• 隐藏侧边栏
  • 展开分类目录
  • 关注微信公众号
  • 我的GitHub
  • QQ:1753970025
Chen Jiehua

制作一个持久化加密的Kali USB系统 

Kali Linux是基于Debian的Linux发行版, 设计用于数字取证和渗透测试,由Offensive Security Ltd维护和资助。Kali Linux是由BackTrack发展而来的,其预装了许多渗透测试软件,包括nmap 、Wireshark、John the Ripper 以及Aircrack-ng 等……

今天我们要使用Kali Linux来制作一个便携式的USB系统,它支持持久化存储、并且用LUKS进行加密。

准备工作

系统镜像

我们可以直接从官网下载合适的版本,这里推荐Kali Linux 64 Bit。

U盘

随便找一个8G以上的U盘即可,不过为了提高性能,推荐使用高速、大容量的U盘。

开工

下面的操作均以 Ubuntu 16.04 为开发环境进行。

dd

首先,插上U盘,然后判断一下其磁盘位置:

$ sudo lsblk
# 或者使用fdisk命令
$ sudo fdisk -l

找到U盘路径,这里假设是 /dev/sdb,我们可以用 dd 将镜像写入:

$ sudo dd if=kali-linux-image.iso of=/dev/sdb bs=1m

耐心等待镜像写入磁盘~

fdisk

正常将镜像写入U盘后,U盘会自动创建2个分区,同时还有部分剩余的空间,我们需要利用这部分空间来做持久化存储:

$ sudo fdisk /dev/sdb
# 参考 fdisk help,创建多一个分区
$ ……

luks

使用 LUKS 来加密新创建的分区,保证U盘丢失时数据的安全性:

$ sudo cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb3
# 按提示操作,注意 YES 需要大写;然后输入密码

$ sudo cryptsetup luksOpen /dev/sdb3 my_usb
# 按提示输入密码

格式化分区:

# 使用 linux.ext4 格式化分区
$ sudo mkfs.ext4 -L persistence /dev/mapper/my_usb
# 分区命名为 persistence
$ sudo e2label /dev/mapper/my_usb persistence

添加 persistence.conf:

$ sudo mkdir -p /mnt/my_usb
$ sudo mount /dev/mapper/my_usb /mnt/my_usb
$ sudo echo "/ union" > /mnt/my_usb/persistence.conf
$ sudo umount /dev/mapper/my_usb

关闭分区:

$ sudo cryptsetup luksClose /dev/mapper/my_usb

收尾

官方源修改

官方源位于国外服务器,下载速度往往比较慢。我们可以将其替换为国内镜像源,提高软件下载、更新的速度,修改 /etc/apt/sources.list:

# 修改为中科大的源提交下载速度
deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
# 部分软件包缺失,可以使用上一个版本的源
deb http://mirrors.ustc.edu.cn/kali kali-last-snapshot main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-last-snapshot main non-free contrib

 

疑难杂症

Q:Parallels 下无法安装 paralles tools,报错如下:

/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze/prl_fs_freeze.c:220:1: warning: data definition has no type or storage class
 DEFINE_TIMER(thaw_timer, thaw_timer_fn, 0, (unsigned long)&(thaw_work));
 ^~~~~~~~~~~~
/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze/prl_fs_freeze.c:220:1: error: type defaults to ‘int’ in declaration of ‘DEFINE_TIMER’ [-Werror=implicit-int]
/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze/prl_fs_freeze.c: In function ‘schedule_thaw_work’:
/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze/prl_fs_freeze.c:224:21: error: ‘thaw_timer’ undeclared (first use in this function); did you mean ‘thaw_timer_fn’?
  if (timer_pending(&thaw_timer))
                     ^~~~~~~~~~
                     thaw_timer_fn
/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze/prl_fs_freeze.c:224:21: note: each undeclared identifier is reported only once for each function it appears in
/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze/prl_fs_freeze.c: In function ‘cancel_timeout’:
/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze/prl_fs_freeze.c:233:18: error: ‘thaw_timer’ undeclared (first use in this function); did you mean ‘thaw_timer_fn’?
  del_timer_sync(&thaw_timer);
                  ^~~~~~~~~~
                  thaw_timer_fn
cc1: some warnings being treated as errors
/usr/src/linux-headers-4.15.0-kali2-common/scripts/Makefile.build:335: recipe for target '/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze/prl_fs_freeze.o' failed
make[5]: *** [/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze/prl_fs_freeze.o] Error 1
/usr/src/linux-headers-4.15.0-kali2-common/Makefile:1528: recipe for target '_module_/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze' failed
make[4]: *** [_module_/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze] Error 2
Makefile:146: recipe for target 'sub-make' failed
make[3]: *** [sub-make] Error 2
Makefile:8: recipe for target 'all' failed
make[2]: *** [all] Error 2
make[2]: Leaving directory '/usr/src/linux-headers-4.15.0-kali2-amd64'
Makefile:20: recipe for target 'modules' failed
make[1]: *** [modules] Error 2
make[1]: Leaving directory '/usr/lib/parallels-tools/kmods/prl_fs_freeze/Snapshot/Guest/Linux/prl_freeze'
Makefile.kmods:34: recipe for target 'installme' failed
make: *** [installme] Error 2
make: Leaving directory '/usr/lib/parallels-tools/kmods'
Error: could not build kernel modules
Error: failed to install kernel modules
Error: failed to install Parallels Guest Tools!

A:因为Paralleles Tools(暂时)与 Linux Kernel 4.15 不兼容导致,可以考虑手动安装 linux kernel 4.14。

Q:部分软件版本不匹配,无法从官方源找到合适的包?

A:官方源维护偶有bug,可以考虑添加上一次快照的源(kali-last-snapshot),修改 /etc/apt/sources.list:

deb http://mirrors.ustc.edu.cn/kali kali-last-snapshot main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-last-snapshot main non-free contrib

 

参考:

 

码字很辛苦,转载请注明来自ChenJiehua《制作一个持久化加密的Kali USB系统》

评论