Пропускане към основното съдържание

Building Custom Kali ISOs


Kali Dojo 02 - Building Custom Kali ISOs using Live Build from Offensive Security on Vimeo.





Building Custom Kali ISOs One of the most powerful features of Kali Linux is the ability to create your own flavors of the distribution containing customized tools, desktop managers, and services. This workshop will show you how to create your own personalized Kali Linux ISO, customizing virtually every aspect using the live-build utility and making efficient use of the various meta-packages available in Kali. The Awesomeness of Live Build 0x00 – Begin by updating the repos, installing the prerequisites, and checking out a fresh version of live-build-config from the Kali Git repositories:
1. apt-get update
2. apt-get install git live-build cdebootstrap devscripts -y
3. git clone git://git.kali.org/live-build-config.git
4. cd live-build-config


0x01 – Overwrite the default Kali package list, including only the packages you want. In the video, we simply edited the list and changed a few package names.

cat > config/package-lists/kali.list.chroot << EOF
kali-root-login
kali-defaults
kali-menu
kali-debtags
kali-archive-keyring
debian-installer-launcher
alsa-tools
locales-all
dconf-tools
openssh-server
EOF



0x02 – Add a customised syslinux boot entry which includes a boot parameter for a custom preseed file.

cat << EOF > config/includes.binary/isolinux/install.cfg
label install
menu label ^Install Automated
linux /install/vmlinuz
initrd /install/initrd.gz
append vga=788 -- quiet file=/cdrom/install/preseed.cfg locale=en_US keymap=us hostname=kali domain=local.lan
EOF



0x03 – Customise the ISO build. In this example, we’ll have the SSH service start by default. To do this, we can use a chroot hook script which is placed in the “hooks” directory:

echo 'update-rc.d -f ssh enable' >> config/hooks/01-start-ssh.chroot
chmod +x config/hooks/01-start-ssh.chroot



0x04 – Next, we download a wallpaper and overlay it. Notoce how chroot overlayed files are placed in the includes.chroot directory.

mkdir -p config/includes.chroot/usr/share/wallpapers/kali/contents/images
wget http://1hdwallpapers.com/wallpapers/kali_linux.jpg
mv kali_linux.jpg config/includes.chroot/usr/share/wallpapers/kali/contents/images



0x05 – Add a preseed file that will run through a default Kali installation with no input (unattended). We can include a ready made preseed configuration and alter it as needed:

mkdir -p config/debian-installer
wget https://raw.githubusercontent.com/offensive-security/kali-linux-preseed/master/kali-linux-full-unattended.preseed -O config/debian-installer/preseed.cfg



0x06 – Let’s include a Nessus Debian package into the packages directory for inclusion into our final build. Since we used a 64 bit build, we’re including a 64 bit Nessus Debian package.Download the Nessus .deb file and place it in the packages.chroot directory:

mkdir config/packages
mv Nessus-*amd64.deb config/packages/



0x07 – Now you can proceed to build your ISO, this process may take a while depending on your hardware and internet speeds. Once completed, your ISO can be found in the live-build root directory.

lb build

For more live-build implementations, refer to the following:

http://www.offensive-security.com/kali-linux/kali-linux-recipes/
https://github.com/offensive-security/kali-linux-recipes
http://live.debian.net/manual/4.x/html/live-manual/toc.en.html


Коментари

Популярни публикации от този блог

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues).


For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all!
TL;DR: Quick copy/paste
1: CSRF=$(curl -s -c dvwa.cookie "192.168.1.44/DVWA/login.php" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1.44/DVWA/login.php…

List of TCP and UDP port numbers

This is a list of Internet socket port numbers used by protocols of the transport layer of the Internet Protocol Suite for the establishment of host-to-host connectivity. Originally, port numbers were used by the Network Control Program (NCP) in the ARPANET for which two ports were required for half-duplex transmission. Later, the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) needed only one port for full-duplex, bidirectional traffic. The even-numbered ports were not used, and this resulted in some even numbers in the well-known port number range being unassigned. The Stream Control Transmission Protocol (SCTP) and the Datagram Congestion Control Protocol (DCCP) also use port numbers. They usually use port numbers that match the services of the corresponding TCP or UDP implementation, if they exist. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses. However, many unoff…

Building_kernel_module_example