Post

Kali Virtual Machine Setup

Posted Updated
By finavi
2 min read
Kali Virtual Machine Setup

This is an ongoing section. You will find guidance on setting up a Kali Virtual Machine for the purpose of CTF and similar activities.

I use a well-defined structure to make it easier to organize during a CTF. First, to take notes I use tools such as:

  1. Flameshot
  2. Cherrytree

Customizations to .zshrc

With the goal of making some procedures faster, I customized the .zshrc file to create shortcut commands.

Prepare

This function creates the main folder where to take notes, files, and other resources for ctf resolution. Also, using Cherrytree, I copy the template1 I usually use with the name of the CTF.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

prepare() {
    if [ -z "$1" ]; then
        echo "Usage: prepare <CTF_NAME> [TARGET_IP]"
        return 1
    fi

    CTF_NAME="$1"
    TARGET_IP="$2"

    # Creazione della cartella e delle sottocartelle
    mkdir -p "$CTF_NAME"/{nmap,hash,file,exploit}
    
    # Creazione dei file
    touch "$CTF_NAME"/users.txt "$CTF_NAME"/target.txt

    # Se è stato fornito un IP, scriverlo nel file target.txt
    if [ -n "$TARGET_IP" ]; then
        echo "$TARGET_IP" > "$CTF_NAME/target.txt"
    fi

    # Copia del template
    TEMPLATE_PATH="/home/kali/Htb/OSCP_Template.ctb"
    TARGET_FILE="$CTF_NAME/$CTF_NAME.ctb"

    if [ -f "$TEMPLATE_PATH" ]; then
        cp "$TEMPLATE_PATH" "$TARGET_FILE"
    else
        echo "Template file not found at $TEMPLATE_PATH!"
    fi

    echo "CTF '$CTF_NAME' setup complete!"
}

Pywebsrv

This function abbreviates in a nutshell the command to create a temporary web server using python.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

pywebsrv() {
    if [ -z "$1" ]; then
        echo "Usage: pywebsrv <PORT>"
        return 1
    fi

    PORT="$1"

    if ! [[ "$PORT" =~ ^[0-9]+$ ]]; then
        echo "Error: PORT must be a number."
        return 1
    fi

    echo "Starting HTTP server on port $PORT..."
    python3 -m http.server "$PORT"
}

Johnrocks

This function is an alias for the john command and the use of the wordlist rockyou.txt

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

johnrocks() {
    if [ -z "$1" ]; then
        echo "Usage: johnrocks <FILENAME>"
        return 1
    fi

    FILENAME="$1"

    if [ ! -f "$FILENAME" ]; then
        echo "Error: File '$FILENAME' not found."
        return 1
    fi

    echo "Cracking passwords in '$FILENAME' using rockyou.txt..."
    john --rules --wordlist=/usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt "$FILENAME"
}

  1. Available here ↩︎

Cybersecurity, CTF
pentest ctf kali
This post is licensed under CC BY 4.0 by the author.

Trending Tags

pentest ctf gmob kali oscp