Last active
October 28, 2016 14:16
-
-
Save joubin/e454661f82f5f749b2f8 to your computer and use it in GitHub Desktop.
Modified rpi.sh file to aid with the building of the Kali image on Raspberry Pi 2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# This is the Raspberry Pi Kali ARM build script - http://www.kali.org/downloads | |
# A trusted Kali Linux image created by Offensive Security - http://www.offensive-security.com | |
if [[ $# -eq 0 ]] ; then | |
echo "Please pass version number, e.g. $0 1.0.1" | |
exit 0 | |
fi | |
basedir=`pwd`/rpi-$1 | |
# Package installations for various sections. | |
# This will build a minimal XFCE Kali system with the top 10 tools. | |
# This is the section to edit if you would like to add more packages. | |
# See http://www.kali.org/new/kali-linux-metapackages/ for meta packages you can | |
# use. You can also install packages, using just the package name, but keep in | |
# mind that not all packages work on ARM! If you specify one of those, the | |
# script will throw an error, but will still continue on, and create an unusable | |
# image, keep that in mind. | |
arm="abootimg cgpt fake-hwclock ntpdate vboot-utils vboot-kernel-utils uboot-mkimage" | |
base="kali-menu kali-defaults initramfs-tools sudo parted e2fsprogs usbutils" | |
desktop="xfce4 network-manager network-manager-gnome xserver-xorg-video-fbdev" | |
tools="passing-the-hash winexe aircrack-ng hydra john sqlmap wireshark libnfc-bin mfoc nmap ethtool usbutils" | |
services="openssh-server apache2" | |
extras="iceweasel wpasupplicant" | |
size=3000 # Size of image in megabytes | |
export packages="${arm} ${base} ${desktop} ${tools} ${services} ${extras}" | |
export architecture="armhf" | |
# If you have your own preferred mirrors, set them here. | |
# You may want to leave security.kali.org alone, but if you trust your local | |
# mirror, feel free to change this as well. | |
# After generating the rootfs, we set the sources.list to the default settings. | |
export mirror=http.kali.org | |
export security=security.kali.org | |
# Check to ensure that the architecture is set to ARMEL since the RPi is the | |
# only board that is armhf. | |
if [[ $architecture != "armhf" ]] ; then | |
echo "The Raspberry Pi cannot run the Debian armel binaries" | |
exit 0 | |
fi | |
# Set this to use an http proxy, like apt-cacher-ng, and uncomment further down | |
# to unset it. | |
#export http_proxy="http://localhost:3142/" | |
mkdir -p ${basedir} | |
cd ${basedir} | |
# create the rootfs - not much to modify here, except maybe the hostname. | |
debootstrap --foreign --arch $architecture kali kali-$architecture http://$mirror/kali | |
cp /usr/bin/qemu-arm-static kali-$architecture/usr/bin/ | |
LANG=C chroot kali-$architecture /debootstrap/debootstrap --second-stage | |
cat << EOF > kali-$architecture/etc/apt/sources.list | |
deb http://$mirror/kali kali main contrib non-free | |
deb http://$security/kali-security kali/updates main contrib non-free | |
EOF | |
# Set hostname | |
echo "kali" > kali-$architecture/etc/hostname | |
# So X doesn't complain, we add kali to hosts | |
cat << EOF > kali-$architecture/etc/hosts | |
127.0.0.1 kali localhost | |
::1 localhost ip6-localhost ip6-loopback | |
fe00::0 ip6-localnet | |
ff00::0 ip6-mcastprefix | |
ff02::1 ip6-allnodes | |
ff02::2 ip6-allrouters | |
EOF | |
cat << EOF > kali-$architecture/etc/network/interfaces | |
auto lo | |
iface lo inet loopback | |
auto eth0 | |
iface eth0 inet dhcp | |
EOF | |
cat << EOF > kali-$architecture/etc/resolv.conf | |
nameserver 8.8.8.8 | |
EOF | |
export MALLOC_CHECK_=0 # workaround for LP: #520465 | |
export LC_ALL=C | |
export DEBIAN_FRONTEND=noninteractive | |
mount -t proc proc kali-$architecture/proc | |
mount -o bind /dev/ kali-$architecture/dev/ | |
mount -o bind /dev/pts kali-$architecture/dev/pts | |
cat << EOF > kali-$architecture/debconf.set | |
console-common console-data/keymap/policy select Select keymap from full list | |
console-common console-data/keymap/full select en-latin1-nodeadkeys | |
EOF | |
cat << EOF > kali-$architecture/third-stage | |
#!/bin/bash | |
dpkg-divert --add --local --divert /usr/sbin/invoke-rc.d.chroot --rename /usr/sbin/invoke-rc.d | |
cp /bin/true /usr/sbin/invoke-rc.d | |
echo -e "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d | |
chmod +x /usr/sbin/policy-rc.d | |
apt-get update | |
apt-get install locales-all | |
debconf-set-selections /debconf.set | |
rm -f /debconf.set | |
apt-get update | |
apt-get -y install git-core binutils ca-certificates initramfs-tools uboot-mkimage | |
apt-get -y install locales console-common less nano git | |
echo "root:toor" | chpasswd | |
sed -i -e 's/KERNEL\!=\"eth\*|/KERNEL\!=\"/' /lib/udev/rules.d/75-persistent-net-generator.rules | |
rm -f /etc/udev/rules.d/70-persistent-net.rules | |
apt-get --yes --force-yes install $packages | |
update-rc.d ssh enable | |
rm -f /usr/sbin/policy-rc.d | |
rm -f /usr/sbin/invoke-rc.d | |
dpkg-divert --remove --rename /usr/sbin/invoke-rc.d | |
rm -f /third-stage | |
EOF | |
chmod +x kali-$architecture/third-stage | |
LANG=C chroot kali-$architecture /third-stage | |
cat << EOF > kali-$architecture/cleanup | |
#!/bin/bash | |
rm -rf /root/.bash_history | |
apt-get update | |
apt-get clean | |
rm -f /0 | |
rm -f /hs_err* | |
rm -f cleanup | |
rm -f /usr/bin/qemu* | |
EOF | |
chmod +x kali-$architecture/cleanup | |
LANG=C chroot kali-$architecture /cleanup | |
umount kali-$architecture/proc/sys/fs/binfmt_misc | |
umount kali-$architecture/dev/pts | |
umount kali-$architecture/dev/ | |
umount kali-$architecture/proc | |
# Create the disk and partition it | |
echo "Creating image file for Raspberry Pi" | |
dd if=/dev/zero of=${basedir}/kali-$1-rpi.img bs=1M count=$size | |
parted kali-$1-rpi.img --script -- mklabel msdos | |
parted kali-$1-rpi.img --script -- mkpart primary fat32 0 64 | |
parted kali-$1-rpi.img --script -- mkpart primary ext4 64 -1 | |
# Set the partition variables | |
loopdevice=`losetup -f --show ${basedir}/kali-$1-rpi.img` | |
device=`kpartx -va $loopdevice| sed -E 's/.*(loop[0-9])p.*/\1/g' | head -1` | |
device="/dev/mapper/${device}" | |
bootp=${device}p1 | |
rootp=${device}p2 | |
# Create file systems | |
mkfs.vfat $bootp | |
mkfs.ext4 $rootp | |
# Create the dirs for the partitions and mount them | |
mkdir -p ${basedir}/bootp ${basedir}/root | |
mount $bootp ${basedir}/bootp | |
mount $rootp ${basedir}/root | |
echo "Rsyncing rootfs into image file" | |
rsync -HPavz -q ${basedir}/kali-$architecture/ ${basedir}/root/ | |
# Enable login over serial | |
echo "T0:23:respawn:/sbin/agetty -L ttyAMA0 115200 vt100" >> ${basedir}/root/etc/inittab | |
cat << EOF > ${basedir}/root/etc/apt/sources.list | |
deb http://http.kali.org/kali kali main non-free contrib | |
deb http://security.kali.org/kali-security kali/updates main contrib non-free | |
deb-src http://http.kali.org/kali kali main non-free contrib | |
deb-src http://security.kali.org/kali-security kali/updates main contrib non-free | |
EOF | |
# Uncomment this if you use apt-cacher-ng otherwise git clones will fail. | |
#unset http_proxy | |
# Kernel section. If you want to use a custom kernel, or configuration, replace | |
# them in this section. | |
git clone --depth 1 https://github.com/raspberrypi/linux ${basedir}/kernel | |
git clone --depth 1 https://github.com/raspberrypi/tools ${basedir}/tools | |
cd ${basedir}/kernel | |
mkdir -p ../patches | |
wget https://raw.github.com/offensive-security/kali-arm-build-scripts/master/patches/kali-wifi-injection-3.12.patch -O ../patches/mac80211.patch | |
patch -p1 --no-backup-if-mismatch < ../patches/mac80211.patch | |
touch .scmversion | |
export ARCH=arm | |
export CROSS_COMPILE=${basedir}/tools/arm-bcm2708/gcc-linaro-arm-linux-gnueabihf-raspbian/bin/arm-linux-gnueabihf- | |
cp p12_kernel.config .config | |
make -j $(grep -c processor /proc/cpuinfo) | |
make modules_install INSTALL_MOD_PATH=${basedir}/root | |
git clone --depth 1 https://github.com/raspberrypi/firmware.git rpi-firmware | |
cp -rf rpi-firmware/boot/* ${basedir}/bootp/ | |
cp arch/arm/boot/zImage ${basedir}/bootp/kernel.img | |
cd ${basedir} | |
# Create cmdline.txt file | |
cat << EOF > ${basedir}/bootp/cmdline.txt | |
dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 elevator=deadline root=/dev/mmcblk0p2 rootfstype=ext4 rootwait | |
EOF | |
rm -rf ${basedir}/root/lib/firmware | |
cd ${basedir}/root/lib | |
git clone --depth 1 https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git firmware | |
rm -rf ${basedir}/root/lib/firmware/.git | |
# rpi-wiggle | |
mkdir -p ${basedir}/root/scripts | |
wget https://raw.github.com/dweeber/rpiwiggle/master/rpi-wiggle -O ${basedir}/root/scripts/rpi-wiggle.sh | |
chmod 755 ${basedir}/root/scripts/rpi-wiggle.sh | |
cd ${basedir} | |
# Unmount partitions | |
umount $bootp | |
umount $rootp | |
kpartx -dv $loopdevice | |
losetup -d $loopdevice | |
# Clean up all the temporary build stuff and remove the directories. | |
# Comment this out to keep things around if you want to see what may have gone | |
# wrong. | |
echo "Cleaning up the temporary build files..." | |
rm -rf ${basedir}/kernel ${basedir}/bootp ${basedir}/root ${basedir}/kali-$architecture ${basedir}/boot ${basedir}/tools ${basedir}/patches | |
# If you're building an image for yourself, comment all of this out, as you | |
# don't need the sha1sum or to compress the image, since you will be testing it | |
# soon. | |
echo "Generating sha1sum for kali-$1-rpi.img" | |
sha1sum kali-$1-rpi.img > ${basedir}/kali-$1-rpi.img.sha1sum | |
# Don't pixz on 32bit, there isn't enough memory to compress the images. | |
MACHINE_TYPE=`uname -m` | |
if [ ${MACHINE_TYPE} == 'x86_64' ]; then | |
echo "Compressing kali-$1-rpi.img" | |
pixz ${basedir}/kali-$1-rpi.img ${basedir}/kali-$1-rpi.img.xz | |
rm ${basedir}/kali-$1-rpi.img | |
echo "Generating sha1sum for kali-$1-rpi.img.xz" | |
sha1sum kali-$1-rpi.img.xz > ${basedir}/kali-$1-rpi.img.xz.sha1sum | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment