Skip to main content

How To Setup A Kali Instance In AWS (With RDP)

Cover Image showing the AWS and Kali logo side by side

Kali is a pen-testers best friend, a Linux OS packed full of tools to help on all engagements. It’s also a great OS for using with “Hack The Box” or “Try Hack Me”. However, if you’re like me using a mac with an M1 chip which really lacks good virtualization support at the moment without forking out £70 a year for parallels. Or maybe you just like to keep anything hacky related away from your daily driver.

Well, what if I told you we could deploy kali in AWS, and we can just blow everything away when we are done, always giving us a nice clean OS to start our engagements with. As an added bonus the pricing won’t break the bank – depending on your usage of course. But I reckon an average person just doing some “Hack The Box” type things won’t spend more than £10 a month (and that’s pushing it). You also get the added benefit of learning some AWS in the process.

AWS Setup

First things first, we need to add a marketplace AMI (Amazon machine image) to our account. This is free.

  • Login to the AWS console and navigate to the marketplace, then search for Kali.

Screenshot showing kali in the AWS marketplace

  • Once you’ve added to AMI to your account you should be able to see it in the “AWS Marketplace” screen

Screenshot showing the kali image is now subscribed to

Deploying the AMI to an EC2 Machine

Now that we’ve added the AMI to our account we will deploy it to an EC2 machine. In my personal experience, I have found that a t3.xlarge instance works best. Play around a little and find the instance size that works best for you.

  • Open the EC2 console, press launch instance and search for the Kali instance in the “AWS Marketplace section”

Screenshot showing the kali image is now available to launch from the EC2 screen

  • Once you’ve selected your instance size click “Configure Instance Details”

To make things easier for us we are going to add a small script into the instance user-data to install XRDP for us when the machine first boots. This will allow us to get a remote desktop connection started. You can also SSH into the instance and run these manually if you prefer.

#!/bin/bash
sudo apt -y update
sudo apt -y install kali-desktop-xfce xrdp
sudo systemctl enable xrdp
sudo systemctl restart xrdp
# setting the password for the kali user so you can login to the desktop. 
# Reset this once you have logged in.
echo 'kali:kali' | sudo chpasswd

Screenshot showing user data being added to install xrdp

Now either click through to the “Configure Security Group” page or just click it from the menu at the top (it’s number 6).

IMPORTANT – Now we need to make sure that only we can communicate with this kali instance. We certainly don’t want a remote desktop connection that is open to the world. Configure your security group to only allow connections on port 3389 from your router’s public IP address. If you are unsure of your current IP you can use the following website. AWS also includes a “My IP” in the dropdown list which should auto-detect your public IP for you.

Screenshot showing a security group being configured

This may also be a good time to increase the storage if you are planning on saving this instance for further use in the future. It comes with 12GB by default which won’t leave you a lot of breathing room after you’ve installed the OS.

Then hit launch instance and give it 10 mins to install the required packages. It will take a while because the cloud version of Kali is not kept up to date very well – so there will be a lot of old packages that need to be upgraded.

Connecting To The Instance

Once the instance has been up for about 10 mins, head back to the EC2 console and click on the newly created instance. You should find the public IP on the first screen.

Screenshot showing the public IP of the EC2 instance

Grab this IP and put it into your RDP client. After pressing connect you will be prompted for a username and password.

Screenshot showing an RDP client being used to connect to the instance

If you used the script from earlier this will be kali:kali

After pressing continue you should be greeted with a kali desktop (it will take about 30 seconds to load the first time you connect).

Screenshot showing the Kali desktop after connecting with RDP

And that’s that. You’ve now got a fully packed kali instance primed and ready.

I’d recommend changing your password at this point. To do so just open the terminal and type the following:

──(kali㉿kali)-[~]
└─$ passwd
Changing password for kali.
Current password: 
New password: 
Retype new password: 
passwd: password updated successfully

Next Steps

Now you’ve got your instance running you’ve basically got 2 options to maintain it.

  • You can manually log into the console each time you want to start and stop your instance. It’s highly recomended to shutdown your instance when not in use so you don’t pay for computer power you are not using.
  • Create a terraform script which can build this instance for you in about 2 mins. Keep in mind though, if you take this option anything you store on the instance will be deleted everytime it gets rebooted. To get around this I normally create an EFS file system and mount it as /data or something. Then take a snapshot of the machine and get terraform to rebuild from that state.