An open API service indexing awesome lists of open source software.

https://github.com/andreswebs/kali-ec2-lab

Setup Kali Linux on an AWS EC2 instance and connect to it via RDP
https://github.com/andreswebs/kali-ec2-lab

aws kali-linux penetration-testing security

Last synced: about 1 year ago
JSON representation

Setup Kali Linux on an AWS EC2 instance and connect to it via RDP

Awesome Lists containing this project

README

          

# Lab: Kali linux on EC2

This lab shows how to setup Kali Linux on an AWS EC2 instance and connect to it
via RDP.

## Warning

Before going through this lab or doing any penetration testing in AWS, make sure
you read the
[AWS Customer Support Policy for Penetration Testing](https://aws.amazon.com/security/penetration-testing/).

Remember to clean up the created resources from your AWS account after this lab.

## Pre-requisites

- AWS CLI installed and configured with proper credentials.

- An RDP client installed.

- A subscription to the Kali Linux official AWS AMI on the
[AWS Marketplace](https://aws.amazon.com/marketplace) (search for "Kali
Linux").

- Go to the product subscription page in the AWS Marketplace and find the AMI
ID. Save it for later.

## Steps

0. copy the example instance configuration:
```sh
cp instance.example.json instance.json
```

1. edit the `instance.json` file to add the property:

- `ImageId`: the Kali AMI ID (from **Pre-requisites**)
- also remove the `DryRun` property

2. set environment variables for the scripts:
```sh
export SECURITY_GROUP_ALLOWED_CIDR="$(curl --silent checkip.amazonaws.com)/32"
export SECURITY_GROUP_NAME="kali-lab"
export SECURITY_GROUP_DESCRIPTION="Allow SSH and RDP traffic"
export KEY_NAME="kali"
```

3. create a security group:
```sh
./create-security-group
```

4. create a key pair:
```sh
./create-key-pair
```

5. create an EC2 instance:
```sh
./create-instance
```

6. find the instance ip:
```sh
export INSTANCE_IP=$(./get-instance-ip)
```

7. connect to the instance via SSH:
```sh
./kali-ssh "${INSTANCE_IP}"
```

8. install a kali metapackage to get some tools:
```sh
sudo apt install --yes kali-linux-headless
```

9. run the commands listed in [rdp-setup.md](rdp-setup.md)

10. connect via RDP client through the public ip with the username and password
created in the previous step

## Next Steps

Set up some vulnerable infrastructure to test against !

Check out, for example, [AWSGoat](https://github.com/ine-labs/AWSGoat).

## Clean Up

Go to the AWS console and delete the resources created during the lab:

- EC2 instance
- SSH key pair
- Security group

## Author

**Andre Silva** - [@andreswebs](https://github.com/andreswebs)

## License

This project is licensed under the [Unlicense](UNLICENSE.md).

## References