Kali Live Build
This repository will allow you to build a custom Kali ISO. The main benefit is to use it as a bootable USB drive.
From the Kali Website:
Our favorite way, and the fastest method, for getting up and running with Kali Linux is to run it “live” from a USB drive. This method has several advantages:
It’s non-destructive — it makes no changes to the host system’s hard drive or installed OS, and to go back to normal operations, you simply remove the “Kali Live” USB drive and restart the system.
It’s portable — you can carry Kali Linux in your pocket and have it running in minutes on an available system
It’s customizable — you can roll your own custom Kali Linux ISO image and put it onto a USB drive using the same procedures
It’s potentially persistent — with a bit of extra effort, you can configure your Kali Linux “live” USB drive to have persistent storage, so the data you collect is saved across reboots
Upstream:
Setup
Ideally, you should build your custom Kali ISO from within a pre-existing Kali environment. Using a lightweight or virtualised (VMware/VirtualBox) image is recommended.
As root:
apt-get install curl git live-build cdebootstrap
Customisations
I’m using a custom variant under the kali-config/variant-custom directory. This includes:
-
All of the packages from the default variant (
kali-config/variant-custom/package-lists/kali.list.chroot) -
Additional packages per my preferences (
kali-config/variant-custom/package-lists/custom.list.chroot) -
Customisation script (
kali-config/variant-custom/hooks/live/customise.chroot)
I’ve also customised timezone, keyboard layout and locale in:
Build
To build and make use of the custom variant:
cd kali-live-build ./build.sh --verbose --variant custom
When complete, the resulting ISO image can be found at images/kali-linux-custom-rolling-amd64.iso
Caching
If you’re likely to run multiple builds, it’s useful to route everything via a caching proxy e.g. Squid. This will significantly speed up subsequent runs.
Example squid.conf
cd kali-live-build apt-get install squid cp squid.conf /etc/squid/squid.conf /etc/init.d/squid start
Now you can run build.sh with the --apt-http-proxy parameter:
export http_proxy=http://localhost:3128/
./build.sh --verbose --variant custom -- \
--apt-http-proxy=${http_proxy}
Making a Bootable USB Drive
-
Read Live Build a Custom Kali ISO and heed the warning:
WarningAlthough the process of imaging Kali on a USB drive is very easy, you can just as easily overwrite a disk drive you didn’t intend to with ddif you do not understand what you are doing, or if you specify an incorrect output path. Double-check what you’re doing before you do it, it’ll be too late afterwards. -
I usually run the whole build process from a Kali instance running inside a VirtualBox VM. I can then mount the USB disk in the VM and safely write it with no risk.
Partitioning and persistence
After writing the ISO to the USB drive, you’ll see a partition scheme similar to the following:
root@kali:~$ fdisk -l /dev/sdb Disk /dev/sdb: 7.5 GiB, 8004304896 bytes, 15633408 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0xa966b446 Device Boot Start End Sectors Size Id Type /dev/sdb1 * 64 5952127 5952064 2.9G 17 Hidden HPFS/NTFS /dev/sdb2 5952128 5953535 1408 704K 1 FAT12
As this is an 8GB drive, there’s sufficient space left over for:
-
A FAT data partition of 1GB (useful if you want to access from mac or windows)
-
An encrypted persistence partition in the remaining space ~ 3.6GB
To partition the free space:
root@kali:~$ fdisk /dev/sdb
Welcome to fdisk (util-linux 2.31.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): n (1)
Partition type
p primary (2 primary, 0 extended, 2 free)
e extended (container for logical partitions)
Select (default p): p
Partition number (3,4, default 3): 3
First sector (5953536-15633407, default 5953536):
Last sector, +sectors or +size{K,M,G,T,P} (5953536-15633407, default 15633407): +1G
Created a new partition 3 of type 'Linux' and of size 1 GiB.
Command (m for help): t (2)
Partition number (1-3, default 3): 3
Hex code (type L to list all codes): b
Changed type of partition 'Linux' to 'W95 FAT32'.
Command (m for help): n (3)
Partition type
p primary (3 primary, 0 extended, 1 free)
e extended (container for logical partitions)
Select (default e): p
Selected partition 4
First sector (8050688-15633407, default 8050688):
Last sector, +sectors or +size{K,M,G,T,P} (8050688-15633407, default 15633407):
Created a new partition 4 of type 'Linux' and of size 3.6 GiB.
Command (m for help): p
Disk /dev/sdb: 7.5 GiB, 8004304896 bytes, 15633408 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xa966b446
Device Boot Start End Sectors Size Id Type
/dev/sdb1 * 64 5952127 5952064 2.9G 17 Hidden HPFS/NTFS
/dev/sdb2 5952128 5953535 1408 704K 1 FAT12
/dev/sdb3 5953536 8050687 2097152 1G b W95 FAT32
/dev/sdb4 8050688 15633407 7582720 3.6G 83 Linux
Command (m for help): w (4)
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
-
create new primary partition (data)
-
change partition type to FAT
-
create new primary partition (encrypted persistence)
-
save changes and write partition table
Formatting the shared partition
apt-get install dosfstools mkfs.fat /dev/sdb3
Setting up an encrypted persistence partition
The script live_usb_persistence.sh will setup everything as per Kali Linux Live USB Persistence
|
Warning
|
Read the script. Make sure the DEVICE variable is correct for your system
|