google cloud kali linux

Guide

Deploy Kali Linux on Google Cloud

I work a lot with cloud providers such as Amazon AWS, Azure, and occasionally Google Cloud.  Personally, I really like the Google Cloud but using it as a platform for pen-testing has always been a little troublesome due to the fact I can’t just spin up a Kali Linux VM from a marketplace.  In this post, I will show you how I create a custom Kali Linux Google Compute Engine instance.   This method’s disadvantage is that it is time-consuming to upload your base Kali Linux OVA, but once you have it uploaded deployment of a Kali Linux instance is fast and easy.

What you need to start:


*Once you have that all downloaded install VirtualBox and Google Cloud SDK.

Assumptions on my part:
I am assuming you already have a Google Cloud account and have some idea how everything works.

Configure Kali Linux

Start Kali Linux Virtualbox

Open the Kali Linux OVA file using Virtual Box.

Once the virtual Kali Linux instance has booted, Log in to Kali Linux.

Default Login Credentials:
Username:  root
Password:  toor

Change the root password
Seriously, change it, don’t be that security person that preaches basic security practices but leaves a default password on a public image.

Update Kali Linux

As with any new Kali Linux install, we need to update the OS to start from a current state.  The following commands will update and upgrade the Kali OS, all installed applications and clean up anything not being used anymore.

sudo apt update
sudo apt upgrade
sudo apt dist-upgrade
sudo apt autoremove 

 

Enable SSH

OpenSSH is installed by default on Kali Linux.  To start the OpenSSH server: 

 sudo systemctl start ssh

Verify SSH is running:

systemctl status ssh

We now need to start the OpenSSH server on boot:  

sudo update-rc.d ssh enable 2 3 4 5

Customizations

Now that we have the basic requirements for running and accessing your Kali Linux using SSH you can add any other customizations that you will need.  I prefer to keep the base build and script any additional software as needed for the engagement I am using it for.  That was I can start any project with a documented base build.

You need may differ though.  If you need or want GUI access you can install VNC.  Some companies like to “brand” their OS builds and add custom backgrounds.  Whatever your needs base requirements are feel free to do complete them at this point.

After you have completed all your customizations it time to shut down your VirtualBox Kali Linux VM.  

Install Kali Linux on Google Cloud

Create a Google Cloud Storage Bucket

First we need to create a storage bucket to store the image so we can upload it.  If you already have a storage bucket created and have the appropriate permissions you can skip this step.

To create a google storage bucket, run the following command:

gsutil mb gs://subproject9-imagestore/

Remember your bucket name must be unique and contain only lower-case letters.

Note: 
If you need help installing the Google Cloud SDK:
https://cloud.google.com/sdk/docs/install

Export Kali Linux VirtualBox

We need to get the Kali Linux VM to a format that Google Cloud can use.  To do this we will need to export the VM to an OVA file.

Right-Click on your Kali Linux VM and select “Export to OCI” which will launch the export wizard.

On the first screen of the export wizard use the following settings:
Format:  Open Virtualization Format 1.0
File:  <SomeFolder>\Kali.ova
MAC Address Policy:  Strip all network adapter MAC address

Click “Continue” to get to the summary screen, and then click “Export”

 

Import the Image to Google Compute Engine

Enable the Cloud Build API

To be able to build a compute instance from an OVA file you need to enable the Cloud Build API.  To do this by issuing the following command:

gcloud services enable cloudbuild.googleapis.com

 Or you can enable the API by using the Google Cloud Console and searching for “Cloud Build” and clicking the “Enable the Cloud Build API” button.

Note:
Make sure your account has the following permissions:

roles/iam.serviceAccountTokenCreator
roles/compute.admin
roles/iam.serviceAccountUser
 

Upload Kali Linux Image to Google Cloud

Now, we have to upload the image into the storage bucket.  To do this we first need to navigate where you exported VirtualBox image files are.   In this example my image name is Kali.ova, if you have multiple images you can change the name with version number or dates.

To upload your image, navigate to the folder containing the image, and run the following commands:

gsutil cp Kali.ova gs://subproject9-imagestore/Kali.ova

Now, just sit back, have a cup of coffee, and wait for the file copy to finish

Create a Kali Linux Compute Instance

To create your Kali Linux compute instance, just run the following command:

gcloud compute instances import kali-instance1 \
    --os=debian-9 --source-uri=gs://subproject9-imagestore/Kali.ova \
    --custom-cpu=2 --custom-memory=2048MB

If your account does not have the appropriate permission, this command will try to add the appropriate permissions.

Now just log into the Google Compute Engine Console https://console.google.com/compute to connect to it via SSH.  

Repeat the above command anytime you want to spin up a new instance of Kali Linux image.

Helpful Google SDK Commands:

List all compute instances:
gcloud compute instances list
List all compute instances with IP addresses:
gcloud compute addresses list