TECHNOPHILE

Kali & Whonix: Perfect shadow for bug hunters and pen-testers

We all might have conscious about privacy. When I say privacy, I mean internet privacy. And when you think about privacy, the first thing that comes to most of our mind would be Tor a.k.a The Onion Routing. With Tor, you are almost safe if you manage to set up Tor properly and use tor only via the Tor browser. But browsers can still leak your information via many doors such as DNS leak, WeRTC,etc.

But this not only the case. With just Tor, even if the above leaks are fixed, we are limited to have privacy only for the Tor Browser. Rest of the applications, even if tor can be configured for them, remains a pain in the ***. I always wished for Tor being bundled as a standalone OS so that I don’t need to worry about time consuming yet failing tor configurations. Then there was Tails and related stuff. But still, when you want to do some pen-test stuff and do bug hunting your favourite OS will mostly be Kali Linux. How would it feel if you can run you entire Kali OS via Tor?

Introducing Whonix

According to the developers, Whonix is a free and open-source desktop operating system (OS) that is specifically designed for advanced security and privacy. Based on Tor, Debian GNU/Linux and the principle of security by isolation, Whonix realistically addresses common attack vectors while maintaining usability.

How Whonix works?

By default, Whonix assumes that Whonix-Gateway and Whonix-Workstation are connected by (virtual) LAN cable. Wireless technologies are not recommended as a malware compromised Whonix-Workstation could access (other) wireless access points and subsequently connect without Tor. Using a (virtual) cable enforces that Workstation can only connect through Gateway.

In simple terms, Whonix-workstation is a standalone OS and Whonix-Gateway is a gateway (consider it as a modem). Both Workstation and Gateway has to be run using a Virtualbox or VMware. Here Virtualbox will run using the host OS’s internet connection. Whonix Gateway will torify the internet connection. This Gateway will have a unique IP and the workstation will be configured using this gateway IP address. So, when you think from the OS’s perspective, you get a completely anonymous internet service. As a result, we can run all the OS supported applications within this Tor sandbox.

Now, if you replace Whonix workstation with Kali Linux, you get a completely anonymous Kali Sandbox. That sounds cool rite? Let’s do it step by step.

How to setup Kali Linux with Whonix?

Download Virtualbox
Ubuntu users:
```
$ sudo apt install virtualbox
```
Windows users may download VirtualBox from the website and install.
Downlaod the Whonix Gateway from their website. We don’t need the Workstation since we are using Kali instead. It will be a virtualBox compatible .ova file.
Open VirtualBox and import the Gateway.
Install the Gateway with default settings. After installation, it will automatically connect to Tor. Please comment below if it didn’t work for you. After that, power off the gateway.
Download Kali Linux iso from their website. I prefer downloading the iso and not the ova.
Import Kali iso to VirtualBox.
Now before installing Kali Linux, change the network adaptor settings to follow Gateway. To do this, right click on the Kali Linux VirtualBox appliance and click Network. Change the field “attached to” to internal. And make sure the name is Whonix.
Now, install Kali Linux as normal.
After installation is complete, power off the appliance.
Now boot up Gateway again, followed by Kali Linux.
Go to Kali Linux network settings and edit the settings of wired connection to follow the below configuration
```
IP address: 10.152.152.11

Netmask: 255.255.192.0

Gateway: 10.152.152.10

Nameserver: 10.152.152.10
```
Here 10.152.152.10 is the default Gateway IP of Whonix.
That’s it. Hopefully you are connected to the Tor network now.