Kali/Persistent USB: Difference between revisions

From charlesreid1

(Created page with "Start with your Kali USB drive. See Kali/Booting for details. ==Instructions== Following the instructions here: http://docs.kali.org/downloading/kali-linux-live-usb-pers...")
 
 
(19 intermediate revisions by the same user not shown)
Line 1: Line 1:
Start with your Kali USB drive. See [[Kali/Booting]] for details.
Start with your Kali USB drive. See [[Kali/Live USB]] for details.


==Instructions==
=Instructions=


Following the instructions here: http://docs.kali.org/downloading/kali-linux-live-usb-persistence
Following the instructions here: http://docs.kali.org/downloading/kali-linux-live-usb-persistence


In this example, we’ll create a new partition to store our persistent data into, starting right above the second Kali Live partition and ending at 7GB, put an ext3 file system onto it, and create a persistence.conf file on the new partition.
Start by flashing a USB drive with the Kali image. This article assumes this as a starting point. There should be two partitions on the USB drive.
 
The procedure we follow below is to create a new partition for storing persistent data. The persistent partition will start right above the second partition (the Kali Live partition). The existing partitions with Kali will take up about 3 GB, so the persistent partition will be about (N - 3) GB in size (where N is the size of your jump drive in GB).
 
Once we create the partition, we'll format it as an ext3 file system, then create a persistence.conf file to make it usable by Kali as a persistent partition.
 
==Find Your Disk==
 
Start by listing disks.
 
===Linux===
 
On Linux,


<pre>
<pre>
fdisk -l
$ fdisk -l
</pre>
</pre>


Look for the USB drive. Should be at <code>/dev/sdb</code>.
Look for the USB drive. Should be at <code>/dev/sdb</code>.
===Mac===
On Mac,
<pre>
$ diskutil list
</pre>
The USB drive should be at <code>/dev/disk1</code> or <code>/dev/disk2</code>.
==Create Persistent Partition==


Now we will create a partition on the USB drive, which will store persistent data.
Now we will create a partition on the USB drive, which will store persistent data.
===Before===
Here is what the disks look like before, from Kali Linux, running fdisk (if you can't find the fdisk utility, make sure you are root!).
The output of <code>fdisk -l</code> shows a block of information about each disk device. Here, we have <code>/dev/sda</code>, which is the hard drive on the machine, with several NTFS/linux partitions, and <code>/dev/sdb</code>, the USB jump drive with Kali installed:


<pre>
<pre>
root@kali:~# end=7gb
root@kali:~# fdisk -l
root@kali:~# read start _ < <(du -bcm /root/mac/Users/charles/Downloads/kali-
 
kali-2.0.1-rpi.img
kali-2.0.1-rpi.img.xz
kali-2.0.1-rpitft.img.xz
kali-linux-2.0-amd64.torrent
kali-linux-light-2.0-armhf.torrent
root@kali:~# read start _ < <(du -bcm /root/mac/Users/charles/Downloads/torrent/
2015 - Seveneves.m4b
.DS_Store
kali-linux-2.0-amd64/
kali-linux-light-2.0-armhf/
LibreOffice_5.0.3_MacOS_x86-64.dmg
mactex-20150613.pkg
New Watergate/
Nixon.1995.DVDRip.XviD.AR/
The Haldeman Diaries - Inside the Nixon White House/
The Nixon Defense - John W. Dean/
root@kali:~# read start _ < <(du -bcm /root/mac/Users/charles/Downloads/torrent/kali-linux-2.0-amd64/kali-linux-2.0-amd64.
kali-linux-2.0-amd64.iso          kali-linux-2.0-amd64.txt.sha1sum
root@kali:~# read start _ < <(du -bcm /root/mac/Users/charles/Downloads/torrent/kali-linux-2.0-amd64/kali-linux-2.0-amd64.iso | tail -1); echo $start; parted /dev/sdb mkpart primary $start $end
3167
Warning: You requested a partition from 3167MB to 7000MB (sectors
6185546..13671875).
The closest location we can manage is 3321MB to 7000MB (sectors
6485376..13671875).
Is this still acceptable to you?
                                                                                                                                          Yes/No? y
Warning: The resulting partition is not properly aligned for best
performance.
                                                                    Ignore/Cancel? Ignore
Information: You may need to update /etc/fstab.


                                                                    root@kali:~# fdisk -l


Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors
Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: dos
Disk identifier: 0xd228527c
Device    Boot    Start      End  Sectors  Size Id Type
/dev/sda1  *        2048    718847    716800  350M  7 HPFS/NTFS/exFAT
/dev/sda2          718848 230348799 229629952 109.5G  7 HPFS/NTFS/exFAT
/dev/sda3      457674752 488394751  30720000  14.7G 27 Hidden NTFS WinRE
/dev/sda4      230350846 457674751 227323906 108.4G  5 Extended
/dev/sda5      448380928 457674751  9293824  4.4G 82 Linux swap / Solaris
/dev/sda6      230350848 448380927 218030080  104G 83 Linux
Partition 4 does not start on physical sector boundary.
Partition table entries are not in disk order.
                                                                                   
Disk /dev/sdb: 58.9 GiB, 63229132800 bytes, 123494400 sectors
Units: sectors of 1 * 512 = 512 bytes
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disklabel type: dos
Disk identifier: 14F3CA11-2903-4ABB-B891-5C4584781D0D
Disk identifier: 0x8312dfc0
 
Device    Boot  Start    End Sectors  Size Id Type
/dev/sdb1  *        64 5636095 5636032  2.7G 17 Hidden HPFS/NTFS
/dev/sdb2      5636096 5637503    1408  704K  1 FAT12
</pre>
 
===Create Partition===


Device        Start      End  Sectors  Size Type
The next step is to create the partition. The size of Kali Linux is a little under 3 GB:
/dev/sda1        40    409639    409600  200M EFI System
/dev/sda2    409640 194715871 194306232  92.7G Apple HFS/HFS+
/dev/sda3  194715872 195985407  1269536 619.9M Apple HFS/HFS+
/dev/sda4  195985408 488134983 292149576 139.3G Apple HFS/HFS+


Disk /dev/sdb: 14.5 GiB, 15512174592 bytes, 30297216 sectors
<pre>
Disk /dev/sdb: 58.9 GiB, 63229132800 bytes, 123494400 sectors
Units: sectors of 1 * 512 = 512 bytes
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disklabel type: dos
Disk identifier: 0x0a9a1b1a
Disk identifier: 0x8312dfc0
 
Device    Boot  Start    End Sectors  Size Id Type
/dev/sdb1  *        64 5636095 5636032  2.7G 17 Hidden HPFS/NTFS
/dev/sdb2      5636096 5637503    1408  704K  1 FAT12
</pre>
 
so the total size of the remaining persistent partition should be less than (N - 3) GB, where N is the size of the jump drive.
 
Now we create the partition. Note the <code>du -bcm</code> command is just to get the size of the .iso file. Also note we specify where the partition should end with "end". This hsould be the size of the USB drive.
 
<pre>
root@kali:~# end=7gb
root@kali:~# read start _ < <(du -bcm kali-linux-2017.3-amd64.iso | tail -1); echo $start; parted /dev/sdb mkpart primary $start $end
2766
Warning: You requested a partition from 2766MB to 63.0GB (sectors
5402343..123046875).
The closest location we can manage is 63.2GB to 63.2GB (sectors
123476563..123476563).
Is this still acceptable to you?
Yes/No? yes                                                             
Warning: The resulting partition is not properly aligned for best performance.
Ignore/Cancel? Ignore
Information: You may need to update /etc/fstab.
</pre>
 
===After===
 
Here is what the disks look like after. There is a new <code>/dev/sdb3</code> partition:
 
<pre>
root@jupiter:/home/charles# fdisk -l                                     
 
 
 
 
Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: dos
Disk identifier: 0xd228527c


Device    Boot   Start     End Sectors Size Id Type
Device    Boot     Start       End   Sectors   Size Id Type
/dev/sdb1 *        64 6324223 6324160    3G 17 Hidden HPFS/NTFS
/dev/sda1 *        2048    718847    716800  350M  7 HPFS/NTFS/exFAT
/dev/sdb2       6324224 6485375 161152 78.7M 1 FAT12
/dev/sda2          718848 230348799 229629952 109.5G 7 HPFS/NTFS/exFAT
/dev/sdb3       6485376 13671875 7186500  3.4G 83 Linux
/dev/sda3       457674752 488394751 30720000 14.7G 27 Hidden NTFS WinRE
/dev/sda4      230350846 457674751 227323906 108.4G 5 Extended
/dev/sda5       448380928 457674751  9293824  4.4G 82 Linux swap / Solaris
/dev/sda6      230350848 448380927 218030080  104G 83 Linux


Disk /dev/loop0: 2.8 GiB, 2969686016 bytes, 5800168 sectors
Partition 4 does not start on physical sector boundary.
Partition table entries are not in disk order.
 
 
 
 
Disk /dev/sdb: 58.9 GiB, 63229132800 bytes, 123494400 sectors
Units: sectors of 1 * 512 = 512 bytes
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x8312dfc0
Device    Boot    Start      End  Sectors  Size Id Type
/dev/sdb1  *          64  5636095  5636032  2.7G 17 Hidden HPFS/NTFS
/dev/sdb2        5636096  5637503      1408  704K  1 FAT12
/dev/sdb3        5637504 123476562 117839059 56.2G 83 Linux
/dev/sdb4      123476563 123476563        1  512B 83 Linux
</pre>
</pre>


==Make Filesystem==
Now make a filesystem, and label it what you will (here, persistence):
<pre>
mkfs.ext3 -L persistence /dev/sdb3
e2label /dev/sdb3 persistence
</pre>
==Mount Point==
Last step is to create a mount point for the persistent partition. Then mount the partition, create a persistence config file in the partition, and unmount it.
<pre>
root@kali:~# mkdir -p /mnt/usbdrive
root@kali:~# mount /dev/sdb3 /mnt/usbdrive
root@kali:~# echo "/ union" > /mnt/usbdrive/persistence.conf
root@kali:~# umount /dev/sdb3
</pre>
Now when you reboot and run from the USB drive, select the option to start a Live Persistent Kali instance.
=Flags=




{{KaliFlag}}
{{KaliFlag}}

Latest revision as of 15:49, 16 January 2018

Start with your Kali USB drive. See Kali/Live USB for details.

Instructions

Following the instructions here: http://docs.kali.org/downloading/kali-linux-live-usb-persistence

Start by flashing a USB drive with the Kali image. This article assumes this as a starting point. There should be two partitions on the USB drive.

The procedure we follow below is to create a new partition for storing persistent data. The persistent partition will start right above the second partition (the Kali Live partition). The existing partitions with Kali will take up about 3 GB, so the persistent partition will be about (N - 3) GB in size (where N is the size of your jump drive in GB).

Once we create the partition, we'll format it as an ext3 file system, then create a persistence.conf file to make it usable by Kali as a persistent partition.

Find Your Disk

Start by listing disks.

Linux

On Linux, 

$ fdisk -l

Look for the USB drive. Should be at /dev/sdb.

Mac

On Mac, 

$ diskutil list

The USB drive should be at /dev/disk1 or /dev/disk2.

Create Persistent Partition

Now we will create a partition on the USB drive, which will store persistent data.

Before

Here is what the disks look like before, from Kali Linux, running fdisk (if you can't find the fdisk utility, make sure you are root!).

The output of fdisk -l shows a block of information about each disk device. Here, we have /dev/sda, which is the hard drive on the machine, with several NTFS/linux partitions, and /dev/sdb, the USB jump drive with Kali installed: 

root@kali:~# fdisk -l



Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: dos
Disk identifier: 0xd228527c

Device     Boot     Start       End   Sectors   Size Id Type
/dev/sda1  *         2048    718847    716800   350M  7 HPFS/NTFS/exFAT
/dev/sda2          718848 230348799 229629952 109.5G  7 HPFS/NTFS/exFAT
/dev/sda3       457674752 488394751  30720000  14.7G 27 Hidden NTFS WinRE
/dev/sda4       230350846 457674751 227323906 108.4G  5 Extended
/dev/sda5       448380928 457674751   9293824   4.4G 82 Linux swap / Solaris
/dev/sda6       230350848 448380927 218030080   104G 83 Linux

Partition 4 does not start on physical sector boundary.
Partition table entries are not in disk order.



                                                                                     
Disk /dev/sdb: 58.9 GiB, 63229132800 bytes, 123494400 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x8312dfc0

Device     Boot   Start     End Sectors  Size Id Type
/dev/sdb1  *         64 5636095 5636032  2.7G 17 Hidden HPFS/NTFS
/dev/sdb2       5636096 5637503    1408  704K  1 FAT12

Create Partition

The next step is to create the partition. The size of Kali Linux is a little under 3 GB: 

Disk /dev/sdb: 58.9 GiB, 63229132800 bytes, 123494400 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x8312dfc0

Device     Boot   Start     End Sectors  Size Id Type
/dev/sdb1  *         64 5636095 5636032  2.7G 17 Hidden HPFS/NTFS
/dev/sdb2       5636096 5637503    1408  704K  1 FAT12

so the total size of the remaining persistent partition should be less than (N - 3) GB, where N is the size of the jump drive.

Now we create the partition. Note the du -bcm command is just to get the size of the .iso file. Also note we specify where the partition should end with "end". This hsould be the size of the USB drive. 

root@kali:~# end=7gb
root@kali:~# read start _ < <(du -bcm kali-linux-2017.3-amd64.iso | tail -1); echo $start; parted /dev/sdb mkpart primary $start $end
2766
Warning: You requested a partition from 2766MB to 63.0GB (sectors
5402343..123046875).
The closest location we can manage is 63.2GB to 63.2GB (sectors
123476563..123476563).
Is this still acceptable to you?
Yes/No? yes                                                               
Warning: The resulting partition is not properly aligned for best performance.
Ignore/Cancel? Ignore
Information: You may need to update /etc/fstab.

After

Here is what the disks look like after. There is a new /dev/sdb3 partition: 

root@jupiter:/home/charles# fdisk -l                                      




Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: dos
Disk identifier: 0xd228527c

Device     Boot     Start       End   Sectors   Size Id Type
/dev/sda1  *         2048    718847    716800   350M  7 HPFS/NTFS/exFAT
/dev/sda2          718848 230348799 229629952 109.5G  7 HPFS/NTFS/exFAT
/dev/sda3       457674752 488394751  30720000  14.7G 27 Hidden NTFS WinRE
/dev/sda4       230350846 457674751 227323906 108.4G  5 Extended
/dev/sda5       448380928 457674751   9293824   4.4G 82 Linux swap / Solaris
/dev/sda6       230350848 448380927 218030080   104G 83 Linux

Partition 4 does not start on physical sector boundary.
Partition table entries are not in disk order.




Disk /dev/sdb: 58.9 GiB, 63229132800 bytes, 123494400 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x8312dfc0

Device     Boot     Start       End   Sectors  Size Id Type
/dev/sdb1  *           64   5636095   5636032  2.7G 17 Hidden HPFS/NTFS
/dev/sdb2         5636096   5637503      1408  704K  1 FAT12
/dev/sdb3         5637504 123476562 117839059 56.2G 83 Linux
/dev/sdb4       123476563 123476563         1  512B 83 Linux

Make Filesystem

Now make a filesystem, and label it what you will (here, persistence): 

mkfs.ext3 -L persistence /dev/sdb3
e2label /dev/sdb3 persistence

Mount Point

Last step is to create a mount point for the persistent partition. Then mount the partition, create a persistence config file in the partition, and unmount it. 

root@kali:~# mkdir -p /mnt/usbdrive
root@kali:~# mount /dev/sdb3 /mnt/usbdrive
root@kali:~# echo "/ union" > /mnt/usbdrive/persistence.conf
root@kali:~# umount /dev/sdb3

Now when you reboot and run from the USB drive, select the option to start a Live Persistent Kali instance.

Flags


Defcon.png
Kali Linux
"The quieter you become, the more you are able to hear."

Penetration testing Linux distribution.


Kali  · Category:Kali

Kali/Wireless Reboot


Kali Software:

Kali Tools

Kali Top 10

Aircrack  · Wireshark  · John the Ripper  · Nmap  · Metasploit Framework

Dsniff  · Tcpdump  · Hydra  · Sqlmap  · Burpsuite  · Commix

Dirbuster  · Valgrind


Attack Workflow:

Kali/Workflow

1 Physical Attacks: Kali/Layer 1 Attacks

2 Data/MAC Attacks: Kali/Layer 2 Attacks

3 Network Attacks: Kali/Layer 3 Attacks

4 Transport Attacks: Kali/Layer 4 Attacks

5 Session Attacks: Kali/Layer 5 Attacks

6 Presentation Attacks: Kali/Layer 6 Attacks

7 Application Attacks: Kali/Layer 7 Attacks


Red Team Blue Team

Metasploitable - Red Team

Metasploitable - Blue Team


Networking:

Kali/Hotspot  · Kali/OpenVPN  · Kali/OpenVPN/Hotspot  · Kali/OpenVPN/PIA

Kali/IPv6


Booting:

Kali/Dual Boot OS X  · Kali/Live USB  · Kali/Persistent USB


Installing:

Kali/Installing  · Kali/Post Install  · Kali/Fixes


Kali on Raspberry Pi:

Kali Raspberry Pi  · Kali Raspberry Pi/Installing  · Kali Raspberry Pi/Headless  · Kali Raspberry Pi/Post-Install


Category:Security  · Category:Wireless  · Category:Passwords  · Category:Man in the Middle  · Category:Evil Twin

Flags  · Template:KaliFlag  · e




Retrieved from "https://charlesreid1.com/w/index.php?title=Kali/Persistent_USB&oldid=23289"