Kali Linux 2018 E-Book

Kali Linux 2018: Windows Penetration Testing Second Edition

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin BorichaAcquisition Editor:Rahul NairContent Development Editor:Ronn KurienTechnical Editor:Aditya KhadyeCopy Editor:Safis EditingProject Coordinator:Jagdish PrabhuProofreader: Safis EditingIndexer: Tejal Daruwale SoniGraphics:Tom ScariaProduction Coordinator: Arvindkumar Gupta

First published: June 2016 Second edition: October 2018

Production reference: 1231018

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78899-746-1

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

Packt.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks. 

Contributors

About the authors

Wolf Halton is an Authority on Computer and Internet Security, a best selling author on Computer Security, and the CEO of Atlanta Cloud Technology. He specializes in—business continuity, security engineering, open source consulting, marketing automation, virtualization and data center restructuring, network architecture, and Linux administration. Wolf has been a security engineer since 1999 and has been training security engineers since 2005.

Bo Weaver is an old school ponytailed geek. His first involvement with networks was in 1972 while in the US Navy working on a R&D project called ARPA NET. Here he also learned the power of UNIX and how to out smart the operating system. Bo has been working with and using Linux daily since the 1990's and a promoter of Open Source. (Yes, Bo runs on Linux.) Bo has also worked in physical security fields as a private investigator and in executive protection. Bo now works as the senior penetration tester and security researcher for CompliancePoint a Atlanta based security consulting company.

Bo is Cherokee and works with native youths to help keep native traditions alive and strong.

About the reviewer

Paolo Stagno (aka VoidSec) has worked as a consultant for a wide range of clients across top tier international banks, major tech companies, and various Fortune 1000 industries. At ZeroDayLab, he was responsible for discovering and exploiting new unknown vulnerabilities in web applications, network infrastructure components, new protocols and technologies. He is now a freelance security researcher and a penetration tester focused on offensive security. In his own research, he discovered various vulnerabilities in software of multiple vendors and tech giant such as eBay, Facebook, Google, Oracle, PayPal and many others. He is an active speaker in various security conferences around the globe such as Hacktivity, SEC-T, HackInBo, TOHack, and Droidcon.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Kali Linux 2018: Windows Penetration Testing Second Edition

Packt Upsell

Why subscribe?

Packt.com

Contributors

About the authors

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Reviews

Disclaimer

Choosing Your Distro

Desktop environments

Desktop environment versus Window Manager

Enlightenment (E17)

E17 Window Manager issues

Gnome desktop

Gnome 3 desktop issues

KDE desktop

KDE issues

LXDE desktop

LXDE issues

MATE desktop

MATE issues

Xfce desktop

Xfce issues

Choosing your look and feel

Configuring Kali to be your Daily Driver

User account setup

Summary

Sharpening the Saw

Technical requirements

Installing Kali Linux to an encrypted USB drive

Prerequisites for installation

Booting up

Configuring the installation

Setting up the drive

Booting your new installation of Kali

Running Kali from the Live DVD

Installing and configuring applications

Gedit – the Gnome Text Editor

Geany – the platform-agnostic code IDE

Terminator – the Terminal emulator for multi-tasking

Etherape – the graphical protocol-analysis tool

Setting up and configuring OpenVAS

Reporting tests

KeepNote – stand-alone document organizer

Dradis – web-based document organizer

Running services on Kali Linux

Summary

Information Gathering and Vulnerability Assessments

Technical requirements

Footprinting the network

Nmap

Zenmap

The difference verbosity makes

Scanning a network range

An annotated list of Nmap command options

Using OpenVAS

Using Maltego

Using KeepNote

Summary

Further reading

Sniffing and Spoofing

Technical requirements

Sniffing and spoofing network traffic

Sniffing network traffic

tcpdump

WinDump (Windows tcpdump)

Wireshark

The packet

Working with Wireshark

Spoofing network traffic

Ettercap

Ettercap on the command line

Summary

Further reading

Password Attacks

Password attack planning

Cracking the NTLM code (revisited)

Password lists

Cleaning a password list

My friend, Johnny

John the Ripper (command line)

xHydra

Summary

Further reading

NetBIOS Name Service and LLMNR - Obsolete but Still Deadly

Technical requirements

NetBIOS name service and NTLM

Sniffing and capturing traffic

Using Ettercap data

NetBIOS scanning using NBTscan

Responder - so many hashes, so little time

Using Responder with Metasploit

NetBIOS response BadTunnel brute force spoofing

EvilGrade

Ettercap setup

The attack

Summary

Further reading

Gaining Access

Pwnage

Technical requirements

Exploiting Windows systems with Metasploit

Using advanced Footprinting

Interpreting the scan and building on the result

Exploiting a 32-bit system

Accessing Systems With Xfreerdp

Summary

Further reading

Windows Privilege Escalation and Maintaining Access

Technical requirements

Windows privilege escalation

Escalating your privileges

MSFvenom

MS16-032 Secondary Logon Handle Privilege Escalation

Windows Escalate Service Permissions Local Privilege Escalation

Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability)

Maintaining access

Remote Access Tools

Metasploit's persistence_exe module

Windows registry-only persistence

Summary

Maintaining Access on Server or Desktop

Maintaining access or ET Phone Home

Covering our tracks

Maintaining access with Ncat

Setting up a NetCat Client

Phoning home with Metasploit

Running a port scanner inside Metasploit

The Drop Box

Cracking the Network Access Controller (NAC)

Creating a spear-phishing attack with the Social Engineering Toolkit

Using the Spear-Phishing Attack Vectors menu

Choose a subject, or write a new email message

Using Backdoor Factory to evade antivirus

Summary

Further reading

Reverse Engineering and Stress Testing

Technical requirements

Setting up a test environment

Creating your victim machine(s)

Testing your testing environment

Reverse Engineering theory

One general theory of Reverse Engineering

Working with Boolean logic

Reviewing a while loop structure

Reviewing the for loop structure

Understanding the decision points

Practicing Reverse Engineering

Using debuggers

Using the Valgrind debugger

Using the EDB-Debugger

EDB-Debugger symbol mapper

Running OllyDbg

Introduction to disassemblers

Running JAD

Creating your own disassembling code with Capstone

Some miscellaneous Reverse Engineering tools

Running Radare2

The additional members of the Radare2 tool suite

Running rasm2

Running rahash2

Running radiff2

Running rafind2

Running rax2

Stress testing Windows

Dealing with Denial

Putting the network under Siege

Configuring your Siege engine

Summary

Further reading

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

Microsoft Windows is one of the two most common OS and managing its security has spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Kali is built on the Debian distribution of Linux and shares the legendary stability of that OS. This lets you focus on using the network penetration, password cracking, forensics tools and not the OS.

This book has the most advanced tools and techniques to reproduce the methods used by sophisticated hackers to make you an expert in Kali Linux penetration testing. You will start by learning about the various desktop environments that now come with Kali. The book covers network sniffers and analysis tools to uncover the Windows protocols in use on the network. You will see several tools to improve your average in password acquisition from hash-cracking, online attacks, offline attacks, and rainbow tables to social engineering. It also demonstrates several use cases for Kali Linux tools like Social Engineering toolkit, Metasploit and so on to exploit Windows vulnerabilities.

Finally, you will learn how to gain full system level access to your compromised system and then maintain that access. By the end of this book, you will be able to quickly pen test your system and network using easy to follow instructions and support images.

Who this book is for

If you are a working ethical hacker who is looking to expand the offensive skillset with a thorough understanding of Kali Linux, then this is the book for you. Prior knowledge about Linux operating systems, Bash terminal, and Windows command line would be highly beneficial.

What this book covers

Chapter 1, Choosing Your Distro, discusses about the pros and cons of the different desktop environments and will help you decide which desktop is right for you.

Chapter 2, Sharpening the Saw, introduces you to the set-up that works best, the documentation tools that we use to make sure that the results of the tests are prepared and presented right, and the details of Linux services you need to use these tools.

Chapter 3, Information Gathering and Vulnerability Assessments, shows you how to footprint your Windows network and discover the vulnerabilities before the bad guys do.

Chapter 4, Sniffing and Spoofing, covers network sniffers and analysis tools to uncover the Windows protocols in use on the network. Learn how to exploit the vulnerable Windows networking components.

Chapter 5, Password Attacks,shows you several approaches to password cracking or stealing.You will see several tools to improve your average in password acquisition from hash-cracking, online attacks, offline attacks, and rainbow tables to social engineering.

Chapter 6, NetBIOS Name Service and LLMNR - Obsolete but Still Deadly, helps you understand how Kali Linux is an excellent toolkit to attack obsolete protocols and applications and obliterate expired operating systems.

Chapter 7, Gaining Access,demonstrates several use cases for Kali Linux tools like Social Engineering Toolkit, Metasploit, and so on to exploit Windows vulnerabilities.You will also learn to use the exploit databases provided with Kali-Linux, and others. Finally,learn to use tools to exploit several common Windows vulnerabilities, and guidelines to create and implement new exploits for upcoming Windows vulnerabilities.

 Chapter 8, Windows Privilege Escalation and Maintaining Access, teaches you several methods to use Kali tool-set to get admin rights on your vulnerable Windows host.

Chapter 9, Maintaining Access on Server or Desktop, covers some devious ways to maintain access and control of a Windows machine, after you have gained access through the techniques you learned in the previous chapters.

Chapter 10, Reverse Engineering and Stress Testing, is the beginning of how to develop an anti-fragile, self-healing, and Windows network. Go ahead make your servers cry!

To get the most out of this book

You will require following to code test this book:

Router/firewall

Linux workstation 8 cores 32 GB RAM for a VM server. (running VirtualBox)

Windows 2008 server for the DC (VM)

Windows 2008 server file server (VM)

Win7 client (VM)

Win10 client (This was a physical laptop)

Laptop running Kali 4 cores 8 GB of RAM. For the attacking platform. (My personal laptop)

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/9781788997461_ColorImages.pdf.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "This produces a fast scan-the T stands for Timing (from 1 to 5), and the default timing is -T3."

A block of code is set as follows:

html, body, #map { height: 100%; margin: 0; padding: 0}

Any command-line input or output is written as follows:

nmap -v -sn 192.168.0.0/16 10.0.0.0/8

nmap -v -iR 10000 -Pn -p 80

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Open the Terminal from the icon on the top bar or by clicking on the menu links:Application | Accessories | Terminal".

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packt.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packt.com.

Disclaimer

The information within this book is intended to be used only in an ethical manner. Do not use any information from the book if you do not have written permission from the owner of the equipment. If you perform illegal actions, you are likely to be arrested and prosecuted to the full extent of the law. Packt Publishing does not take any responsibility if you misuse any of the information contained within the book. The information herein must only be used while testing environments with proper written authorizations from appropriate persons responsible.

Choosing Your Distro

Since the first edition of our book, a lot has changed with Kali Linux. Besides Kali now being a Rolling Distribution, it now comes with several Desktop Environments and several different kernel architectures. This means you can run Kali from a small Raspberry Pi or from a full-blown workstation built for speed and power. By adding a normal user account and a little extra configuration and packages, you can make Kali your Daily Driver OS. In this chapter, we will discuss the several desktop environments and the pros and cons of each. This will help you decide which distro to download for your trip into the world of hacking with Kali. If you are not familiar with Linux, this chapter helps give you some under the hood knowledge of Linux and its design.

Desktop Environments

Choosing your look and feel

Configuring for your Daily Driver

Desktop environments

One of the big differences between Unix/Linux systems and Windows is they truly are modular in design. Sure, I know Microsoft says Windows is modular in design, but this really isn't the case. With Windows, the desktop is seamlessly integrated into the operating system. So, until Server 2012, you had to run a Windows server with a running GUI. With Server 2012, you have the option to run the machine headless, but the server's use is very limited running in this mode. Try to uninstall Internet Explorer; well, you can't. Yes, Internet Explorer is an application that has one of the largest security footprints of any common application. Yes, Internet Explorer has system-level access. Yes Toto, this is a problem, which we will exploit later in this book, but for this chapter let's focus on desktop environments.

Linux truly is modular in design. Linux's father is Unix, and Unix's whole design concept was small interactive programs that could be chained together to perform larger tasks. Linux is also designed this way. Actually, Linux is just the kernel of the operating system invented by one man, Linus Torvalds. Almost everything else is a collection of small applications bolted together to make the boy go. A large and constant component set that helps the kernel interact with the hardware is encompassed by the name GNU toolset. Most of these tools were ported from Unix, or rewritten to avoid copyright complications, but still use the same inputs and outputs.

So, with this design structure, the GUI is just another module that can be changed or completely removed from the operating system without any effect on the lower working parts. This gives Linux the ability to do anything from being a Smart Watch to running the Hadron Collider or... be a hacking machine.

Desktop environment versus Window Manager

One important distinction that may help you understand how Desktop Environments work on Kali and other Linuces (plural of Linux) is that of the Window Manager. A desktop environment, also called a GUI, generally includes folders, wallpapers, desktop widgets, icons, windows, toolbars, and interfaces for applications. The Microsoft Windows desktop environment may have been the first such metaphorical construct you discovered. Your smartphone has a desktop environment, and the dramatic failure of the Windows 8 desktop environment was an attempt to merge development of the Windows CE (phone GUI) and Windows 7/Server 2003 GUI. The mistake Microsoft made was assuming that there were more workstations with touch screen capability. Plainly the technology existed, but the monitors were expensive and not in wide use. Bo and Wolf think the Ubuntu Unity desktop environment was a failure based upon the same design assumption. Mouse-driven workstation interfaces are here to stay for a little while longer.

In Kali, a desktop environment usually interacts with a Windowing System such as the X Windows System, or Wayland, which runs directly on top of the hardware, and a Window Manager application which is the interface the user sees and with which the user interacts. The Window Manager provides the look and feel of the Kali Linux experience. There are several Window Managers that can be used with almost any desktop environment in Kali Linux. One of these is the Enlightenment Window Manager, which is included in Kali ISO downloads as E17. The main difference between E17 and a full desktop environment, such as KDE or Gnome, is that E17 has few applications that are built specifically for E17, whereas KDE and Gnome have specialized apps that need a large number of dependencies met to run them in some other desktop environment. Kate and gedit are the specialized text editors for KDE and Gnome respectively.

Enlightenment (E17)

Installing the E17 ISO is rather similar to the installations of any of the other desktops, as long as you are using the default install option. The standard boot screen is runlevel 3, with only a command-line interface, so you have to use the startx command to see the desktop interface. This is shown in the following screenshot:

On your first login to the E17 environment, you will be asked a series of questions you already answered in the installation process:

Language

: The default highlighted is US English.

Keyboard Layout

: The default highlighted is English (US).

Profile

: This is hardware profile and the choices are

Mobile

and

Computer

. The default highlighted is

Computer

.

Sizing

: This is title size. The choices are from

0.8

to

2.0

. The default highlighted is

1.0

.

Window Focus

: The choices are

Click

and

Mouse Over

. The default highlighted (and the general Linux default) is

Mouse Over

.

Checking to see if Connman exists

: Connman is the Enlightenment network connection manager. Click to install/enable Connman.

Compositing

: This is the source of most of the eye candy in E17. The default is to

Enable Compositing

, but you might want to use hardware-accelerated (Open-GL) compositing if you are doing a bare-metal installation. If there is a shortage of RAM or you are using a machine with an older processor, you might not want to use compositing at all:

Updates

: You can enable

Checks for Enlightenment Updates

. The default is a check in the box to authorize this update. If you are running within a target network, clear this checkbox. It isn't particularly stealthy to have a randomly occurring network check going out to

https://www.enlightenment.org/

if the network is supposed to be Windows-only.

Taskbar

: Enabling the taskbar lets you see open applications and Windows on your Kali Linux E17 desktop. This is enabled by default.

Once you are through with the configurations, E17 will show you the desktop. The following screenshot shows the default desktop. The first thing you might notice is that the background is a flat white plate. The menu line at the top is from Virtual Box. The menu bar at the lower edge is reminiscent of the Apple Mac toolbar. The floating menu bar in the middle is achieved by right-clicking the desktop:

The basic default file management window is shown in the following screenshot. It is readable but hardly exciting. If you click on the desktop menu, you can add gadgets. I have added a system gadget to the Taskbar, but you could just as easily place it anywhere on the desktop. The following screenshot shows the right-click menu from the Backlight gadget. If you click Begin Moving Gadgets, you can move all the gadgets around until you click on Stop Moving Gadgets:

E17 Window Manager issues

Almost all of the security tools are lumped together under the

Other Menu

, under the

Applications Menu

, which may cramp your style somewhat.

If you open the click menu too close to the right-screen border, the submenus are offscreen. The effect of

Other Menu

overcrowding is shown in the following screenshot:

This version of Enlightenment is several years old. The current major version is 22. Perhaps the folks at Offensive Security who created Kali decided to freeze Enlightenment at major version 17 because the Enlightenment developers are moving toward using the Wayland windowing system, and by default Kali-E17 is using the

xorg

windowing system.

To check whether your version of Kali is running xorg or Wayland, type xdpyinfo on the command line. If it is running a pure Wayland environment, the command will fail. If it is using xorg, it will produce several lines of information about your video configuration. The following screenshot shows a truncated screen of the results on the default installation:

The easiest way to get at all of the security tools would appear to be opening the

Applications

|

Run Everything

dialog, as shown previously. I discovered that this returns an error code when I attempted to open

xterm

, the default terminal emulator in E17, to install my favorite software installer app,

Synaptic

. I had to go to the

Applications

|

System Menu

and open xterm from there. There does not appear to be a simple fix for the failing

Run Everything

widget. Perhaps upgrading to the current stable version of Enlightenment (E22.x) would solve it, but the solution would probably require revamping the windowing system, which is a non-trivial undertaking.

To install synaptic:

#> apt install synaptic

To change wallpaper in E17, click on Applications | Settings | Wallpaper Settings. This opens the dialog that is shown in the following screenshot. You can choose your own desktop image or one of the factory images:

Gnome desktop

Back in the days of Backtrack, which was the precursor security platform to Kali Linux, the default desktop environment was a very stripped-down version of KDE. When Backtrack was deprecated and Offensive Security published Kali, the default desktop was changed to Gnome. Backtrack was a live-disk CD only, and was not intended to be installed on any computer. The Backtrack version of KDE was stripped down to be able to load from a standard CD. This stripping down removed a lot of the desktop functions. When Kali was published, it was designed to load from a live DVD, and to be installed on x386 and amd_64 architectures. Gnome is slightly reminiscent of the Windows 3.11 look and feel, and uses less memory to draw the desktop than KDE.

The Gnome desktop has been around since the early days of Linux. The Kali Linux default desktop environment is Gnome 3. When you do a standard install, the desktop looks like this:

The toolbar on the left border is the favorites group. When you open any application, its icon arrives in the favorites group on the left, as can be seen in the following screenshot, where I have opened OWASP ZAP:

The security tool menu is found under the Applications tab in the upper-left corner of the desktop. This is a very good categorized list and makes it easier to find any tool you wish to use. The list is shown in the following screenshot:

Changing the desktop image in Gnome 3 is easy, but the settings menu is a bit hard to find. It is hidden under the icon in the upper-right corner. The following screenshot shows the system menu, which has the sound volume control, the network connection dialog, and the settings editor:

Most of the settings in Gnome are found in the settings dialog, shown in the next screenshot. There are settings sheets for Wi-Fi, Background, Notifications, Search, Region & Language, Universal Access, Online Accounts, Privacy, Sharing, Sound, Power, and Network. The following screenshot shows the desktop editor, with the default desktop images:

To change the images, you simply click on the image you wish to change. That opens a dialog box and you can choose one of several included images, or choose one of your own from the images in your Pictures directory:

Gnome 3 desktop issues

There doesn't seem to be any easy way to add applications to the favorites group

The drop-down menu bar uses a slider bar to take you down to the

Usual applications

menu instead of a full-length sub-menu

KDE desktop

KDE has been around since the early days of Linux and is Bo Weaver's favorite. With age comes stability and KDE is a very stable desktop. The look and feel are very similar to Windows, so for a Windows user it is easy to use. One advantage of KDE is that the desktop is highly configurable. If you don't like what it looks like, just change it. This can be a big advantage. KDE comes with all the latest Jumping Monkeys and features. You probably like your desktop environment your way, like we do. It doesn't matter what latest thing has been added as long as you can configure the desktop to be the same as it has been for years. This helps with muscle memory. Muscle memory comes into play because having everything in the expected place makes the overhead of the job lower, because there isn't any time spent searching for common tools you use every day. It is more effective not to have to think about where a tool is hidden on the machine or how to save a file since the developers decided the application no longer needs a menu bar. With KDE, you can change your desktop back to an old-school no-frills desktop with everything just like it has been for years. If you are bored, you can customize the desktop beyond any semblance of the default Kali look. The next screenshot shows the default desktop with the Start menu open at Applications. The menu organization is similar to the Gnome 3 menu you have already seen:

One drawback of KDE is since it is so highly configurable and does come with a lot of built-in features, it is very heavy on the memory of the machine and puts a demand on the video card. KDE does need to run on a modern machine with a good amount of memory. Also, being so highly configurable, it is easy to sometimes screw up your settings.

One advantage of KDE is the desktop widgets. Desktop widgets are small applications that run on the desktop to do a number of things. When hacking, you need to keep an eye on your local system resources. There are widgets you can use to keep an eye on system memory, CPU, and network usage at a glance. It's a sad thing to be in the middle of work, fire up one more tool, and have your system crash because you ran out of memory. Using a widget, you can keep an eye on memory usage, network, and CPU usage.

KDE also works really well when using more than one monitor and is completely configurable in assigning which monitor is the main monitor and where your toolbar go. It also reverts to using a single monitor without a reboot or playing with the configuration. This is great when your machine is a laptop that you move a lot.

The KDE developers seem to understand that the desktop interface for a tablet will not work on a workstation that uses a mouse. Since the advent of the tablet, KDE now really comes with two interfaces, Plasma and Neon, and they interchange when the hardware changes. They both use the same backend toolsets; only the look and function changes when changing from tablet mode to workstation mode. This was a failure with the Windows 8 desktop and also a failure with the Gnome desktop. You cannot design an interface to work with your finger and with a mouse. What you will always end up with is an interface that doesn't work well with either.

KDE issues

KDE is graphically busy and uses a lot of resources. This makes it unsuitable for a very old machine, or one with low graphics memory.

SHOW STOPPER!

: This is an installer issue, and you may not get this effect. The folks who created Kali Linux add updates to the ISO disk files over time, and when Wolf did this install, it came up with this issue. It is easy to fix, and the important thing is not to panic. You did nothing wrong if your install shows up like this. After installation, the KDE instance loads to the tty1 full-screen CLI and

startx

does not start the GUI.

startx

is part of the

xinit

package, so you can install

xinit

by entering the following as root (the account you just logged in as):

#> xinit

LXDE desktop

LXDE, which stands for Lightweight X11 Desktop Environment, was designed in 2006 by Hong Jen Yee, a Taiwanese programmer who wrote the first module of LXDE. It was a file manager. This is reminiscent of the creation of the Linux kernel itself, where Linus Torvalds started with a file manager module. Installations had problems, but the live disk seems to work well. I noticed the Kali-Linux graphical installation asks for machine domain but regular installation does not. The following screenshot shows the default LXDE desktop.

This desktop environment is also reminiscent of Windows XP with the menu launch button in the lower-left corner:

To change the desktop background, go to the menu in the lower-left corner and choose Preferences | Desktop Preferences. The menu is shown in the next screenshot. If you want great choices for background images, check out https://pixabay.com/:

LXDE issues

SHOW STOPPER

: Graphical installation failed because

No partition table planned and no creation of file systems have been planned

SHOW STOPPER

: Regular installation failed because

No Operating System Installed

MATE desktop

The MATE desktop is a fork of the now-deprecated Gnome 2 desktop environment. MATE stands for MATE Advanced Traditional Environment. This is a similar structure to the GNU acronym, GNU is Not Unix. The renaming of the fork to MATE avoids naming convention issues with the still-current Gnome 3 environment.

MATE includes forks of many Gnome applications, and developers have written new applications. The names are in Spanish to reflect MATE's Argentinian origin.

MATE applications include the following:

Caja

: File manager (from Nautilus)

Atril

: Document viewer (from Evince)

Engrampa

: Archive manager (from Archive Manager)

MATE terminal

: Terminal emulator (from GNOME Terminal)

Marco

: Window manager (from Metacity)

Mozo

: Menu item editor (from Alacarte)

Pluma

: Text editor (from Gedit)

The first boot, and all subsequent boots, of MATE bring us into runlevel 3, as shown in the following screenshot:

The default GUI for MATE is familiar to most Linux users, as it is a near-mirror image of Gnome 2. The next screenshot shows that desktop with the default Kali logo. The Applications, Places, and System menu structure has been a long-standing mark of a Linux desktop, and many longtime Linux users welcomed the efforts of the MATE team to maintain the tradition:

The following screenshot shows all three system menus from the MATE desktop with representative submenus open. The Places menu opens Caja (file management) windows:

The look and feel menu offers you 12 preset appearance preferences, and those can then be customized further. The following screenshot shows a selection of those presets:

MATE issues

The behavior of booting into runlevel 3 is difficult but not insurmountable, as we know to try startx