AndreaGhizzoni/kali-on-raspberrypi.md

## kali-on-raspberrypi.md

      
    Raw
  

              kali-on-raspberrypi.md
            
          
    Customizing Kali for raspberrypi

Setup Headless

Sources here and here
Download .img file

Mount .img as loopback

The problem is that the .img files are not images of a partition, but of a whole disk.
That means they start with a bootloader and a partition table. You have to find out the offset of the partition and mount it with the offset option of mount. If you do a:
cd /path/to/image
fdisk -l kali-raspberrypi.img
it will show you the block-size and the start-block of the partition. You can use that to calculate the offset.
For example, the output of the fdisk command is:
Disk kali-raspberrypi.img: 1.7 GiB, 1854590976 bytes, 3622248 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x11eccc69

Device                Boot Start     End Sectors  Size Id Type
kali-raspberrypi.img1       8192   93813   85622 41.8M  c W95 FAT32 (LBA)
kali-raspberrypi.img2      94208 3622247 3528040  1.7G 83 Linux
.img1 is the boot partition and .img2 is main volume.
To mount each image you need to calculate the offset in block size: in this case the block-size is 512 bytes, so the offset for .img1 is 512 * 8192 = 4194304 and for img2 is 512 * 94208 = 48234496.
Warning: You can not mount the two images at the same time.
Now  the mount commands would be:
sudo mount -t auto -o loop,offset=4194304 kali-raspberrypi.img /mnt/boot
sudo mount -t auto -o loop,offset=48234496 kali-raspberrypi.img /mnt/data
Network configuration

Now you have to mount the data partition of image with:
sudo mount -t auto -o loop,offset=48234496 kali-raspberrypi.img /mnt/data
Then navigate into mounting point:
cd /mnt/data
Important: Unmount the data partition once done with the following sections:
cd /mnt
sudo umount data
Enabling wlan0

Navigate in:
cd etc/network
And edit interface file by adding something similar to:
auto wlan0
allow-hotplug wlan0
iface wlan0 inet dhcp
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp

Configure wireless network

To configure wlan0 to connect to your wireless network navigate through:
cd etc/wpa_supplicant/
and add to wpa_supplicant.conf the following lines:
# home wifi network settings
network={
    id_str="home"
    ssid="<your-network-ssid-name>"
    scan_ssid=1
    psk="<your-network-password>"
    proto=RSN
    key_mgmt=WPA-PSK
    pairwise=CCMP
    auth_alg=OPEN
}

The wpa_supplicant.conf file can have multiple network={ entries too, I used to take my pi to work... plug it in and voila, it connected automagically there too, work's configuration was a bit more convoluted though. Included here as an example, add/replace the following in the wpa_supplicant.conf file:
network={
    ssid="THE_OFFICE"
    scan_ssid=1
    key_mgmt=WPA-EAP
    eap=PEAP
    identity="WORK_USERNAME"
    password="WORK_PASSWORD"
    phase1="peaplabel=0"
    phase2="auth=MSCHAPV2"
    id_str="SOME_DESCRIPTIVE_NAME"
}

Write .img to SD card

With the following command you can find out which device is associated with the SD card:
lsblk
Assuming that the device is /dev/sdc you can now write the image into the SD card:
cd /path/to/image
sudo dd bs=4M if=kali-raspberrypi.img of=/dev/sdc
Warning: Device can change in /dev/sdcN or something similar depending of your system. I recommend to check the connected device again with lsblk.
Access to Kali

By default kali has a root user with password toor and ssh enable for root login.
So after a minute or two after booting your raspberrypi with prevo you should log into kali via ssh:
ssh root@some-ip
Where some-ip is the ip address given to raspberry by DHCP. To figure that out just run nmap to list all IP for device running with port 22 open:
sudo nmap -p22 -sV 192.168.1.0/24
Post install

Change root password

Using passwd to change the default toor password for root
Update

$ apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y
if resolving some mirrors fails

$ nano /etc/resolv.conf
and add:
nameserver 8.8.8.8

Every time you reboot, that file will be reset, so make it immutable:
$ chattr +i /etc/resolv.conf
Install essentials

$ apt-get install -y build-essential vim screen tmux tshark tcpdump git stunnel python-dev
$ wget https://bootstrap.pypa.io/get-pip.py && python get-pip.py
and check
$ which pip
/usr/local/bin/pip
Installing avahi-daemon

$ apt-get install -y avahi-daemon
Then to change the host name which avahi-daemon will respond just edit /etc/avahi/avahi-daemon.conf
...
[server]
host-name=myPc
...
Then
$ systemctl enable avahi-daemon
installing LXDE

$ apt-get install lxde-core lxde kali-defaults desktop-base
Create default user

$ adduser myUser
$ adduser myUser sudo
and check if /bin/bash is /etc/passwd with:
$ cat /etc/passwd | grep myUser
myUser:x:1000:1000::/home/myUser:/bin/bash
Remove root login via ssh

Modify /etc/ssh/sshd_config and set:
PermitRootLogin no
Then
$ service ssh reload

Change hostname

In order to change the host name from kali to myRasp change just edit and replace all name kali with myRasp:
$ nano /etc/hostname
$ nano /etc/hosts
It's important to reboot!
X11 Forwarding:


Linux
Windows

Add Kali Metapackages

Here there is a full list of metapackages available for any case.
Utilities

installing custom shared libraries

edit /etc/ld.so.conf by adding at the end the path of shared libraries:
/path/to/custom/share/libraries
then run and check if path previously inserted is listed:
$ ldconfig -v
run gparted without sudo

gparted-pkexec
Raspberry Pi wifi module DO NOT support promiscuous mode

You need to use an external wifi card.