Kali Linux on Mac OS

Intro

I don’t have a lot of experience with cybersecurity. Certainly not as much as some of my college colleagues who decided to follow that path and continue in the direction of ethical hackers and pentesters. However, I’ve always had an interest in the subject (or maybe I’ve watched too much Mr. Robot). In any case, together with a friend of mine I enrolled in PNPT. We both started out full of expectations but, between one thing and another, it has now been years since we paid for the course. It still there valid and waiting for us, so recently I decided to pick it up again and study it.

To best follow the course you need to use Kali Linux, and although I could also install it on another computer, I decided to use it directly on my main Mac. This involves virtualizing it and making sure you have access to all the features. Another reason for keeping it on my main computer is the ability to take screenshots and add them to the notes I take on my progress, so it comes in handy.

I haven’t had the best of experiences with virtualization for Macs in the past, but it was Windows VM I was trying… so I never thought too much about it. I also wanted to see if there was anything new in the landscape of machine virtualization for my operating system. So I came across UTM. You can find it here: https://mac.getutm.app/

UTM

I will start by saying that UTM is free to use if downloaded from the main site. However, one can also purchase the $10 version on Apple’s official store, and thus support the author of the software.

UTM is easy to install, but configuration can initially be quite tricky. I am writing this post both to inform those reading this and to remind myself next time which process to follow :)

Let’s start with Kali Linux

Kali

Kali allows you to download the operating system directly in ARM64 format

Once the download is done, you can start UTM and create a new VM. You will be asked to select whether or not you want to emulate the architecture for the VM. In the case of the same architecture, it is not necessary to emulate

Then select other and upload the .iso image for Kali Linux

At this point comes the first gotcha: you must select from the options to also add a serial device. This is needed to be able to interact with the installation window (this confused me for quite a while)

At this point you can press the Play button and start the installation of Kali Linux. Since we were asked earlier to select how much space to allocate, we can also “format” all the resulting space available to the VM, which will only be free space at this point.

Kioptrix

To install this correctly I actually struggled more, partly because UTM errors are not always crystal clear. First of all, it is necessary to find the image we want to use. Kioptrix is available on the Vulnhub site (https://www.vulnhub.com/entry/kioptrix-level-1-1,22/). What is missing are instructions for installing it properly.

First, unpack the .rar file that contains the various parts. At this point, you need to use qemu to convert the contents into a .qcow2 file.

qemu-img convert -p -O qcow2 *.vmdk output.qcow2

The output file can then be used to initialize the VM. We then create a new VM in UTM. Since Kioptrix is a rather old image, it uses i386 as its architecture, and therefore the emulation option must be selected. It is also necessary to select the option to avoid the ISO boot

At this point we can confirm the creation of the VM. In the settings, we must also select not to enable UEFI boot and force the use of the PS2 controller

Unfortunately, if we forget this step, the VM will remain stuck in the default shell with no indication of how to proceed! As a final step, we need to select the output.qcow2 file created earlier

Now you can finally start the VM correctly! (In my case, now I can finally continue the course 😐 )