General security

Integrate WHONIX with Kali Linux to achieve anonymity

Irfan Shakeel
January 17, 2017 by
Irfan Shakeel

How to become anonymous is the most common question that everybody asks on the internet. There could be many reasons to be an anonymous user; you are a journalist, and you want to get in touch with a whistleblower, or maybe you just care about your privacy. Cyber security professionals want anonymity for black-box testing and many other purposes. Regardless the reason, the objective is to be anonymous.

You might have already heard many ways for example; using the VPN, or TOR browser for that matter. However, all of them have some weaknesses, and if exploited you will be getting caught. In this article, we will discuss the anonymous operating system called WHONIX and how to integrate it with Kali Linux?

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

What is Whonix and how it is different from the TOR browser?

According to Wikipedia:

"Whonix is a Debian GNU/Linux-based security-focused Linux distribution. It aims to provide privacy, security, and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway," running Debian GNU/Linux. All communications are forced through the Tor network to accomplish this."

The architecture is based on two VMs:

  • Workstation
  • Gateway

The gateway is responsible for directing the traffic through TOR network, so we can replace the workstation (which is the OS of Whonix) with Kali Linux, and thus all the traffic will route through the WHONIX gateway instead of your own ISP gateway (the ISP will see the encrypted traffic only).

Image source

In the above picture you can see that the host machine hosts two VMs, one is the actual workstation (browser, and other desktop apps) while the other one is the internet gateway. The workstation is in the isolated condition, and it does not even know the real IP of the host (it will be installed on the VirtualBox, and it can only communicate to the world through its gateway which is encrypted and uses TOR network). Thus, DNS leaks are also impossible, and not even malware with root privileges can find out the user's real IP.

Let's replace the Whonix Workstation with Kali Linux and connect it with the gateway to make it anonymous. Things you need:

Step 1: Import the WHONIX gateway

Click on File → Import appliance → Browse the WHONIX gateway → Next → Import → Accept

Once you have imported, start the newly imported gateway and wait till it loads all the components. Now, read the terms and go next:

On the next screen, check "I am ready to enable TOR" and then click next. Allow it to install the updates from WHONIX team automatically and then go next. Check the "Whonix stable repository" and then go to the next.

Finish the setup and wait till it loads the TOR network.

Once you see the pop-up that it connected to TOR, click on the reload TOR button available on the desktop to get a new identity. Every time you load, you will get a new identity.

You are done here. Now, it's time to configure the workstation (Kali Linux). We will be using the highlighted non-loopback address as a system IP.

Create a new virtual machine, select the appropriate version.

Assign the memory size, 1024 is good. Create the virtual hard disk, select VDI and then go to the next step. Dynamically allocated size is fair enough, considering you have sufficient space on your drive, let's start with 10GB. After creating the VM, click on Settings → System → Processor → Enable PAE/NX

Click on Network → Enable Network Adaptor → Attached to Internal network → Whonix

The Kali Linux will able to connect to the internet using the Whonix Gateway only. Click on Storage → Empty → Browse the Kali ISO image which you have downloaded → Click OK

Start the newly setup Kali VM. And click to install you can also see the live view if you want.

Provide the basic information and let it load all the components, the DHCP will not load itself because it is not directly connected to the internet.

Click on the continue button →Configure network manually → use the IP address which you have noted in the Whonix Gateway (highlighted above).

Click on the continue; it will automatically assign the netmask; it will also detect the gateway IP. Now, the DHCP will go smoothly. Provide the rest of the information and then finish the setup.

This is it. You have successfully connected the Kali Linux with the Whonix Gateway; start the machine, it will automatically direct the traffic through TOR network.

To understand how does TOR work and how it is different than VPN? I recommend you to take the "Journey to the Anonymity on the Internet" program. Moreover, here is the video demonstration of the same.

This is how you replace the Whonix Workstation with the Kali Linux; you can anonymously conduct all your pentesting now.

Irfan Shakeel
Irfan Shakeel

Irfan Shakeel is the founder & CEO of ehacking.net An engineer, penetration tester and a security researcher. He specializes in Network, VoIP Penetration testing and digital forensics. He is the author of the book title “Hacking from Scratch”. He loves to provide training and consultancy services, and working as an independent security researcher.