Kali linux live usb with persistence

Kali Linux “Live” has two options in the default boot menu which enable persistence — the preservation of data on the “Kali Live” USB drive — across reboots of “Kali Live”. This can be an extremely useful enhancement, and enables you to retain documents, collected testing results, configurations, etc., when running Kali Linux “Live” from the USB drive, even across different systems. The persistent data is stored in its own partition on the USB drive, which can also be optionally LUKS-encrypted.

To make use of the USB persistence options at boot time, you’ll need to do some additional setup on your “Kali Linux Live” USB drive; this article will show you how.

This guide assumes that you have already created a Kali Linux “Live” USB drive as described in the doc page for that subject. For the purposes of this article, we’ll assume you’re working on a Linux-based system.

You’ll need to have root privileges to do this procedure, or the ability to escalate your privileges with the command “sudo su”.

In this example, we assume:

you are running as the root user. As of Kali Linux 2020.1, we do not use root user by default. You can switch to root using the command “sudo bash”
your USB drive is /dev/sdb
your USB drive has a capacity of at least 8GB — the Kali Linux image takes over 3GB, and for this guide, we’ll be creating a new partition of about 4GB to store our persistent data in
you are running on a separate Linux system (cannot be Live Boot Kali)

In this example, we’ll create a new partition to store our persistent data into, starting right above the second Kali Live partition and ending at 7GB, put an ext3 file system onto it, and create a persistence.conf file on the new partition.

First, begin by imaging the latest Kali Linux ISO (currently 2021.3) to your USB drive as described in this article. We’re going to assume that the two partitions created by the imaging are /dev/sdb1 and /dev/sdb2 . This can be verified with the command fdisk -l .

Create and format an additional partition on the USB drive. First, let’s create the new partition in the empty space above our Kali Live partitions. We have to do this from the command line as gparted will read the imaged ISO as a large block. The following command will, as a short explanation, shrink that block to only be the Kali Live partition.

The parted command may advise you that it can’t use the exact start values you specified; if so, accept the suggested value instead. If advised that the partition isn’t placed at an optimal location, “ignore” it. When parted completes, the new partition should have been created at /dev/sdb3 ; again, this can be verified with the command fdisk -l .

Next, create an ext3 file system in the partition and label it persistence .

Create a mount point, mount the new partition there, and then create the configuration file to enable persistence. Finally, unmount the partition.

Adding USB Persistence with LUKS Encryption

Alternatively, you can create a LUKS-encrypted persistent storage area. This adds an extra layer of security to your sensitive files when traveling with Kali Live on USB devices. In the following example, we’ll create a new partition to store our persistent data into, starting right above the second Kali Live partition and ending at 7GB, set up LUKS encryption on the new partition, put an ext3 file system onto it, and create a persistence.conf file on it.

Image the latest Kali Linux ISO (currently 2021.3) to your USB drive as described in this article.
Create the new partition in the empty space above our Kali Live partitions.

The parted command may advise you that it can’t use the exact start value you specified; if so, accept the suggested value instead. If advised that the partition isn’t placed at an optimal location, “ignore” it. When parted completes, the new partition should have been created at /dev/sdb3 ; again, this can be verified with the command fdisk -l .

Initialize the LUKS encryption on the newly-created partition. You’ll be warned that this will overwrite any data on the partition. When prompted whether you want to proceed, type “YES” (all upper case). Enter your selected passphrase twice when asked to do so, and be sure to pick a passphrase you’re going to remember: if you forget it, your data will still be persistent, just irretrievable (and unusable).

Create the ext3 filesystem, and label it “persistence”.

Create a mount point, mount our new encrypted partition there, set up the persistence.conf file, and unmount the partition.

Close the encrypted channel to our persistence partition.

That’s really all there is to it! To use the persistent data features, simply plug your USB drive into the computer you want to boot up Kali Live on — make sure your BIOS is set to boot from your USB device — and fire it up. When the Kali Linux boot screen is displayed, choose the persistent option you set up on your USB drive, either normal or encrypted.

Updated on: 2021-Sep-27
Author: g0tmi1k

Источник

Kali linux live usb with persistence

In this workshop, we will examine the various features available to us when booting Kali Linux from USB devices. We will explore features such as persistence, creating LUKS encrypted persistence stores, and even dabble in “LUKS Nuking” our USB drive. The default Kali Linux ISOs (from 1.0.7 onwards) support USB encrypted persistence.

0x01 — Start by imaging the Kali ISO onto your USB drive (ours was /dev/sdb). Once done, you can inspect the USB partition structure using parted /dev/sdb print:

For ease of use, please use a root account. This can be done with “sudo su”.

0x02 — Create and format an additional partition on the USB drive. In our example, we create a persistent partition of about 7 GB in size:

0x04 — Encrypt the partition with LUKS:

0x05 — Open the encrypted partition:

0x06 — Create an ext3 filesystem and label it:

0x07 — Mount the partition and create your persistence.conf so changes persist across reboots:

Now your USB drive is ready to plug in and reboot into Live USB Encrypted Persistence mode.

Multiple Persistence Stores

At this point we should have the following partition structure:

We can add additional persistence stores to the USB drive, both encrypted or not…and choose which persistence store we want to load, at boot time. Let’s create one more additional non-encrypted store. We’ll label and call it “work”.

0x01 — Create an additional, 4th partition which will hold the “work” data. We’ll give it another 5GB of space:

0x02 — Format the fourth partition, label it “work”:

0x03 — Mount this new partition and create a persistence.conf in it:

Boot the computer, and set it to boot from USB. When the boot menu appears, edit the persistence-label parameter to point to your preferred persistence store!

Emergency Self Destruction of Data in Kali

As penetration testers, we often need to travel with sensitive data stored on our laptops. Of course, we use full disk encryption wherever possible, including our Kali Linux machines, which tend to contain the most sensitive materials. Let’s configure a nuke password as a safety measure:

The configured nuke password will be stored in the initrd and will be usable with all encrypted partitions that you can unlock at boot time.

Backup you LUKS keyslots and encrypt them:

Now boot into your encrypted store, and give the Nuke password, rather than the real decryption password. This will render any info on the encrypted store useless. Once this is done, verify that the data is indeed inacessible.

Lets restore the data now. We’ll decrypt our backup of the LUKS keyslots, and restore them to the encrypted partition:

Our slots are now restored. All we have to do is simply reboot and provide our normal LUKS password and the system is back to its original state.

Updated on: 2021-Sep-27
Author: g0tmi1k

Источник

Kali linux live usb with persistence

One of the fastest method, for getting up and running with Kali Linux is to run it “live” from a USB drive. This method has several advantages:

It’s non-destructive — it makes no changes to the host system’s hard drive or installed OS, and to go back to normal operations, you simply remove the Kali Live USB drive and restart the system
It’s portable — you can carry Kali Linux in your pocket and have it running in minutes on an available system
It’s customizable — you can roll your own custom Kali Linux ISO image and put it onto a USB drive using the same procedures
It’s potentially persistent — with a bit of extra effort, you can configure your Kali Linux “live” USB drive to have persistent storage, so the data you collect is saved across reboots

In order to do this, we first need to create a bootable USB drive which has been set up from an ISO image of Kali Linux.

The specifics of this procedure will vary depending on whether you’re doing it on a Linux, macOS/OS X, or Windows system.

What You’ll Need

A verified copy of the appropriate ISO image of the latest Kali build image for the system you’ll be running it on.

If you’re running under Windows, there is not one tool that is considered the overall best for imaging. We recommend Etcher (installer or portable) as it is simpler to use, however Rufus is another popular option with its advance options. If one does not work for you, consider the other.

A USB drive, 8GB or larger (Systems with a direct SD card slot can use an SD card with similar capacity. The procedure is identical.)

Creating a Bootable Kali USB Drive on Windows (Etcher)

Plug your USB drive into an available USB port on your Windows PC, note which drive designator (e.g. “ G:\ «) it uses once it mounts, and launch Etcher.

Press Flash from file, and locate the Kali Linux ISO file to be imaged with.

Press Select target and check the list of options for the USB drive (e.g. “ G:\ ”, the manufacture and size).

Click the Flash! button once ready.

Note: You may get a UAC prompt asking for administrator privileges that you will need to accept.

5. Once Etcher alerts you that the image has been flashed, you can safely remove the USB drive and proceed to boot into Kali with it.

At the time of writing, Etcher will use MBR. This is to allow for the most hardware compatibility.

Creating a Bootable Kali USB Drive on Windows (Rufus)

Plug your USB drive into an available USB port on your Windows PC, note which drive designator (e.g. “ G:\ «) it uses once it mounts, and launch Rufus.

With Device, check the dropdown list of options for the USB drive (e.g. “ G:\ ” and size).

Boot section needs to point to point to the Kali Linux ISO file, which can be done by clicking the SELECT button

Depending on your configuration, you can set the Partition scheme, as well as Target system. If you are not sure, leave it as the default values.

Click the START button once ready.

6. You may get a prompt saying about ISOHybird image. Selecting ISO image, will allow you to edit the files from the Kali Linux ISO, but at the potential lose of hardware compatibility. As a result, we recommend selecting DD Image.

Note: If you select “DD Image” option, you can create another partition on the USB drive, allowing you to use the rest of the space. Start -> Run (Windows + R) -> diskmgmt.msc -> Locate the USB drive -> Right-click in “Unallocated” -> New Simple Volume -> Follow the rest of the wizard with next, next, next…

Booting A USB Drive In Windows

Depending on the system (such as BIOS or UEFI), as well as the version of Windows, and how they are each configured, you may need to re-image the USB drive.

Master Boot Record (MBR) is often used on legacy systems that use BIOS as well as UEFI which has Compatibility Support Module (CSM) enabled
GUID Partition Table (GPT) is required where UEFI has CSM disabled, forcing to use the modern standard

After writing the image to the USB drive, reboot Windows with the USB inserted. Depending on the motherboard manufacture, will also depend on the next stage. Some motherboard’s support a “temporary” boot menu, allowing for a one off selection. Others you need to enter BIOS/UEFI to configure it to try and boot from USB first. Entering either location, also depends on the motherboard. You can look up on the manufactures website and read the manual, try and read the screen when booting (however the text may be shown too quick or full logos used), or try common key combinations (such as ESC , F1 , F2 , F3 , F4 , F8 , F10 , F11 , F12 or DEL ).

Updated on: 2021-Sep-27
Author: g0tmi1k

Источник

Статья Добавление возможности постоянного сохранения (Persistence) к вашим Kali Live USB

Ваша текущая схема разбиения диска должна выглядеть примерно так:

Если вы хотите загрузиться, вставьте флэш в компьютер. Убедитесь, что BIOS настроен на загрузку с USB устройства. Когда отобразится загрузочный экран Kali Linux, выберите “Live” в меню загрузки (не нажимайте Enter), и нажмите на клавишу tab. Это позволит вам изменить параметры загрузки. Добавляйте слово “persistence” в конце строки параметров загрузки каждый раз, когда вы хотите смонтировать ваше persistent устройство.

DEVILBY
06.09.2015 в 21:36
Спасибо сработало!

АЛЕКСАНДР
07.03.2016 в 01:23
Не получается, все как написано делаю. У меня правда одно НО, у вас там 2 раздела приформатировании, а у меня 3. У меня есть еще /dev/sdb2 fat32 /media/root/Kali Live. Я как только не загружался. Может теам когда выходишь надо сохранять это все? Как то?

ДМИТРИЙ
30.03.2016 в 10:11
тоже не работает, такая же ситуация как пост выше. че делать подскажите пжл

АВРЕЛИЙ
16.05.2016 в 14:31
Так вы посмотрите fdisk -l – какие у вас разделы то есть? И подставьте нужный в при использовании команд.

НИКОЛАЙ
24.05.2016 в 21:04
Спасибо, всё сохраняется кроме пароля, он меняется, но после перезагрузки снова сбрасывается на toor, в чем может быть причина?

0101011
01.06.2016 в 22:35
Будут ли сохраняться установленные обновления и программы? На ранней версии Kali не сохранялась даже настройка репозиториев.

Источник