How To Setup A Kali Instance In AWS (With RDP)
Kali is a pen-testers best friend, a Linux OS packed full of tools to help on all engagements. It’s also a great OS for using with “Hack The Box” or “Try Hack Me”. However, if you’re like me using a mac with an M1 chip which really lacks good virtualization support at the moment without forking out £70 a year for parallels. Or maybe you just like to keep anything hacky related away from your daily driver.
Well, what if I told you we could deploy kali in AWS, and we can just blow everything away when we are done, always giving us a nice clean OS to start our engagements with. As an added bonus the pricing won’t break the bank – depending on your usage of course. But I reckon an average person just doing some “Hack The Box” type things won’t spend more than £10 a month (and that’s pushing it). You also get the added benefit of learning some AWS in the process.
AWS Setup
First things first, we need to add a marketplace AMI (Amazon machine image) to our account. This is totally free.
- Login to the AWS console and navigate to the marketplace, then search for Kali.
- Then click the “Continue to Subscribe” button. Don’t worry about the cost section, this is not the price of the software (as it’s free), it’s just some EC2 usage costs. This can be seen in the “pricing” tab. You won’t be charged anything by adding this AMI to your account.
- Once you’ve added to AMI to your account you should be able to see it in the “AWS Marketplace” screen
Deploying the AMI to an EC2 Machine
Now that we’ve added the AMI to our account we will deploy it to an EC2 machine. In my personal experience, I have found that a t3.xlarge instance works best. Play around a little and find the instance size that works best for you.
- Open the EC2 console, press launch instance and search for the Kali instance in the “AWS Marketplace section”
- Once you’ve selected your instance size click “Configure Instance Details”
To make things easier for us we are going to add a small script into the instance user-data to install XRDP for us when the machine first boots. This will allow us to get a remote desktop connection started. You can also SSH into the instance and run these manually if you prefer.
#!/bin/bash
sudo apt -y update
sudo apt -y install kali-desktop-xfce xrdp
sudo systemctl enable xrdp
sudo systemctl restart xrdp
# setting the password for the kali user so you can login to the desktop.
# Reset this once you have logged in.
echo 'kali:kali' | sudo chpasswd 
Now either click through to the “Configure Security Group” page or just click it from the menu at the top (it’s number 6).
IMPORTANT – Now we need to make sure that only we can communicate with this kali instance. We certainly don’t want a remote desktop connection that is open to the world. Configure your security group to only allow connections on port 3389 from your router’s public IP address. If you are unsure of your current IP you can use the following website. AWS also includes a “My IP” in the dropdown list which should auto-detect your public IP for you.
This may also be a good time to increase the storage if you are planning on saving this instance for further use in the future. It comes with 12GB by default which won’t leave you a lot of breathing room after you’ve installed the OS.
Then hit launch instance and give it 10 mins to install the required packages. It will take a while because the cloud version of Kali is not kept up to date very well – so there will be a lot of old packages that need to be upgraded.
Connecting To The Instance
Once the instance has been up for about 10 mins, head back to the EC2 console and click on the newly created instance. You should find the public IP on the first screen.
Grab this IP and put it into your RDP client. After pressing connect you will be prompted for a username and password.
If you used my script from earlier this will be kali:kali
After pressing continue you should be greeted with a kali desktop (it will take about 30 seconds to load the first time you connect).
And that’s that. You’ve now got a fully packed kali instance primed and ready.
I’d recommend changing your password at this point. To do so just open the terminal and type the following:
──(kali㉿kali)-[~]
└─$ passwd
Changing password for kali.
Current password:
New password:
Retype new password:
passwd: password updated successfullyNext Steps
Now you’ve got your instance running you’ve basically got 2 options to maintain it.
- You can manually log into the console each time you want to start and stop your instance. It’s highly recomended to shutdown your instance when not in use so you don’t pay for computer power you are not using.
- Create a terraform script which can build this instance for you in about 2 mins. Keep in mind though, if you take this option anything you store on the instance will be deleted everytime it gets rebooted. To get around this I normally create an EFS file system and mount it as /data or something. Then take a snapshot of the machine and get terraform to rebuild from that state.
