Offensive Security, maintainers of the popular Kali Linux open source project, released Kali Linux 2019.4, the latest iteration of the Kali Linux penetration testing platform. The new release includes several new features, including a new default desktop environment, a new theme and a new undercover mode for pentesters doing assessment work in public places.
2019.4 includes some exciting new updates:
- A new default desktop environment, Xfce
- New GTK3 theme (for Gnome and Xfce)
- Introduction of “Kali Undercover” mode
- Kali Documentation has a new home and is now Git powered
- Public Packaging – getting your tools into Kali
- Kali NetHunter KeX – Full Kali desktop on Android
- BTRFS during setup
- Added PowerShell
- The kernel is upgraded to version 5.3.9
- … Plus the normal bugs fixes and updates.
With the change to the environment, we thought we would take a side step and do something fun. Thanks to Robert, who leads our penetration testing team, for suggesting a Kali theme that looks like Windows to the casual view, we have created the Kali Undercover theme.
Say you are working in a public place, hacking away, and you might not want the distinctive Kali dragon for everyone to see and wonder what it is you are doing. So, we made a little script that will change your Kali theme to look like a default Windows installation. That way, you can work a bit more incognito. After you are done and in a more private place, run the script again and you switch back to your Kali theme. Like magic!
New Desktop Environment and GTK3 Theme
There are a ton of updates to go over for this release, but the most in your face item that everyone is going to notice first are the changes to the desktop environment and theme. So let’s cover that first.
An update to the desktop environment has been a long time coming. We have been talking about how to address this, what we wanted to do, experimenting on different approaches, and so on for months now. As a summary we had a few issues we wanted to address head-on:
- Performance issues – Gnome is a fully-featured desktop environment with a ton of awesome things it can do. But all these features comes with overhead, often overhead that is not useful for a distribution like Kali. We wanted to speed things up, and have a desktop environment that does only what it’s needed for, and nothing else. Gnome has been overkill for most Kali users, as many just want a window manager that allows you to run multiple terminal windows at once, and a web browser.
- Fractured user experience – We support a range of hardware, from the very high end to the very low. Because of this, traditionally our lower-end ARM builds have had a completely different UI than our standard. That’s not optimal, and we wanted to unify this experience so it did not matter if you were running on a bare metal install on a high end laptop or using a Raspberry Pi, the UI should be the same.
- Modern look – We have been using the same UI for quite a while now, and our old theme maintainer had moved on due to lack of time. So we wanted to go with something fresh, new, and modern.
Kali-Docs is now on Markdown and new home (/docs/)
This may not be as flashy as the new theme, but the changes to the docs we have done is just as significant.
One of our go-forward goals with Kali is to move more of the development into the public and make it as easy as possible for anyone (that means you!) to get involved and contribute to Kali. That’s what our move to GitLab earlier in the year was all about. Another part of this is changing how we deal with docs.
We have since moved all of our documentation into Markdown in a public Git repository. From here on out anyone, not just Kali staff, can contribute to better documentation through merge requests. We will still approve any content changes, but once merged, changes will be automatically available on the docs section of our website.
We encourage everyone to get involved! If you see something wrong in the existing docs, change it! If you have an idea for new docs, write it! These sorts of contributions make Kali better for everyone.
This is just the first step. With this change in place, coming soon watch for a kali-docs package in Kali that gives you full offline access to the documentation on every install of Kali. Perfect for those situations where you are working in a closed-off environment with no Internet access.
One of the more significant new documents we have done is documenting how you can make a new package that will get included in Kali.
One of the most common bug reports is requests for us to add new tools or update existing ones. Oftentimes, by the tool developers themselves as they recognize that having their tool in the Kali repo is the easiest distribution channel for security assessment tools there is. The volume of this has always been difficult to keep up with, and we have to make some hard decisions on where to commit our limited resources.
Now with this work-flow in place and documented, you don’t have to wait on us. Go ahead and package up your tool and submit it off to us for approval. This is an awesome way to get involved with improving Kali.
BTRFS during setup
Another significant new addition to the documentation is the use of BTRFS as your root file system. This is an amazing approach documented by Re4son, that when done gives you the ability to do file system rollbacks after upgrades.
When you are in a VM and about to try something new, you will often take a snapshot in case things go wrong you can easily go back to a known-good state. However, when you run Kali bare metal that’s not so easy. So you end up being extra careful, or if things go wrong have a lot of manual clean up to do. With BTRFS, you have this same snapshot capability on a bare metal install!
As this is new, it’s not integrated into our installer yet. Once we get some feedback on how it’s working for everyone, the next step is to streamline this and make it an easier option in our installer. So if you try it out, be sure to let us know how it works for you!
On to other features, in case you missed it PowerShell is now in Kali (We have a blog post about it). This has been really great to bring the ability to execute PowerShell scripts directly on Kali.
NetHunter Kex – Full Kali Desktop on Android phones
Another feature we are super excited about is the introduction of NetHunter Kex. In a nutshell, this allows you to attach your Android device to an HDMI output along with Bluetooth keyboard and mouse and get a full, no compromise, Kali desktop. Yes. From your phone.
We had a live Penetration Testing with Kali course we were teaching, and NetHunter Kex was just in a beta stage. So we wanted to really push the limits. So, in the live course, what we did was attach a USB-C hub to our OnePlus7. This gave us HDMI and Ethernet access. We attached the HDMI to the projector and used a bluetooth keyboard/mouse. With this, we were able to do an entire PWK module from the phone.
This is a feature you have to see to believe. Until you experience it, you won’t fully understand what this provides. With a strong enough phone, this is very similar to using a nice full-featured portable ARM desktop that happens to fit in your pocket. The possible ways you can leverage this in assessments is huge.
To get a full breakdown on how to use NetHunter Kex, check out our docs at.
2019.4 is the last release that will support 8GB sdcards on ARM. Starting in 2020.1, a 16GB sdcard will be the minimum we support. You will always be able to create your own image that supports smaller cards if you desire.