Kali Linux 2023.4 Release (Cloud ARM64, Vagrant Hyper-V & Raspberry Pi 5)

0
46


With 2023 coming to an end and before the holiday season starts, we thought today would be a good time to release Kali 2023.4. Whilst this release may not have the most end-user features in it again, there are a number of new platform offerings and there has still been a lot of changes going on behind-the-scenes for us, which has a positive knock-on effect resulting in a benefit for everyone.
News, platforms, and features aside, it would not be a Kali release if there was not a number of changes to our packages – both new tools and upgrades to existing ones.
If you want to see what is new for yourself download a new image or upgrade if you already have a Kali Linux installation.The summary of the changelog since the 2023.3 release from August is:Cloud ARM64 MarketplacesStarting from Kali 2023.4, we will now be offering both Kali Linux AMD64 and ARM64 on Amazon AWS and Microsoft Azure marketplaces.The advantage that ARM64 brings to the table is more options and flexibility in instance offerings, which leads to improved price-to-performance ratio.
The draw back is, even though Kali Linux has always treated ARM a first class citizen, not every package has an ARM64 offering – most do and we are working on improving this every day!
Try setting up a lab in the cloud and performing your own benchmarks to compare performances.Amazon AWS:Microsoft Azure:If you need some help using Kali Linux in the cloud, be sure to check our documentation.
Otherwise, if you want to see how we generate these images, see our cloud build-scripts.Vagrant Hyper-V SupportWith our recent work with adding support to our VM build-scripts to create Microsoft Hyper-V virtual machines, we have kept on going down the rabbit hole of development. Our Vagrant offering now includes a Hyper-V environment!If you are not too familiar with Vagrant, think of it as a command-line interface for VMware, VirtualBox, and now Hyper-V.At a higher level, in the same way that Docker uses Dockerfile, Vagrant uses Vagrantfile.
These files go on to define how to create the virtual machine and further provisions, such as which operating system to use, CPU, RAM, storage, networking, and also any scripts or commands that the VM should execute to further install and configure.That means our our Vagrant offering has support for:Hyper-VQEMUVirtualBoxVMwareIf this is something you like the sound of, we have further reading on our documentation:We also have our vagrant build-scripts public if you want to see how it is done.Raspberry Pi 5If you have been lucky enough to get your hands on the newest Raspberry Pi, Kali Linux can now be used on a Raspberry Pi 5!We have created a new dedicated image which can either be downloaded direct, or automated using Raspberry Pi Imager.You can build the image yourself if you wish to tinker and customize any aspect of it, such as changing the default desktop environment, packages, settings etc.Please note, Nexmon support is not yet working with the in-built Wi-Fi (so no monitor mode or frame injection without an external card).You can keep an eye on progress by checking our documentation about it. Please keep in mind that while the image is now available for use, we would consider it to be in a BETA state. For the time being, the image is for ARM64 architecture, hopefully additional flavors will come later.We want to give a huge shout-out as there were a lot of volunteers from the community who were willing to test and report issues with the image.
There was one person who really stood out, and this image would not be possible without BakaValen’s assistance, support, reporting of issues, and ideas.Additionally, David Bombal’s Raspberry Pi 5 Kali Linux install in 10 minutes came out to show off our initial work of Kali Linux on the Raspberry Pi 5.GNOME 45With GNOME 45 hot off the press, Kali Linux is now supporting it! And is looking pretty in the process!For people who opt to use GNOME as their desktop environment, GNOME 45 is now here! If you do not read their changelog, below is a quick summary mixed with some of our tweaks:Full-height sidebars in many updated appsHighly improved speed of search in nautilus file managerUnfortunately the update for nautilus was not ready for this release, but it will arrive as a later update soonImproved settings app (gnome-control-center)Updated color-schemes for gnome-text-editorUpdated themes for shell, libadwaita, gtk-3 and gtk-4Updated gnome-shell extensionsShell updates, including a new workspace indicator, replacing the previous “Activities” buttonIt is also possible to scroll your mouse wheel while hovering over the indicator to switch between workspacesInternal InfrastructureWe are still undergoing big changes with our infrastructure, and as always, it is taking longer than planned! The wait has been worth it, and long standing items are getting fixed or replaced!Enters MirrorbitsOne of the projects which is now complete is the migration of our “mirror redirector”. This is our biggest user-facing service, as without this, all default Kali installations would not be able to use apt (aka http.kali.org), or being able to download Kali image (cdimage.kali.org). This service sits in-front of our mirrors (archive*.kali.org), community mirrors and Cloudflare (kali.download). It is responsible for redirecting every request to its nearest mirror, based on a few factors such as geographic location, mirror speed, and mirror “freshness”.Since Kali was launched back in March 2013, until November 2023 we had been using MirrorBrain. Unfortunately, the project has been unmaintained since 2015, and so after 10 years in production, it was really time to say good-bye. Today, we are now using Mirrorbits.The first thing we can say is that, with Mirrorbits, we find ourselves lucky: this is a rock-solid piece of software, built on modern tech (Go and Redis), initially released 10 years ago, and running in production for just as long. It was initially developed by Ludovic Fauvet from VideoLAN in order to distribute the VLC media player. And over these years, it has been adopted by a growing number of FOSS projects such as GNOME, Jenkins, Lineage OS, and many others.As it happens, our use-case of Mirrorbits is different to what it was originally created for: distributing VLC, or in other words, a rather small set of static files. Kali Linux being a complete Linux distribution, it means that we distribute a huge number of files (at times there can be millions of files in our repo). Being a rolling distribution means that Mirrorbits must cope with fast-changing metadata in the repository. We also need to distribute Kali over both HTTP and HTTPS, which was not well supported.Thus, the transition to Mirrorbits was not trivial, it did not work “out-of-the-box” for us, and we had to rework some pieces here and there, and basically hammer at it until it does the job. But it was well worth it, and in the end our modifications were clean enough that we could submit it all upstream. We really hope that all of this work will be accepted, thus making it easier for Linux distributions in general to use Mirrorbits going forward. Oh, and we have created and are maintaining the Debian package!Much more could be written on the topic, and we plan a longer blog post dedicated to it. But for now, enough’s been said.It would not be a Kali release if there were not any new tools added! A quick run down of what has been added (to the network repositories):cabby – TAXII client implementationcti-taxii-client – TAXII 2 client libraryenum4linux-ng – Next generation version of enum4linux with additional features (a Windows/Samba enumeration tool)exiflooter – Finds geolocation on all image URLs and directoriesh8mail – Email OSINT & Password breach hunting toolHavoc – Modern and malleable post-exploitation command and control frameworkOpenTAXII – TAXII server implementationPassDetective – Scans shell command history to detect mistakenly written passwords, API keys, and secretsPortspoof – All 65535 TCP ports are always open & emulates servicesRaven – Lightweight HTTP file upload serviceReconSpider – Most Advanced Open Source Intelligence (OSINT) Frameworkrling – RLI Next Gen (Rling), a faster multi-threaded, feature rich alternative to rliSigma-Cli – List and convert Sigma rules into query languagessn0int – Semi-automatic OSINT framework and package managerSPIRE – SPIFFE Runtime Environment is a toolchain of APIs for establishing trust between software systemsThere have also been numerous packages updates and new libraries as well. We also bump the Kali kernel to 6.5.0!There have been multiple tools submitted from the community, ready to be merged into Kali:For more information about this, please see our blog post from previous release.MiscellaneousBelow are a few other things which have been updated in Kali, which we are calling out which do not have as much detail on:Kali NetHunter UpdatesWe have seen a few things from the community worth calling out:Kali ARM UpdatesThere are not a lot of changes to the ARM images this release, aside from the previously mentioned Raspberry Pi 5 support. However, they are no less important.The Raspberry Pi Zero W image now properly starts up into the command line interface instead of launching X.Accessing network configuration remotely now properly works again.eyewitness is now available for ARM64 platform.Kali Website UpdatesWe have recently created a Frequently Asked Questions with answers that we commonly keep seeing crop up.Our Kali documentation has had various updates to existing pages as well as new pages:We also want to say a little thank you to following for their work on the sites:These are people from the public who have helped Kali and the team for the last release. And we want to praise them for their work (we like to give credit where due!):AI Program – Helped testing base imagesBakaValen – Helped with testing, troubleshooting and offering ideas with the Raspberry Pi 5 imageDavid Bombal – Helped with testing the Raspberry Pi 5 imageSalty_ – Helped with testing base imagesX0RW3LL – Helped with testing base imagesAnyone can help out, anyone can get involved!New Kali MirrorsWe have some new mirrors! Those are:If you have the disk space and bandwidth, we always welcome new mirrors.Kali Team Discord ChatOnce the Kali release is over, we have been doing an hour long voice chat with a number of Kali team members. This is where anyone can ask questions to us about Kali or the information security industry as a whole.The next session will be held slightly differently to our previous ones, later in the day, on the Friday that is coming up, and on OffSec’s Discord – Friday, 8th December 2023 18:00 -> 19:00 UTC/+0 GMT (Discord link & iCalendar invite).Please note, there will not be a recording of this – its live only.Get Kali Linux 2023.4Fresh Images:
So what are you waiting for? Go and grab Kali already!Seasoned Kali Linux users are already aware of this, but for the ones who are not, we do also have weekly builds that you can use as well. If you cannot wait for our next release next quarter to get the latest packages or bug fixes you can download these images instead.
Just know that these are automated builds that we do not QA like we do our standard point release images. We also welcome any bug reports about those images too!!Existing Installs:
If you already have an existing Kali Linux installation, remember you can always do a quick update:┌──(kali㉿kali)-[~]
└─$ echo “deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware” | sudo tee /etc/apt/sources.list
[…]

┌──(kali㉿kali)-[~]
└─$ sudo apt update && sudo apt -y full-upgrade
[…]

┌──(kali㉿kali)-[~]
└─$ cp -vrbi /etc/skel/. ~/
[…]

┌──(kali㉿kali)-[~]
└─$ [ -f /var/run/reboot-required ] && sudo reboot -f
You should now be on Kali Linux 2023.4!
We can do a quick check by doing:┌──(kali㉿kali)-[~]
└─$ grep VERSION /etc/os-release
VERSION=”2023.4″
VERSION_ID=”2023.4″
VERSION_CODENAME=”kali-rolling”

┌──(kali㉿kali)-[~]
└─$ uname -v
#1 SMP PREEMPT_DYNAMIC Debian 6.5.6-1kali1 (2023-10-09)

┌──(kali㉿kali)-[~]
└─$ uname -r
6.5.0-kali3-amd64
NOTE: The output of uname -r may be different depending on the system architecture.As always, should you discover any issues with Kali, please search then submit a report on our bug tracker. We will never be able to fix what we do not know is broken! And social networks are not bug trackers!Want to keep up-to-date? Easy!
We have a RSS feeds and newsletter of our blog to help you. Our social networks are in the footer of this page!

LEAVE A REPLY

Please enter your comment!
Please enter your name here