- Whonix Gateway - See Whonix website
- Chef provisioner - See installation instructions
This pentestrc will create and provision the kali instance with the Whonix Gateway (note: the whonix gateway must be started manually, it's address should be 10.152.152.10):
instances:
- kali
kali:
networks:
- private_network:
adapter: 2
virtualbox__intnet: Whonix
auto_config: false
chef:
recipes:
- pentest-env::whonix
- resolver
json:
pentest-env:
whonix:
interface: eth1
gateway: 10.152.152.10
address: 10.152.152.11
netmask: 255.255.192.0
resolver:
nameservers:
- 10.152.152.10
You can find this configuration file in examples/whonix.pentestrc.
Use it and run kali instance:
PENTESTRC=examples/whonix.pentestrc vagrant up kali
Once the virtual machine is created and provisioned, you can check you are routed to the Whonix gateway by:
- Checking Tor status
- Check routes
root@kali:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 0 0 0 eth1
10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.152.128.0 0.0.0.0 255.255.192.0 U 0 0 0 eth1
- Check interface
root@kali:~# cat /etc/network/interfaces.d/eth1
auto eth1
iface eth1 inet static
address 10.152.152.11
netmask 255.255.192.0
gateway 10.152.152.10
- Check nameserver
root@kali:~# cat /etc/resolv.conf
#
# This file is generated by Chef
# Do not edit, changes will be overwritten
#
nameserver 10.152.152.10