Kali Linux, a leading distribution created explicitly for cybersecurity professionals and ethical hackers, has rolled out its final update for the year 2024. Version 2024.4 brings a plethora of new tools, enhancements, and changes that are essential for penetration testing, ethical hacking, and other cybersecurity tasks. This release not only introduces fourteen new tools but also marks significant developments like increased Raspberry Pi support and the adoption of a new default Python version. The cessation of i386 builds is another notable change, reflecting broader industry trends. Here’s an in-depth look at what’s new in Kali Linux 2024.4 and instructions on how to upgrade to the latest version.
1. Fourteen New Tools
The core of any Kali Linux release lies in the new tools it brings to the table and Kali 2024.4 includes fourteen fresh utilities that are set to enhance the capabilities of its users. Some standout additions are bloodyad, an Active Directory privilege escalation framework, and certi, which helps in asking for certificates from ADCS and discovering templates. Another notable tool is chainsaw, designed for rapid searches and hunts through Windows forensic artifacts. The new hexwalk tool offers an advanced hex analyzer, editor, and viewer, while mssqlpwner is crafted to interact and exploit MSSQL servers effectively. Not to be overlooked is linkedin2username, which generates username lists for companies on LinkedIn, providing significant help in reconnaissance.
The inclusion of proximoth, a control frame attack vulnerability detection tool, and python-pipx, which executes binaries from Python packages in isolated environments, showcases the broad range of tasks these new tools can handle. SARA, a RouterOS Security Inspector, adds to this diverse set of utilities by testing for security vulnerabilities specific to RouterOS devices. Moreover, the web-cache-vulnerability-scanner, a CLI tool based on Go, assists in detecting web cache poisoning. The release also includes xsrfprobe, an advanced CSRF/XSRF audit and exploitation toolkit, alongside zenmap, which is now the default front end for the Network Mapper (nmap). Users will find these tools incredibly useful for a variety of cybersecurity projects.
2. The End of the i386 Kernel and Images
A significant shift with Kali Linux 2024.4 is the discontinuation of i386 images. Following Debian’s decision to cease support for 32-bit builds this past October, Kali Linux aligned with this change, marking the end of i386 kernel and OS images. While this transition signifies a substantial departure from longstanding practices, it’s important to note that 32-bit programs can still run on x86-64 images. This means that although new i386 releases will no longer be created, users can continue running 32-bit programs by leveraging the package manager or utilizing i386 Docker images.
Despite this architecture becoming obsolete, support for i386 persisted for years in multiple software realms. However, the discontinuation by major Linux distributions like Fedora and Ubuntu set a precedent back in 2019, culminating in this year’s update. While the immediate result is the cessation of i386 kernel and image releases, the repository still retains i386 packages, providing avenues for users to run older programs. As explained by the Kali Team, users can install i386 packages on an amd64 system directly via APT or through i386 Docker images, ensuring ongoing functionality despite the broader industry move away from 32-bit.
3. New Default Python Version 3.12
Kali Linux 2024.4 also introduces Python version 3.12 as the new default interpreter, ending the practice of installing packages via the pip command by default. This follows the Kali Team’s announcement in July 2023, where they highlighted the complications that could arise from running pip as root to install system-wide packages. This practice severely conflicts with the built-in package managers of various distros, like apt. With the release of Python 3.12, installing third-party packages via pip has been strongly discouraged and now disallowed by default.
Recognizing the need for alternatives, the Kali Team has introduced the pipx command as a recommended replacement for pip. This command facilitates the execution of binaries from Python packages within isolated environments, safeguarding system stability. Those who require pip functionalities can consult the comprehensive instructions provided by the Kali Team for transitioning to pipx. These changes are part of a broader effort to mitigate conflicts and enhance compatibility across Linux distributions, signifying another step towards streamlined package management and system operations within Kali Linux.
4. SSH DSA Keys are Now Deprecated
The release of Kali Linux 2024.4 comes with OpenSSH version 9.8p1, bringing with it the deprecation of SSH DSA keys. This marks another significant evolution in how the distribution handles secure shell keys. For users and organizations relying on older keys for compatibility with legacy systems, the inclusion of an SS# client offers a temporary reprieve. The SS# client, essentially frozen at version 7.5, allows continued support for these older systems, albeit with an important caveat: tools that do not recognize the ss# command may face issues when executing tasks requiring DSA keys.
The Kali Team advises that users targeting very old SSH servers might need to use the SS# client directly from the command line. However, the indirect usage through tools that rely on SSH might encounter compatibility issues. This transition underscores the importance of updating key types and ensuring system compatibility with newer versions. Users facing challenges with this new setup are encouraged to reach out for support through Kali’s Discord server or bug tracker, highlighting the collaborative effort to navigate these updates effectively and maintain security across diverse systems.
5. Increased Raspberry Pi Imager Support
In its latest iteration, Kali Linux significantly enhances support for the Raspberry Pi Imager, introducing features that simplify the pre-configuration process before writing images to microSD cards. This upgrade allows users to customize settings such as hostnames, login credentials, SSH keys, Wi-Fi configurations, and locale settings, streamlining the deployment of Kali Linux on Raspberry Pi devices. The ability to pre-configure these settings saves valuable time and effort for users, ensuring the image is ready for immediate use upon booting.
This enhancement makes Raspberry Pi a more robust and flexible option for diverse projects, cementing its role as a versatile tool in the cybersecurity field. With greater support for the Raspberry Pi Imager, users can more easily integrate Kali Linux into their workflows, leveraging the portability and power of Raspberry Pi devices. This development aligns with the growing trend of using compact, efficient systems for various tasks—from educational purposes to professional cybersecurity applications, thereby broadening the scope and usability of Kali Linux.
6. Desktop Changes
Kali Linux 2024.4 introduces several significant changes to its desktop environment, beginning with the adoption of the Gnome 47 desktop. This upgrade is accompanied by increased support for color customization, enabling users to select their preferred accent colors for window and shell widgets. This addition offers greater control over the appearance of the desktop environment, aligning with the trend towards more personalized user experiences. The new system-monitor panel extension further enhances usability by providing real-time insights into system performance and resources.
The update also features a fresh login theme, enhancing the aesthetic appeal and user experience from the moment the system boots up. The integration of these desktop changes demonstrates Kali’s commitment to combining functionality with visual customization, ensuring a more engaging and efficient workspace. As users transition to this new version, they can expect a more refined desktop experience, supported by substantial back-end improvements. The combination of aesthetic enhancements and practical tools embedded within the desktop environment aims to provide a comprehensive and user-centric approach to cybersecurity operations.
7. Add Kali Repository
To begin the upgrade process to Kali Linux 2024.4, the first step involves adding the Kali repository. You can do this by executing the following command: echo "deb https://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" | sudo tee /etc/apt/sources.list. This command will update the sources list to include the Kali rolling repository, ensuring that your system is pointed to the correct source for the latest updates. This step is crucial as it prepares your system to receive the new updates and packages associated with the 2024.4 release.
Once the repository has been added, your system will be able to access the latest versions of all the tools and components that come with Kali Linux 2024.4. This ensures that your installation can benefit from the newest features, tools, and security enhancements available. Properly adding the repository is a fundamental step in aligning your system with the latest advancements from the Kali development team. It sets the groundwork for a seamless upgrade process that incorporates all the new and improved offerings of this final release for 2024.
8. Update and Upgrade System
After adding the repository, the next step is to update and upgrade your system packages. This can be done using the command: sudo apt update && sudo apt -y full-upgrade. This command will update the list of available packages and their versions, and then install newer versions of the packages you have. The -y flag automatically answers “yes” to any prompts during the upgrade process, ensuring a smooth and uninterrupted update. This step is vital as it brings all installed packages to their latest versions and integrates the newly added repository’s offerings.
Performing a full upgrade is essential to benefit from all the new tools and enhancements introduced in Kali Linux 2024.4. It encompasses not only the core operating system updates but also updates to all the installed tools and utilities, ensuring that your system is operating at peak performance with the most recent security patches. This comprehensive upgrade process ensures that your environment remains robust, secure, and equipped with the latest functionalities critical for conducting effective cybersecurity tasks. Keeping your system updated is a best practice that enhances stability and security.
9. Copy Default Configuration Files
Once your system is updated, the next step is to copy the default configuration files to your home directory. This can be done using the command: cp -vrbi /etc/skel/. ~/. This command recursively copies the contents of the /etc/skel/ directory into your home directory, preserving attributes and maintaining a record of changes as backups. Ensuring that the home directory contains the latest default configuration settings aligns your user environment with the system’s updated state, providing a seamless user experience with the new version’s features and layout.
The default configuration files play a crucial role in standardizing the user environment, especially after significant updates. They help in managing system settings, providing a consistent and predictable baseline from which users can start customizing their environment. By copying these files, you ensure that all users on the system have access to the latest default settings, thereby minimizing the risk of conflicts or inconsistencies. This step is particularly important when upgrading to a new version as it harmonizes user environments with the system-wide changes, facilitating smoother operations and transition.
10. Reboot if Required
Following the system update and configuration file copy, it is essential to check if a reboot is necessary to complete the upgrade. You can determine this using the command: [ -f /var/run/reboot-required ] && sudo reboot -f. This command checks for the presence of the reboot-required file, which indicates whether a reboot is needed to apply critical updates, particularly those affecting the kernel and other core components. If the file exists, the && sudo reboot -f part of the command forces a system reboot to finalize the installation of updates.
Rebooting ensures that all changes take effect, especially those that modify integral system components. A reboot is often required after significant updates to ensure that the new kernel, drivers, and other critical updates are fully integrated. It’s a crucial step in maintaining system stability and performance, ensuring that your Kali Linux environment runs smoothly with the latest enhancements. Neglecting to reboot can lead to inconsistencies or partial application of updates, so it is vital to complete this step as part of the upgrade process to fully realize the benefits of the new version.
11. Check WSL Version (if Applicable)
For those running Kali Linux on the Windows Subsystem for Linux (WSL), it’s important to check and, if necessary, upgrade to WSL2 for the best experience. You can check the WSL version used by Kali with the command: wsl -l -v. This command lists all the installed WSL distributions and their corresponding versions. Ensuring that you are on WSL2 can significantly enhance performance, including compatibility with graphical applications and improved overall efficiency. WSL2 introduces a real Linux kernel running in a lightweight virtual machine, providing a more seamless and integrated experience.
Upgrading to WSL2 ensures that users benefit from advanced features and optimizations, bridging the gap between Windows and Linux in a more efficient manner. It facilitates a smoother workflow for cybersecurity professionals who use Kali for penetration testing and other tasks within a Windows environment. Ensuring that your WSL deployment is up-to-date and optimized is a key step in leveraging the full potential of Kali Linux’s capabilities on a Windows system. Keeping WSL updated aligns with best practices for maintaining a stable and versatile environment that supports advanced cybersecurity operations.
12. Verify Upgrade
Kali Linux, the prominent distribution tailored for cybersecurity experts and ethical hackers, has launched its final update for 2024. The 2024.4 version delivers a wide array of new tools, improvements, and modifications essential for penetration testing, ethical hacking, and various other cybersecurity activities. This latest release introduces fourteen new tools and showcases significant upgrades, such as enhanced support for Raspberry Pi and the introduction of a new default Python version. Additionally, the discontinuation of i386 builds reflects current industry trends. This update signals a shift toward more modern and efficient architectures, mirroring the broader tech world. Below, we delve into the latest features in Kali Linux 2024.4 and provide guidance on upgrading to this cutting-edge version to take full advantage of its new capabilities.
