As of June 10th, 2021 this document outlines the steps to getting a Kali Linux VM running on GCP. It may be obsolete by tomorrow. You've been warned.

Prereqs:

You will need the following tools installed on your machine. I will assume you already have a GCP account.

Prepping Kali Linux

Open the OVA file with VirtualBox and bootup the Kali VM. Default login credentials are:

user: kali
password: kali

Next open a terminal window and start dishing out commands:

First things first, change the kali default password

passwd

Remove hostname file so that GCP can assign its own on bootup

sudo rm /etc/hostname

Install libjson-c3 as its required by the google compute packages

wget http://ftp.us.debian.org/debian/pool/main/j/json-c/libjson-c3_0.12.1+ds-2+deb10u1_amd64.deb
sudo dpkg -i libjson-c3_0.12.1+ds-2+deb10u1_amd64.deb

Add the Google packages

curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -

DIST=buster
sudo tee /etc/apt/sources.list.d/google-cloud.list << EOM
deb http://packages.cloud.google.com/apt google-compute-engine-${DIST}-stable main
deb http://packages.cloud.google.com/apt google-cloud-packages-archive-keyring-${DIST} main
EOM

Update packages

sudo apt update
sudo apt upgrade
sudo apt dist-upgrade
sudo apt autoremove 

Install Google Tools

sudo apt install -y google-cloud-packages-archive-keyring
sudo apt install -y google-compute-engine gce-disk-expand

sudo systemctl enable google-disk-expand
sudo systemctl enable google-startup-scripts.service
sudo systemctl enable google-shutdown-scripts.service

Disable Password authentication for SSH and enable PubKey

sudo sed -i 's/#PasswordAuthentication yes/PasswordAuthentication No/' /etc/ssh/sshd_config
sudo sed -i 's/#PubKeyAuthentication yes/PubKeyAuthentication yes/' /etc/ssh/sshd_config

Enable SSH and ensure it starts on bootup

sudo systemctl start ssh
sudo update-rc.d ssh enable 2 3 4 5

Verify SSH is running

systemctl status ssh

Update GRUB Details about this change can be found here: https://cloud.google.com/compute/docs/images/import-existing-image

sudo sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT=.*$/GRUB_CMDLINE_LINUX_DEFAULT=\"\"/' /etc/default/grub
sudo sed -i 's/GRUB_CMDLINE_LINUX=.*$/GRUB_CMDLINE_LINUX=\"console=tty0 console=ttyS0,38400n8d\"/' /etc/default/grub
sudo update-grub

At this point you can add any extra tools, scripts you want on the image.

Lastly shutdown the VM

sudo shutdown now

Create Image

Now we are ready to create an image that GCP can use. Right click on the Virtualbox Kali Linux VM and select "Export to OCI..." Use the following settings when performing the export:

Format:  Open Virtualization Format 1.0
File:  \<select a folder path>\kali-linux.ova
MAC Address Policy:  Strip all network adapter MAC address

Click "Continue" to review the summary and then click "Export" Wait for the process to export to finish (this can take a while).

Uploading Image to GCP

You will need a Google Storage Bucket to host the image. Create a bucket:

gsutil mb gs://<unique bucket name here>/

Upload the image to your bucket. Ensure that your default CloudBuilder service account has storage.bucket.get access so that it can retrieve the image during build time.

gsutil cp kali-linux.ova gs://<unique bucket name here>/kali-linux.ova

Create your GCP Instance

The first time you run this you will be asked to grant IAM permissions to the CloudBuild user. Depending on how your project is setup you may need to provide a few more flags around network and subnetwork values. This will take around 30-40minutes to complete.

gcloud compute instances import kali-linux-instance \
    --os=debian-9 \
    --source-uri=gs://<unique bucket name here>/kali-linux.ova \
    --custom-cpu=2 \
    --custom-memory=4096MB \
    --no-address \
    --project <GCP PROJECT NAME HERE>

Once finished you should now have a running Kali instance. Using the GCP UI edit your VM and add a public key to the metadata. You can now use your private key to SSH into the instance.

Cheers

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment