Create Your Own Kali Linux ISO
Welcome back, Cybrarians,
Today, we're going to create a custom Kali Linux distribution. We'll go through the steps of building a customized ISO that can be run Live or on VirtualBox machine.
First, you might wonder why we're going to create our own distro when there is an existing one already?
The answer can have multiple aspects, including:
It's fun, as a geek and a hacker, to dive deeper into Operating Systems beyond the surface and know the general process of building them.
OR
You want to create a small-sized ISO that contains only the tools you need for the operation. The rest are not relevant to the tasks you're doing.
For example, your operation requires forensics tools only. You can create a custom forensics ISO that has all the tools to finish the task.
Tutorial Requirements:1- Kali Linux Virtual installed on your virtual box machine. (This tutorial is using 64-bit version of Kali Linux ISO): https://www.kali.org/downloads/
NOTE: Kali Linux has to be installed in your virtual machine and not run live. The building process needs more file system space; the live mode sometimes does not provide enough space to finish building the ISO.
2- Your virtual box machine setup should have at least 1300 MB of RAM - the more the better
3- Stable Internet connection (you can use wired connection if your WiFi isn't stable)
4- Kali Linux tools : http://tools.kali.org/tools-listing (to choose certain tools)
Tutorial Guidelines:
1- Setting up Kali Linux Environment
2- Install Live - build repository from GitHub
3- Add custom tools
4- Enable SSH (optional) - if you want to access it remotely
5- Add unattended install option
6- Add unattended preseed file
7- Building the ISO
8- Test your ISO
Relevant Terminology:
1- Bootstrap: it's the barebone or the foundation on which your customized ISO would be built on. It provides you with all the files that are needed to create your own system.
2- Chroot: the basic idea of Chroot is creating a special directory that isolates applications from the rest of the system. Chroot can be considered as installing another operating system inside your existing one.
Chroot has many uses, one of them is testing and building new packages before installing and adding them to your ISO.
Now that we got everything ready, let’s start ….
Step 1: Setting up Kali Linux Environment
Open up your Kali Linux box and update its system
apt-get update
Once the system is updated, install live build to be able later to build the live ISO. (this is an important step as to avoid building issues later on). To do so, run the command below:
apt-get install live-build
Step 2: Install Live-build repository from GitHub
In this step, we're going to clone the live-build repository in order to create an environment with all the required files.
git clone git://git.kali.org/live-build-config.git
Once you install the live-build repository, check it your root directory by running the below list command or ( ls )
ls
Once you see the live-build-config directory, move to it by type cd nameOfTheFolder:
cd live-build-config
Note: it's important to move inside the directory, as all the files required are there. You won't be able to build the files from outside.
Step 3 :Add Custom ToolsIn this step, we're going to add the tools that we want our ISO to have. You can choose any the tools that are suitable with your operations.Note: Remember, the more tools you have the more time it would take to build the ISO.In order to add the tools, we need to edit kali.lis.chroot file by:
nano kali-config/variant-light/package-lists/kali.list.chroot
Note:
you can use nano, vim, vi or leafpad to edit the file (whatever it suits you).
Do you wonder what variant light is? It's a light version of Kali Linux; there are other versions such as mate ,xfce , lxde, kde, gnome, e17
When you open the file, you should see some default tools that come with Kali Linux light version. You have the option to keep or remove them.
In this tutorial, I kept them and added extra tools such as wireshark, hping3, p0f and SET
After editing the file, save it and you are ready to go.
Note: to save the file using nano editor, press Ctrl O OR Command O for saving and Ctrl X or Command X for exiting the file.
Step 4: Enable SSH Service at Boot
This step is to enable SSH service at boot time, so you can access your box remotely.
Note: by default, Kali Linux disables SSH service. Therefore, to enable it you need to allow the service to run during the boot time using update-rc.d command:
echo ‘update-rc.d -f ssh enable’ >> kali-config/common/hooks/01-start-ssh.chroot
- Make the file executable by using chmod command:
chmod 755 kali-config/common/hooks/01-start-ssh.chroot
Step 5: Add Unattended Install OptionUnattended installation is an option that was added by Kali Linux team to facilitate the deployment of custom Kali Linux instances that do not require any intervention during the installation process.- To add this option, you need to edit the 02-unattened-boot.binray file. This time, I used the vi editor to edit the file (you can use whatever editor you prefer).vi kali-config/common/hooks/02-unattended-boot.binary
NOTE: The file is empty as the below picture
cat >>binary/isolinux/install.cfg < label install
menu label ^Unattended Install
menu default
linux /install/vmlinuz
initrd /install/initrd.gz
append vga=788 -- quiet file=/cdrom/install/preseed.cfg locale=en_US keymap=us hostname=kali domain=local.lan
END
Check the files if they're there. You should see 02-unattended-boot.binary marked in green as to indicate it is executable:ls -al kali-config/common/hooks/
Step 6: Add Unattended Preseed
Add a preseed file that will run through a default Kali installation. We're going to download the file from Kali.org using wget commandwget https://www.kali.org/dojo/preseed.cfg -O ./kali-config/common/includes.installer/preseed.cfg
Step 7: Building your Custom ISONow that everything is ready, it's time to start building the ISO. As I mentioned before, the ISO building might take from 30 minutes to an hour - depending on the RAM you provided to your machine or the speed of your internet connection.Once you're ready, run the command below:./build.sh --variant light --distribution sana --verbose
The process would take a while - I recommend drinking COFFEE!!! and leave the machine for 30 minutes to an hour.
Once it's done, you should get something similar like the above picture.
To check your new files, use list command
ls
You should see the new files added to the directory. Your new ISO is in the image directory.
cd images
Once you're in the image directory, use the list command (ls) to view the content.
ls
- You should see Kali-liux-light-amd64.iso ready to go. I renamed the ISO as DMZ.iso
Notes:
- You can transfer the ISO through the shared folder feature in Virtualbox or through the local server in Kali Linux (Apache).
- If you choose to transfer your file through Apache, your machine Network setting needs to be on the bridged connection. My machine IP is 192.168.1.18
In this tutorial, I used Apache service to transfer the file. If you're going to use the Apache service, start the server first:
service apache2 start
Once the server is up, copy your ISO form images directory and to HTML directory .
Go ----- Computer >>>>>>>>> var >>>>>>>>>> www >>>>>> html
After you get to the right directory, paste your ISO there. I named the ISO DMZ.iso
Accessing the file from your host machine :
Open the browser of your host machine and type your virtual machine address with a slash the name of the ISO.
For example :192.168.1.18/DMZ.iso
It should start downloading in seconds.
Step 8: Test Your ISO
Now that the ISO is ready, it's time to test it to make sure everything is running smoothing
Create a new virtual machine with the minimum of 1250 RAM. Once it's created, go to the setting and add your customized ISO under the storage tab, and click OK
Start the machine up. You should get the Kali Linux welcome Page as seen below. I choose Live amd64 mode as to test the ISO first
NOTE:
Once it's tested, you can go ahead and install it:
The new ISO will have only the tools you added in the package list earlier in the tutorial. Your desktop should have few or many tools (depends on you)
apt-get update
- Test your tools and your Internet connection to make your sure everything is running smoothly
That's all for this tutorial, Stay tuned and keep coming back fella, Cybrarians.
Do you like to write about your infosec knowledge, skills, opinions, or exploits?
Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!