Skip to content

Instantly share code, notes, and snippets.

@flowchartsman

flowchartsman/kali_osx_persistence_wifi.md

Forked from widdowquinn/kali_osx_persistence_wifi.md
Last active June 14, 2023 13:00
Show Gist options
  • Star 20 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save flowchartsman/994f545b4db4fb91ae6b8f4b77e54dff to your computer and use it in GitHub Desktop.
Save flowchartsman/994f545b4db4fb91ae6b8f4b77e54dff to your computer and use it in GitHub Desktop.
Download ZIP
Kali Linux Live USB with encrypted persistence and wireless on Macbook Pro/Air without networking.
Raw
kali_osx_persistence_wifi.md

Kali Linux Bootable USB with Persistence and Wireless on OSX

Tutorials for running live Kali on OSX often require you have networking on your laptop to apt install the drivers, but without an ethernet adapter you're not going to be able to do that, so this tutorial will cover a method of doing this manually, using another thumbdrive or external data source.

Download the appropriate Kali Linux .iso

I used a 64 bit .iso image, downloaded via HTTP.

Download the SHA256SUMS and SHA256SUMS.gpg files from the same location.

Check the hash

Check that the hashes were not tampered with. First, get the Kali GPG public key, and verify the fingerprint:

$ wget -q -O - https://www.kali.org/archive-key.asc | gpg --import
$ gpg --fingerprint 7D8D0BF6
pub   rsa4096 2012-03-05 [SC] [expires: 2018-02-02]
      44C6 513A 8E4F B3D3 0875  F758 ED44 4FF0 7D8D 0BF6
uid           [ unknown] Kali Linux Repository <devel@kali.org>
sub   rsa4096 2012-03-05 [E] [expires: 2018-02-02]
$ gpg --verify SHA256SUMS.gpg SHA256SUMS
gpg: Signature made Sun 12 Nov 03:47:29 2017 GMT
gpg:                using RSA key 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6
gpg: Good signature from "Kali Linux Repository <devel@kali.org>" [unknown]

Compare the SHA256 hash with that reported in SHASUMS:

$ cat SHA256SUMS
16123b76a6d4fc3ed72aef508bee9542462f2d1d5376acd1fcc3369ad337a505  kali-linux-2017-W46-amd64.iso
$ shasum -a 256 kali-linux-2017-W46-amd64.iso
16123b76a6d4fc3ed72aef508bee9542462f2d1d5376acd1fcc3369ad337a505  kali-linux-2017-W46-amd64.iso

Create the USB disk

Identify your external USB with diskutil - the disk ID (disk2, disk3 etc is represented as <DISK> below):

$ diskutil list

If necessary, prep the external USB with diskutil to get a single partition:

$ diskutil eraseDisk FAT32 KALI /dev/<DISK>

Unmount the volume in DIsk Utility, or at the command-line:

$ diskutil unmountDisk /dev/<DISK>

Then use dd to make a bootable image on the USB. Use pv to track progress if you have it installed:

$ pv -tpreb <path to downloaded .iso> | sudo dd of=/dev/<DISK> bs=1m
$ diskutil unmountDisk /dev/<DISK>

If you don't have pv:

$ sudo dd if=<path to downloaded .iso> of=/dev/<DISK> bs=1m
$ diskutil unmountDisk /dev/<DISK>

Boot into Kali Linux

  • Restart the Mac
  • Hold down the Option key when you hear the chime
  • Select EFI as the startup disk
  • Select Live system (encrypted persistence)

Create a new persistent encrypted partition

  • Open the terminal
$ parted -l
# ... other drives listed...

Model: <Your flash drive here>
Disk: <DEVICE_PATH>
# ... other information...

$ parted <DEVICE_PATH>
(parted) print free

There should be a single large block without a number on the last line representing the remaining free space on your drive. On mine, it looks like this:

Number  Start   End      Size     Type     File system  Flags
        0.03MB  0.03MB   0.00MB            Free Space
 1      0.03MB  2936MB   2936MB   primary               boot, hidden
 2      2936MB  2937MB   0.72MB   primary
        2937MB  64173MB  6123MB            Free Space

You want to use the start of this final block of free space as the basis of your new partition:

(parted) mkpart primary 2937MB 100%
(parted) quit
Information: You may need to update /etc/fstab

We can verify this completed and get our partition device path for the next step by doing the following:

$ fdisk -l
# ... other drives listed ...
Device          Boot   Start       End   Sectors  Size Id Type
<DEVICE_PATH>1  *         64   5734399   5734336  2.8G 17 Hidden HPFS/NTFS
<DEVICE_PATH>2       5734400   5735807      1408  704K 1  FAT12
<DEVICE_PATH>3       5736448 125337599 119601152   57G 83 Linux

The last, largest partition is what we want, (something like /dev/sdb3) now we can create the encrypted container:

$ cryptsetup --verbose --verify-passphrase luksFormat <PARTITION_PATH>

WARNING!
========
This will overwrite data on <PARTITION_PATH> irrevocably.

Are you sure> (Type uppercase yes): YES
Enter passphrase for <PARTITION_PATH>: <strong password>
Verify passphrase: <same password>
Command successful.
$ cryptsetup luksOpen <PARTITION_PATH> my_usb
Enter passphrase for <PARTITION_PATH>: <same password>
$ mkfs.ext3 -L persistence /dev/mapper/my_usb
# ... loads of mke2fs output ...
Writing superblocks and filesystem accounting information:
# ... this can take a VERY long time, depending on the size and speed of your drive, be patient ...
done
$ e2label /dev/mapper/my_usb persistence
$ mkdir -p /mnt/my_usb
$ mount /dev/mapper/my_usb /mnt/my_usb
$ echo "/ union" > /mnt/my_usb/persistence.conf
$ umount /dev/mapper/my_usb
$ cryptsetup luksClose /dev/mapper/my_usb
$ reboot
  • Hold down the Option key when you hear the chime
  • Select EFI as the startup disk
  • Select Live system (encrypted persistence)
  • At some point, you will be prompted to enter your password from earlier by a prompt that says Please unlock disk <PARTITION_PATH> Depending on the model and boot order, the brightness might be very low and this might be difficult to see. If anyone has a fix for this, please let me know.

Install the wireless Drivers We will need to manually download these from their locations using the network, but since you don't have networking yet, we will extract the URLs to a text file and place them on a thumbdrive so we can reboot into OSX and download them.

  • Plug in a portable drive
  • It should come up under /media/root
  • We'll make a handy function to get package URLs, and echo these to a file.
$ cd /media/root/<THUMBDRIVE_NAME>
$ getpkgurl(){ apt-get download --print-uris $1 | cut -d\' -f2 >> deps.txt; }
$ KERNELF=$(uname -r |cut -d- -f-2)
$ ARCH=$(uname -r|cut -d- -f3)
$ KERNELM=$(uname -r |cut -d- -f1|cut -d. -f-2)
$ getpkgurl linux-headers-$KERNELF-common
$ getpkgurl linux-headers-$KERNELF-$ARCH
$ getpkgurl linux-kbuild-$KERNELM
$ getpkgurl linux-compiler-gcc-7-x86
$ getpkgurl dkms
$ getpkgurl broadcom-sta-dkms
$ reboot

You should now have a file called deps.txt on your second flash drive that will have the URLs to all of the packages you need to download.

  • reboot the machine into OSX
  • open the terminal
  • download dependencies like so:
$ cd /Volumes/<SECOND_THUMBDRIVE>
$ while read dep; do curl -LOs $dep; done < deps.txt
  • Restart the Mac
  • Hold down the Option key when you hear the chime
  • Select EFI as the startup disk
  • Select Live system (encrypted persistence)
  • Enter the password as before
  • Open a terminal and install the debs we downloaded manually:
$ cd /media/root/<THUMBDRIVE_NAME>
$ ARCH=$(uname -r|cut -d- -f3)
$ dpkg -i linux-kbuild*.deb
$ dpkg -i linux-compiler*.deb
$ dpkg -i linux-headers*common*.deb
$ dpkg -i linux-headers*$ARCH*.deb
$ dpkg -i dkms*.deb
$ dpkg -i broadcom-sta-dkms*.deb
$ modprobe -r b44 b43 b43legacy ssb brcmsmac bcma
$ modprobe wl
$ sed -i 's/managed=false/managed=true/g' /etc/NetworkManager/NetworkManager.conf
$ service network-manager restart

You're done!

@d4e5v8
Copy link

d4e5v8 commented Aug 31, 2018

That does NOT work.
diskutil eraseDisk FAT32 KALI /dev/ allocates ALL the remaining disk space to the ISO portion, there is NO remaining space.

@Knogobert
Copy link

Great write-up! As @d4e5v8 commented, I rather used dd as in the official manual. Another tip there is to use bs=8m instead of bs=1m to speed up the process a lot and press ctrl+t to check the current state.

I did run into some versioning problems though. I used the 4.17.0-kali1-amd64 kernel and needed to install a newer version of gcc-7 (7.3.0-29) which in turn depended upon several others listed below.

So to spare you some time, download these to your second USB thumbdrive together with the other packages as well and install them with the same method. dpkg -i gcc-7-base... etc.

@devops398
Copy link

@d4e5v8 @Knogobert
https://www.youtube.com/watch?v=mDRbTHCoj8U
checkout this video, it helped me

@sohanmanju
Copy link

When I'm trying to install the Wifi Packages, I get an error saying that they're not Debian Packages

@eon704
Copy link

eon704 commented Dec 13, 2019

Thank you! That worked!
With the only difference that I had to reboot the system in the end.

@schrammalama
Copy link

Hopefully this works, I'm on mkfs.ext3 -L persistence /dev/mapper/my_usb and 97 out of 901.

@schrammalama
Copy link

e2label: Bad magic number in super-block while trying to open /dev/mapper/my_usb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment