Kali Linux

The Kali Linux NetHunter platform has many hidden features which we still haven’t brought to light. One of them is the DriveDroid application and patch set, which have been implemented in NetHunter since v1.0.2. This tool allows us to have NetHunter emulate a bootable ISO or USB, using images of our choosing. That’s right, you can use NetHunter as a boot device which holds a library of bootable ISOs and images…And so we begin:

Several weeks ago a request in the Kali forums prompted us to look at the integration of the Adafruit 2.8in TFT touch screen for Kali Linux. A few weeks and much less hair later, we are happy to announce the availability of this image in our Offensive Security custom Kali images section.

It’s been a week since our release of the Kali Linux NetHunter, and the feedback is amazing. A NetHunter community has sprung up from nowhere, and the forums and github pages are really active. We’re completely stoked about this community response, and are eager to see it grow. After an intense week of community testing and a slew of bugfixes (including shellshock), we thought it would be a good opportunity to release a NetHunter update. Please welcome NetHunter 1.0.2.

A couple of days ago, we added an awesome new feature to Kali allowing users to set up a Live Kali USB with encrypted persistence. What this means is that you can now set up a bootable Kali USB drive allowing you to either boot to a “clean” Kali image or alternatively, overlay it with the contents of a persistent encrypted partition, allowing you to securely save your changes on the USB drive between reboots. If you add our LUKS nuke feature into this mix together with a 32GB USB 3.0 thumb drive, you’ve got yourself a fast, versatile and secure “Penetration Testing Travel Kit”.

It’s been a year since we’ve released Kali Linux, and we’re happy to see it succeed. Kali has surpassed BackTrack Linux in many ways and the community is responding accordingly. Between the improved development cycle, more attentive support, and larger community, Kali Linux has reached new heights of popularity. This popularity however, does not come without its own issues. One of the big problems we’ve been facing in the past year is rampant violations of our Kali Linux Trademarks.

“Kali Linux Raspberry Pi Image Updated!” That was supposed to be the “tweet” we would release, telling everyone our new Kali Linux Raspberry Pi image was supposedly better than our old one. We often update our followers with news like this on twitter, and this tweet would be no different. However, this time, we thought it would be interesting to tell you about the mechanics of updates like these, and shed some light on how these “news items” come about. This post will also give us the opportunity to describe the process of running our custom Kali Linux ARM build scripts, by way of a story. If you couldn’t care less about this story, and just want the updated image – head straight to our Kali Linux Custom Image page!

In our last blog post, we provided an example of running an unattended network installation of Kali Linux. Our scenario covered the installation of a custom Kali configuration which contained select tools required for a remote vulnerability assessment using OpenVAS and the Metasploit Framework.

Our last blog post on the Kali Linux site discussed implementing some cool scenarios with Kali Linux, such as remote unattended installations, creating custom Kali Linux ISOS, and getting Kali working on funky ARM hardware. We received several emails from people asking for more information on how to implement these scenarios, so we thought we’d make a few blog posts with more detailed examples.

Here at Offsec, we love playing with hardware. Be it something like the Onity Hotel Door Unlocker, a Teensy USB HID attack payload, or RFID hacks – if it’s shiny, we like it. While we were in the last stages of developing Kali Linux, we made the effort to to get Kali working on some ARM hardware, such as the Samsung Chromebook, Odroid U2, Raspberry Pi and RK3306 devices such as the SS808, and then contributed these to the community as “Unofficial Trusted Images”, together with the Official Kali Linux downloads.