Blog
Jan 27, 2014
Generating Kali Raspberry Pi Images
“Kali Linux Raspberry Pi Image Updated!” That was supposed to be the “tweet” we would release, telling everyone our new Kali Linux Raspberry Pi image was supposedly better than our old one. We often update our followers with news like this on twitter, and this tweet would be no different. However, this time, we thought it would be interesting to tell you about the mechanics of updates like these, and shed some light on how these “news items” come about. This post will also give us the opportunity to describe the process of running our custom Kali Linux ARM build scripts, by way of a story. If you couldn’t care less about this story, and just want the updated image – head straight to our Kali Linux Custom Image page!
5 min read
“Kali Linux Raspberry Pi Image Updated”
“Kali Linux Raspberry Pi Image Updated!” That was supposed to be the “tweet” we would release, telling everyone our new Kali Linux Raspberry Pi image was better than our old one. We often update our followers with news like this on Twitter and this tweet would be no different. However, this time, we thought it would be interesting to tell you about the mechanics of updates like these and shed some light on how these “news items” come about. This post will also give us the opportunity to describe the process of running our custom Kali Linux ARM build scripts, by way of a story. If you couldn’t care less about the story and just want the updated image – head straight to our Kali Linux Custom Image page!
Forever Lurking in IRC
Our Kali Linux dev team lurks around in the #kali-linux IRC channel on a regular basis, looking for interesting cases to support. Many times, these support sessions help uncover bugs or otherwise allow us to test hardware which we otherwise do not have access to. A few days ago, someone in the channel asked about the process of upgrading the Offsec generated Raspberry Pi kernel as their Netgear WNDA4100 (RT3573 chipset) USB wireless adapter was not supported by the current kernel. The driver for this chipset was apparently introduced in kernel 3.12.
Kali Amazon AMI for the Win
Unfortunately, I was in a place with a slow Internet connection and without my development environment…bummer. If only I could somehow quickly set up a remote machine with a good Internet connection as my build environment….but wait… I can! Hurray for Kali Amazon Images.
About 30 seconds later, i was SSH’d into a multiple CPU Amazon Image instance of Kali Linux. Now, my task is to rebuild the Kali Linux image using our Offsec build scripts and make the changes I need to in order to have an upgraded kernel in this image. I git cloned the Offsec ARM image scripts to the Amazon build machine and ran the build-deps.sh script, which installs all the dependencies needed for cross building our ARM images.
[cc lang=bash]
root@amazon:~# apt-get install git
root@amazon:~# git clone https://gitlab.com/kalilinux/build-scripts/kali-arm
root@amazon:~# cd kali-arm-build-scripts
root@amazon:~/kali-arm-build-scripts# ./build-deps.sh
[/cc]
Raspberry Pi Kernel Upgrade
Looking at Raspberry Pi rpi.sh script, I could see that this kernel upgrade would require a one line change – the line that git clones the stock Raspberry Pi kernel. So this line in the script:
[cc lang=bash]
git clone –depth 1 https://github.com/raspberrypi/linux ${basedir}/kernel
[/cc]
Would change to this:
[cc lang=bash]
git clone -b rpi-3.13.y –depth 1 https://github.com/raspberrypi/linux ${basedir}/kernel
[/cc]
With that change made, I could now re-run the rpi.sh script and generate a new Raspberry Pi image with a new, updated kernel.
Optimizing the Image for Size Constraints
Our previous Raspberry Pi image had an image size of 7GB with only 1.2 GB of data on it (as we stripped down the ARM images to bare minimum). What this means is that people with 4GB storage devices would not be able to use them, for no good reason. To deal with this, we can decrease the original image size and introduce a script such as rpi-wiggle, which expands the image and filesystem to the full size of the SD card. To implement these changes, we simply need to alter the hard-coded size of the image in the rpi.sh script:
[cc lang=bash]
size=3000 # Size of image in megabytes
[/cc]
…and then introduce the rpi-wiggle script into the /scripts directory inside the Raspberry Pi image.
[cc lang=bash]
# rpi-wiggle
mkdir -p ${basedir}/root/scripts
wget https://raw.github.com/dweeber/rpiwiggle/master/rpi-wiggle -O ${basedir}/root/scripts/rpi-wiggle.sh
chmod 755 ${basedir}/root/scripts/rpi-wiggle.sh
[/cc]
Once a user has dd’ed the image and booted the Raspberry Pi, they can run the script in /scripts/ to automatically resize their partitions:
[cc lang=bash]
root@kali:~# cd /scripts
root@kali:/scripts# ./rpi-wiggle.sh
[/cc]
Kernel 3.13 and Still no RT3573 Wireless
Once the updated image was rebuilt and kernel updated, the Netgear WNDA4100 still would not work – how annoying! A quick look at the kernel configuration file revealed the reason – the RT3573 kernel module was not selected. In fact, it seems that the default kernel configuration can be improved and have our Kali Linux Raspberry Pi image include a larger variety of wireless adapters.
[cc lang=bash]
root@kali:~# zcat /proc/config.gz |grep RT3573
CONFIG_RT2800USB_RT3573 is not set
root@kali:~#
[/cc]
Hey, Can I SSH to Your Box?
The easiest way to generate a new kernel config is probably through the ncurses menu configuration interface. The quickest way to do this would be to SSH to someones Raspberry Pi and generate a better config there…but would anyone agree? Surprisingly, yes. Some brave and trusting souls exist in #kali-linux and a few minutes later, I had a quick and dirty patch which included a few more wireless drivers into the default config. This patching routine was added to the rpi.sh build script and an hour or so later, a new image was ready – with added support for several wireless drivers.
[cc lang=bash]
root@amazon:~/kali-arm-build-scripts# ./rpi.sh custom
I: Retrieving Release
I: Retrieving Release.gpg
I: Checking Release signature
I: Valid Release signature (key id 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6)
I: Retrieving Packages
I: Validating Packages
…
[/cc]
Stronger. Better. Faster.
Once these changes were well tested, we included these updates in the current rpi.sh script and pushed it to Github. The new Raspberry Pi image is available for download as a 1.0.6a release on the Offensive Security Custom Kali Image Download Page. Try it out!
Latest from OffSec
Enterprise Security
Red Team vs Blue Team in Cybersecurity
Learn what a red team and blue team in cybersecurity are, pros and cons of both, as well as how they work together.
Dec 13, 2024
13 min read
Enterprise Security
Building a Future-Ready Cybersecurity Workforce: The OffSec Approach to Talent Development
Learn all about our recent webinar “Building a Future-Ready Cyber Workforce: The OffSec Approach to Talent Development”.
Dec 13, 2024
4 min read
Enterprise Security
How to Become the Company Top Cyber Talent Wants to Join
Become the company cybersecurity talent wants to join. Learn how to attract, assess, and retain experts with strategies that set you apart.
Dec 4, 2024
5 min read