This lab shows how to setup Kali Linux on an AWS EC2 instance and connect to it via RDP.
Before going through this lab or doing any penetration testing in AWS, make sure you read the AWS Customer Support Policy for Penetration Testing.
Remember to clean up the created resources from your AWS account after this lab.
-
AWS CLI installed and configured with proper credentials.
-
An RDP client installed.
-
A subscription to the Kali Linux official AWS AMI on the AWS Marketplace (search for "Kali Linux").
-
Go to the product subscription page in the AWS Marketplace and find the AMI ID. Save it for later.
-
copy the example instance configuration:
cp instance.example.json instance.json
-
edit the
instance.json
file to add the property:
ImageId
: the Kali AMI ID (from Pre-requisites)- also remove the
DryRun
property
-
set environment variables for the scripts:
export SECURITY_GROUP_ALLOWED_CIDR="$(curl --silent checkip.amazonaws.com)/32" export SECURITY_GROUP_NAME="kali-lab" export SECURITY_GROUP_DESCRIPTION="Allow SSH and RDP traffic" export KEY_NAME="kali"
-
create a security group:
./create-security-group
-
create a key pair:
./create-key-pair
-
create an EC2 instance:
./create-instance
-
find the instance ip:
export INSTANCE_IP=$(./get-instance-ip)
-
connect to the instance via SSH:
./kali-ssh "${INSTANCE_IP}"
-
install a kali metapackage to get some tools:
sudo apt install --yes kali-linux-headless
-
run the commands listed in rdp-setup.md
-
connect via RDP client through the public ip with the username and password created in the previous step
Set up some vulnerable infrastructure to test against !
Check out, for example, AWSGoat.
Go to the AWS console and delete the resources created during the lab:
- EC2 instance
- SSH key pair
- Security group
Andre Silva - @andreswebs
This project is licensed under the Unlicense.
https://aws.amazon.com/security/penetration-testing/
https://docs.aws.amazon.com/cli/latest/
https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-skeleton.html
https://www.onemarcfifty.com/blog/video/How-to-build-Kali-Linux-from-Debian/
https://www.kali.org/docs/cloud/aws/