Forked from widdowquinn/kali_osx_persistence_wifi.md
Last active
May 30, 2024 06:53
-
-
Save flowchartsman/994f545b4db4fb91ae6b8f4b77e54dff to your computer and use it in GitHub Desktop.
Revisions
-
flowchartsman revised this gist
Jun 26, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -207,4 +207,4 @@ $ modprobe wl $ sed -i 's/managed=false/managed=true/g' /etc/NetworkManager/NetworkManager.conf $ service network-manager restart ``` **You're done!** -
Jun 26, 2018 . 1 changed file with 5 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -85,11 +85,11 @@ $ diskutil unmountDisk /dev/<DISK> ```bash $ parted -l # ... other drives listed... Model: <Your flash drive here> Disk: <DEVICE_PATH> # ... other information... $ parted <DEVICE_PATH> (parted) print free @@ -116,7 +116,7 @@ We can verify this completed and get our partition device path for the next step ```bash $ fdisk -l # ... other drives listed ... Device Boot Start End Sectors Size Id Type <DEVICE_PATH>1 * 64 5734399 5734336 2.8G 17 Hidden HPFS/NTFS <DEVICE_PATH>2 5734400 5735807 1408 704K 1 FAT12 @@ -138,9 +138,9 @@ Command successful. $ cryptsetup luksOpen <PARTITION_PATH> my_usb Enter passphrase for <PARTITION_PATH>: <same password> $ mkfs.ext3 -L persistence /dev/mapper/my_usb # ... loads of mke2fs output ... Writing superblocks and filesystem accounting information: # ... this can take a VERY long time, depending on the size and speed of your drive, be patient ... done $ e2label /dev/mapper/my_usb persistence $ mkdir -p /mnt/my_usb -
Jun 26, 2018 . 1 changed file with 37 additions and 37 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -84,14 +84,14 @@ $ diskutil unmountDisk /dev/<DISK> * Open the terminal ```bash $ parted -l ... other drives listed... Model: <Your flash drive here> Disk: <DEVICE_PATH> ... other information... $ parted <DEVICE_PATH> (parted) print free ``` There should be a single large block without a number on the last line representing the remaining free space on your drive. On mine, it looks like this: @@ -115,7 +115,7 @@ Information: You may need to update /etc/fstab We can verify this completed and get our partition device path for the next step by doing the following: ```bash $ fdisk -l ... other drives listed ... Device Boot Start End Sectors Size Id Type <DEVICE_PATH>1 * 64 5734399 5734336 2.8G 17 Hidden HPFS/NTFS @@ -125,7 +125,7 @@ Device Boot Start End Sectors Size Id Type The last, largest partition is what we want, (something like `/dev/sdb3`) now we can create the encrypted container: ```bash $ cryptsetup --verbose --verify-passphrase luksFormat <PARTITION_PATH> WARNING! ======== @@ -135,20 +135,20 @@ Are you sure> (Type uppercase yes): YES Enter passphrase for <PARTITION_PATH>: <strong password> Verify passphrase: <same password> Command successful. $ cryptsetup luksOpen <PARTITION_PATH> my_usb Enter passphrase for <PARTITION_PATH>: <same password> $ mkfs.ext3 -L persistence /dev/mapper/my_usb ... loads of mke2fs output ... Writing superblocks and filesystem accounting information: ... this can take a VERY long time, depending on the size and speed of your drive, be patient ... done $ e2label /dev/mapper/my_usb persistence $ mkdir -p /mnt/my_usb $ mount /dev/mapper/my_usb /mnt/my_usb $ echo "/ union" > /mnt/my_usb/persistence.conf $ umount /dev/mapper/my_usb $ cryptsetup luksClose /dev/mapper/my_usb $ reboot ``` * Hold down the Option key when you hear the chime * Select `EFI` as the startup disk @@ -163,18 +163,18 @@ We will need to manually download these from their locations using the network, * We'll make a handy function to get package URLs, and echo these to a file. ```bash $ cd /media/root/<THUMBDRIVE_NAME> $ getpkgurl(){ apt-get download --print-uris $1 | cut -d\' -f2 >> deps.txt; } $ KERNELF=$(uname -r |cut -d- -f-2) $ ARCH=$(uname -r|cut -d- -f3) $ KERNELM=$(uname -r |cut -d- -f1|cut -d. -f-2) $ getpkgurl linux-headers-$KERNELF-common $ getpkgurl linux-headers-$KERNELF-$ARCH $ getpkgurl linux-kbuild-$KERNELM $ getpkgurl linux-compiler-gcc-7-x86 $ getpkgurl dkms $ getpkgurl broadcom-sta-dkms $ reboot ``` You should now have a file called deps.txt on your second flash drive that will have the URLs to all of the packages you need to download. @@ -194,17 +194,17 @@ $ while read dep; do curl -LOs $dep; done < deps.txt * Open a terminal and install the debs we downloaded manually: ```bash $ cd /media/root/<THUMBDRIVE_NAME> $ ARCH=$(uname -r|cut -d- -f3) $ dpkg -i linux-kbuild*.deb $ dpkg -i linux-compiler*.deb $ dpkg -i linux-headers*common*.deb $ dpkg -i linux-headers*$ARCH*.deb $ dpkg -i dkms*.deb $ dpkg -i broadcom-sta-dkms*.deb $ modprobe -r b44 b43 b43legacy ssb brcmsmac bcma $ modprobe wl $ sed -i 's/managed=false/managed=true/g' /etc/NetworkManager/NetworkManager.conf $ service network-manager restart ``` ** You're done! ** -
Jun 26, 2018 . 1 changed file with 115 additions and 60 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,10 +1,12 @@ # Kali Linux Bootable USB with Persistence and Wireless on OSX Tutorials for running live Kali on OSX often require you have networking on your laptop to `apt` install the drivers, but without an ethernet adapter you're not going to be able to do that, so this tutorial will cover a method of doing this manually, using another thumbdrive or external data source. **Download the appropriate Kali Linux `.iso`** * Download site: [https://www.kali.org/downloads/](https://www.kali.org/downloads/) I used a 64 bit `.iso` image, downloaded via HTTP. Download the `SHA256SUMS` and `SHA256SUMS.gpg` files from the same location. @@ -56,100 +58,153 @@ Unmount the volume in DIsk Utility, or at the command-line: $ diskutil unmountDisk /dev/<DISK> ``` Then use `dd` to make a bootable image on the USB. Use pv to track progress if you have it installed: ```bash $ pv -tpreb <path to downloaded .iso> | sudo dd of=/dev/<DISK> bs=1m $ diskutil unmountDisk /dev/<DISK> ``` If you don't have pv: ```bash $ sudo dd if=<path to downloaded .iso> of=/dev/<DISK> bs=1m $ diskutil unmountDisk /dev/<DISK> ``` **Boot into Kali Linux** * Restart the Mac * Hold down the Option key when you hear the chime * Select `EFI` as the startup disk * Select `Live system (encrypted persistence)` **Create a new persistent encrypted partition** * Open the terminal ```bash # parted -l ... other drives listed... Model: <Your flash drive here> Disk: <DEVICE_PATH> ... other information... # parted <DEVICE_PATH> (parted) print free ``` There should be a single large block without a number on the last line representing the remaining free space on your drive. On mine, it looks like this: ``` Number Start End Size Type File system Flags 0.03MB 0.03MB 0.00MB Free Space 1 0.03MB 2936MB 2936MB primary boot, hidden 2 2936MB 2937MB 0.72MB primary 2937MB 64173MB 6123MB Free Space ``` You want to use the start of this final block of free space as the basis of your new partition: ```bash (parted) mkpart primary 2937MB 100% (parted) quit Information: You may need to update /etc/fstab ``` We can verify this completed and get our partition device path for the next step by doing the following: ```bash # fdisk -l ... other drives listed ... Device Boot Start End Sectors Size Id Type <DEVICE_PATH>1 * 64 5734399 5734336 2.8G 17 Hidden HPFS/NTFS <DEVICE_PATH>2 5734400 5735807 1408 704K 1 FAT12 <DEVICE_PATH>3 5736448 125337599 119601152 57G 83 Linux ``` The last, largest partition is what we want, (something like `/dev/sdb3`) now we can create the encrypted container: ```bash # cryptsetup --verbose --verify-passphrase luksFormat <PARTITION_PATH> WARNING! ======== This will overwrite data on <PARTITION_PATH> irrevocably. Are you sure> (Type uppercase yes): YES Enter passphrase for <PARTITION_PATH>: <strong password> Verify passphrase: <same password> Command successful. # cryptsetup luksOpen <PARTITION_PATH> my_usb Enter passphrase for <PARTITION_PATH>: <same password> # mkfs.ext3 -L persistence /dev/mapper/my_usb ... loads of mke2fs output ... Writing superblocks and filesystem accounting information: ... this can take a VERY long time, depending on the size and speed of your drive, be patient ... done # e2label /dev/mapper/my_usb persistence # mkdir -p /mnt/my_usb # mount /dev/mapper/my_usb /mnt/my_usb # echo "/ union" > /mnt/my_usb/persistence.conf # umount /dev/mapper/my_usb # cryptsetup luksClose /dev/mapper/my_usb # reboot ``` * Hold down the Option key when you hear the chime * Select `EFI` as the startup disk * Select `Live system (encrypted persistence)` * At some point, you will be prompted to enter your password from earlier by a prompt that says `Please unlock disk <PARTITION_PATH>` Depending on the model and boot order, the brightness might be very low and this might be difficult to see. If anyone has a fix for this, please let me know. **Install the wireless Drivers** We will need to manually download these from their locations using the network, but since you don't have networking yet, we will extract the URLs to a text file and place them on a thumbdrive so we can reboot into OSX and download them. * Plug in a portable drive * It should come up under `/media/root` * We'll make a handy function to get package URLs, and echo these to a file. ```bash # cd /media/root/<THUMBDRIVE_NAME> # getpkgurl(){ apt-get download --print-uris $1 | cut -d\' -f2 >> deps.txt; } # KERNELF=$(uname -r |cut -d- -f-2) # ARCH=$(uname -r|cut -d- -f3) # KERNELM=$(uname -r |cut -d- -f1|cut -d. -f-2) # getpkgurl linux-headers-$KERNELF-common # getpkgurl linux-headers-$KERNELF-$ARCH # getpkgurl linux-kbuild-$KERNELM # getpkgurl linux-compiler-gcc-7-x86 # getpkgurl dkms # getpkgurl broadcom-sta-dkms # reboot ``` You should now have a file called deps.txt on your second flash drive that will have the URLs to all of the packages you need to download. * reboot the machine into OSX * open the terminal * download dependencies like so: ```bash $ cd /Volumes/<SECOND_THUMBDRIVE> $ while read dep; do curl -LOs $dep; done < deps.txt ``` * Restart the Mac * Hold down the Option key when you hear the chime * Select `EFI` as the startup disk * Select `Live system (encrypted persistence)` * Enter the password as before * Open a terminal and install the debs we downloaded manually: ```bash # cd /media/root/<THUMBDRIVE_NAME> # ARCH=$(uname -r|cut -d- -f3) # dpkg -i linux-kbuild*.deb # dpkg -i linux-compiler*.deb # dpkg -i linux-headers*common*.deb # dpkg -i linux-headers*$ARCH*.deb # dpkg -i dkms*.deb # dpkg -i broadcom-sta-dkms*.deb # modprobe -r b44 b43 b43legacy ssb brcmsmac bcma # modprobe wl # sed -i 's/managed=false/managed=true/g' /etc/NetworkManager/NetworkManager.conf # service network-manager restart ``` ** You're done! ** -
widdowquinn revised this gist
Nov 14, 2017 . 1 changed file with 25 additions and 10 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -37,19 +37,30 @@ $ shasum -a 256 kali-linux-2017-W46-amd64.iso Identify your external USB with `diskutil` - the disk ID (`disk2`, `disk3` etc is represented as `<DISK>` below): ```bash $ diskutil list ``` If necessary, prep the external USB with `diskutil` to get a single partition: ```bash $ diskutil eraseDisk FAT32 KALI /dev/<DISK> ``` Unmount the volume in DIsk Utility, or at the command-line: ```bash $ diskutil unmountDisk /dev/<DISK> ``` Then use `dd` to make a bootable image on the USB: ```bash $ sudo dd if=<path to downloaded .iso> of=/dev/<DISK> bs=1m ``` **Boot into Kali Linux** @@ -77,13 +88,17 @@ Then use `dd` to make a bootable image on the USB: Create a mount point for the persistence particion, and mount it ```bash $ mkdir -p /mnt/my_usb $ mount <DISK> /mnt/my_usb ``` Create a `partition.conf` file. This will enable the persistent storage on USB startup ```bash $ echo "/ union" > /mnt/my_usb/persistence.conf $ umount <DISK> ``` **Check the persistent partition** @@ -128,7 +143,7 @@ apt-get install broadcom-sta-dkms ```bash $ modprobe -r b44 b43 b43legacy ssb brcmsmac bcma $ modprobe wl ``` **Enable network-manager** -
Nov 14, 2017 . 1 changed file with 5 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -107,13 +107,15 @@ $ apt-get install linux-headers-$(uname -r|sed 's,[^-]*-[^-]*-,,') **Install kernel headers** These need to be obtained separately: ```bash $ wget http://http.kali.org/kali/pool/main/l/linux/linux-kbuild-<VERSION>_amd64.deb $ wget http://http.kali.org/kali/pool/main/l/linux/linux-headers-<VERSION>-common_<VERSION>_amd64.deb $ wget http://http.kali.org/kali/pool/main/l/linux/linux-headers-<VERSION>-amd64_<VERSION>_amd64.deb $ dpkg -i linux-kbuild-<VERSION>_amd64.deb $ dpkg -i linux-headers-<VERSION>-common_<VERSION>_amd64.deb $ dpkg -i linux-headers-<VERSION>-amd64_<VERSION>_amd64.deb ``` **Install the Broadcom drivers** -
Nov 14, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,138 @@ # Kali Linux Bootable USB with Persistence and Wireless on OSX **Download the appropriate Kali Linux `.iso`** * Download site: [https://www.kali.org/downloads/](https://www.kali.org/downloads/) I used a 64 bit `.iso` image, downloaded via HTTP. I downloaded the amd64 weekly version, as the `pool` linux headers (needed below for installation of wireless drivers) were ahead of the stable release kernel. Download the `SHA256SUMS` and `SHA256SUMS.gpg` files from the same location. **Check the hash** Check that the hashes were not tampered with. First, get the Kali GPG public key, and verify the fingerprint: ```bash $ wget -q -O - https://www.kali.org/archive-key.asc | gpg --import $ gpg --fingerprint 7D8D0BF6 pub rsa4096 2012-03-05 [SC] [expires: 2018-02-02] 44C6 513A 8E4F B3D3 0875 F758 ED44 4FF0 7D8D 0BF6 uid [ unknown] Kali Linux Repository <devel@kali.org> sub rsa4096 2012-03-05 [E] [expires: 2018-02-02] $ gpg --verify SHA256SUMS.gpg SHA256SUMS gpg: Signature made Sun 12 Nov 03:47:29 2017 GMT gpg: using RSA key 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6 gpg: Good signature from "Kali Linux Repository <devel@kali.org>" [unknown] ``` Compare the SHA256 hash with that reported in `SHASUMS`: ```bash $ cat SHA256SUMS 16123b76a6d4fc3ed72aef508bee9542462f2d1d5376acd1fcc3369ad337a505 kali-linux-2017-W46-amd64.iso $ shasum -a 256 kali-linux-2017-W46-amd64.iso 16123b76a6d4fc3ed72aef508bee9542462f2d1d5376acd1fcc3369ad337a505 kali-linux-2017-W46-amd64.iso ``` **Create the USB disk** Identify your external USB with `diskutil` - the disk ID (`disk2`, `disk3` etc is represented as `<DISK>` below): * `diskutil list` If necessary, prep the external USB with `diskutil` to get a single partition: * `diskutil eraseDisk FAT32 KALI /dev/<DISK>` Unmount the volume in DIsk Utility, or at the command-line: * `diskutil unmountDisk /dev/<DISK>` Then use `dd` to make a bootable image on the USB: * `sudo dd if=<path to downloaded .iso> of=/dev/<DISK> bs=1m` **Boot into Kali Linux** * Restart the Mac * Hold down the Option key when you hear the chime * Select `EFI` as the startup disk * Select `Kali Linux (persistence)` **Create a new persistent partition** * Start `gparted` from the terminal * Select the USB disk * Select the `Unallocated` partition * Create a new partition (by default this will fill the free space on the USB) * `Partition -> New` * Create as: `Primary Partition` * File system: `ext3` * Label: `persistence` * Apply the operations * `Edit -> Apply All Operations` * Confirm this action * Exit `gparted` **Combine the new partition with Kali Linux, persistently** Create a mount point for the persistence particion, and mount it * `mkdir -p /mnt/my_usb` * `mount <DISK> /mnt/my_usb` Create a `partition.conf` file. This will control persistence on USB startup * `echo "/ union" > /mnt/my_usb/persistence.conf` * `umount <DISK>` **Check the persistent partition** * Restart the Mac * Hold down the Option key when you hear the chime * Select `EFI` as the startup disk * Select `Kali Linux (persistence)` * At the terminal: * `df -h` will bring up a list of mounted drives. There should be a mountpoint `/lib/live/mount/persistence/<DISK>` pointing to your new persistent partition * `ls -ltrh /lib/live/mount/persistence/<DISK>` should show four entries: `lost+found`, `persistence.conf`, `rw`, and `work`. The `rw` directory is a persistent link to `/`. **Update the OS** Update the installer and acquire the appropriate linux headers ```bash $ apt-get update $ apt-get install linux-image-$(uname -r|sed 's,[^-]*-[^-]*-,,') $ apt-get install linux-headers-$(uname -r|sed 's,[^-]*-[^-]*-,,') ``` **Install kernel headers** ```bash $ wget http://http.kali.org/kali/pool/main/l/linux/linux-kbuild-<VERSION>_amd64.deb $ wget http://http.kali.org/kali/pool/main/l/linux/linux-headers-<VERSION>-common_<VERSION>_amd64.deb $ wget http://http.kali.org/kali/pool/main/l/linux/linux-headers-<VERSION>-amd64_<VERSION>_amd64.deb dpkg -i linux-kbuild-<VERSION>_amd64.deb dpkg -i linux-headers-<VERSION>-common_<VERSION>_amd64.deb dpkg -i linux-headers-<VERSION>-amd64_<VERSION>_amd64.deb ``` **Install the Broadcom drivers** ```bash apt-get install broadcom-sta-dkms ``` **Enable and disable modules** ```bash $ modprobe -r b44 b43 b43legacy ssb brcmsmac bcma modprobe wl ``` **Enable network-manager** ```bash nano /etc/NetworkManager/NetworkManager.conf ``` Set the value of `managed` to `true`,