Kali Linux 2021.3 was released yesterday by Offensive Security and includes a new set of tools, improved virtualization support, and a new OpenSSL configuration that increases the attack surface.
Kali Linux is a Linux distribution designed for cybersecurity professionals and ethical hackers to perform penetration testing and security audits.
- OpenSSL - Wide compatibility by default
- New Kali-Tools site - Kali-Tools has had a complete refresh
- Better VM support in the Live image session - Copy & paste and drag & drop from your machine into a Kali VM by default
- New tools - From adversary emulation, to subdomain takeover to Wi-Fi attacks
- Kali NetHunter smartwatch - first of its kind, for TicHunter Pro
- KDE 5.21 - Plasma desktop received a version bump
OpenSSL: All legacy protocols enabled
Many Linux distributions disable older insecure protocols in OpenSSL, such as TLS 1.0 and TLS 1.1, to secure devices and websites properly.
However, as Kali Linux is a penetration test distribution, it makes more sense to enable all protocols so that you can target all systems, even older devices using insecure protocols.
With this release, Offensive Security is configuring OpenSSL for wide compatibility, which means that they are enabling older ciphers and insecure protocols to increase the attack surface.
Increased virtualization support
The Kali Live image gained increased support for running in virtualized environments such as VMware, VirtualBox, Hyper-V, and QEMU+Spice.
Offensive Security states that you can now use the Live image in a virtualized environment and automatically get copy and paste and drop and drop functionality without the need to install guest additions or other guest software.
In BleepingComputer's tests running the Kali Linux 2021.3 Live build in the latest version of VirtualBox on Windows, resizing the display and copy and paste worked out of the box.
However, we could not get the drag and drop feature to work.
New tools added in Kali Linux 2021.3
It wouldn't be a new Kali Linux version without some new tools and utilities, which are listed below:
- Berate_ap - Orchestrating MANA rogue Wi-Fi Access Points
- CALDERA - Scalable automated adversary emulation platform
- EAPHammer - Targeted evil twin attacks against WPA2-Enterprise Wi-Fi networks
- HostHunter - Recon tool for discovering hostnames using OSINT techniques
- RouterKeygenPC - Generate default WPA/WEP Wi-Fi keys
- Subjack - Subdomain takeover
- WPA_Sycophant - Evil client portion of EAP relay attack
Revamped Kali-Tools site
Offensive Security has revamped the Kali-Tools site with a design refresh and speed improvements. In addition, OffSec hopes to make this documentation repository available offline soon.
Enhanced ARM support
The Kali Linux team continues to improve support for ARM devices with the following changes:
- Our Kali ARM build-scripts have been re-worked.
- Thanks to @cyrus104, we now have a build-script to support the Gateworks Newport board, and he also added documentation for it.
- @Re4son contributed a build-script for the Raspberry Pi Zero W based “Pi-Tail” (Find more information here).
- Additionally, the RaspberryPi Zero W based “P4wnP1” build-script has undergone some major changes.
- All images should finally resize the file-system on the first boot.
- We now re-generate the default snakeoil cert, which fixes a couple of tools that were failing to run previously.
- Images default to
iptables-legacyandip6tables-legacyfor iptables support. - We now set a default locale of
en_US.UTF-8on all images, you can, of course, change this to your preferred locale. - The Kali user on ARM images is now in all of the same groups as base images by default, and uses zsh for the default shell. You can change your default shell by using the
kali-tweakstool which also comes pre-installed. - Raspberry Pi images can now use a
wpa_supplicant.conffile on the/bootpartition. - Raspberry Pi images now come with
kalipi-config, andkalipi-tft-configpre-installed. - Pinebook Pro’s kernel has been updated to 5.14, and you now get messages on the LCD screen as it’s booting, instead of a blinking cursor until X starts.
How to get Kali Linux 2021.3
To start using Kali Linux 2021.3, you can upgrade your existing installation or download ISO images for new installs and live distributions.
For those updating from a previous version, including installs on the Windows Subsystem for Linux (WSL), you can use the following commands to upgrade to the latest version.
echo "deb http://http.kali.org/kali kali-rolling main non-free contrib" | sudo tee /etc/apt/sources.list
sudo apt update && sudo apt -y full-upgrade
cp -i /etc/skel/.bashrc ~/
cp -i /etc/skel/.zshrc ~/
chsh -s /bin/zsh
[ -f /var/run/reboot-required ] && sudo reboot -fOnce you are done upgrading, you can if the upgrade to Kali Linux 2021.3 was successful by using the following command:
grep VERSION /etc/os-releaseA full changelog for Kali 2021.3 can be found at Kali's website.
