Big news for Kali Linux users, now you can run Kali Linux in Microsoft Azure cloud and that’s on super fast SSD! It seems Microsoft Azure Marketplace is adding more and more Linux distro including FreeBSD images in their repo. Just to make things better, you can technically run it freely for 1 month if you are willing to cough up your credit card details. Yeah, I know what you are thinking, but this is probably for the White Hats… I’ve added those details at the end of this post.
Kali Linux and Offensive Security team has been working on building and implementing Kali 2016.2 in the Azure Marketplace for some time and it seems they have finally done it. Also, as much we say those nasty things about Microsoft, it seems they are more than willing to accommodate Linux users requirements than some other Operating systems. Case in point: Bash shell integration with Windows 10.
Either way, you can now spin up a Kali machine from the Azure Marketplace and it takes a few seconds for it to be deployed and you can have a full penetration testing toolset at your fingertips for no additional cost (other than the standard Azure pricing). In fact as I said, if you are a new Azure customer, you can create a free account (or integrate your Hotmail/live account) with it and receive $200 credit.
I however recommend reading through Azure Testing Request for T&C before you do something they might not like!
@KaliLinux team announced it via Twitter and their website today. Microsoft Azure also updated their website with this announcement.
Kali in the Azure marketplace, weekly ISO builds and more – https://t.co/jJyVdCFJuk
— Kali Linux (@kalilinux) September 13, 2016
Microsoft Azure actually added some nice description and details regarding Kali Linux.
Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali contains several hundred tools aimed at various information security tasks, such as Penetration Testing, Forensics and Reverse Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company.
Azure Kali doesn’t allow you to login as root straightaway, so you need to create a standard user (which got sudo access), deploy the VM and then set root password. SSH service runs on standard port 22 but you can use SSH Public Key instead.
- Kali Linux 2016.2-x64 xfce
- Credentials: User generated and root password is not set.
- Services: SSH
- Ports: 22
Microsoft Azure added some basic configuration details (I believe these info were provided by @KaliLinux team). Two things that are important, creating new ssh keys (to avoid the system generated ones) and setting PasswordAuthentication to NO in sshd_config.
- SSH into your deployed machine with the user account you created during setup.
- Set a root password: sudo passwd root
- Create SSH keys: ssh-keygen -t rsa
- Set PasswordAuthentication to no in the SSH configuration: /etc/ssh/sshd_config
- Restart the SSH Server: systemctl restart ssh
Azure and Kali Linux legal terms
When you finally click on the Create button you will be agreeing to the following ToS/T&C:
By clicking the Create button, I acknowledge that I am getting this software from Kali Linux and that the legal terms of Kali Linux apply to it. Microsoft does not provide rights for third-party software. Also see the privacy statement from Kali Linux.
Depending on what you plan to use Kali for in the cloud, I would say, review these carefully if you are going to invest on cloud penetration environment.
Free Azure Trial
Microsoft Azure offers a one-month free trial for any new customer and provide credits of $200 of Azure at no charge.
When you sign up, you will receive $200 Azure credits. The choice is now yours on how you use your Azure credits. Use them on any Azure service based on your needs including, Virtual Machines, Websites, Cloud Services, Mobile Services, Storage, SQL Database, Content Delivery Network, HDInsight, Media Services, and many more.
Azure requires a credit card or debit card to authenticate you when you sign up, so this might not be viable option for everyone, but like I said, Azure’s Kali is for White Hats, but either way; I am sure it will open up a whole new business opportunity for pentesters as now you can spin up thousands of Kali installation in few seconds to do some serious pentesting. What’s more? I think as this is an Azure offering, you can simply call Microsoft and ask for support:
“Hello, I can’t hack into my own server, can you help?”
Won’t that be fun!