All that's written in the preceding sections is interesting for people who want to have a "clean" penetration testing platform with only the tools they have chosen and installed. But in the most cases, it is not necessary and we would say is often not worth the time you can spend on it. The convenient solution in this case is using a prepared penetration testing distribution. We have already mentioned it in the beginning of the chapter when we talked about a VM, but let's review the process of creating a bootable penetration testing USB stick.
In our example, we will show you how to create a bootable USB stick with the Kali 2.0 penetration testing distribution on both Windows and Linux systems. If you want to do it quickly and you don't want additional complexity on your USB stick, we would recommend creating it under Windows. But if you want to create a persistent encrypted USB stick, you will need to use Linux and do everything manually. We recommend this because the software that we use for image recording under Windows creates only one partition on a USB drive, and you'll need to have three partitions in the case of a bootable USB with encrypted persistent storage.
Let's start with the simplest option and create a non-persistent USB stick under Windows.
We are going to use the Universal USB Installer (UUI) software (http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/) for image recording. We assume you have already downloaded the latest version of the Kali Linux 2.0 image from the official website and started UUI. The process is very simple:
Alternatively, you can use Win32 Disk Imager to write bootable images to a USB stick or a disk. You can download the software from https://sourceforge.net/projects/win32diskimager/.
If you decide that you want to have an encrypted persistent USB stick or you just use Linux and not Windows normally, we will show you how to create a Kali USB stick under this system. You can also use a Linux VM with a USB forwarding feature on Windows if you don't have Linux installed as a host system.
We have downloaded a Kali image file called kali-linux-2.0-amd64.iso
and if yours has the same name, you can leave it like that in the following guide. But if it has a different name, make sure to replace it in the commands you enter. The steps are as follows:
fdisk -l
(use sudo
if necessary). In our case, it is /dev/sdb
.dd
command in Linux to copy the image to the USB drive:dd if=kali-linux-2.0-amd64.iso of=/dev/sdb bs=512k
fdisk -l
again to check the partitions on the USB drive. There should be two partitions:Now, you can boot from your newly created Kali Linux 2.0 USB stick using any laptop; this is especially convenient if you travel a lot.
Having a bootable Kali USB stick is convenient, but it has a big disadvantage: you cannot save anything in the system to keep after a reboot. Even system settings will be reset to default every time you reboot. It is especially awkward when you need to save project data in order to process it later on another computer, for example, crack hashes at a special powerful cracking server. In this subtopic, we are going to fix this issue and make our USB drive able to store our data. The manual is based on an official manual from the Kali Linux team, but we think some additional comments will help you.
Keeping in mind the fact that ethical hackers almost always work with sensitive customer data that has to be treated carefully, and USB drive is a small thing that is easy to lose, we will also secure it with encryption against unauthorized reading using Cryptsetup software. The idea is not to encrypt the whole USB stick, but to create an additional partition on it where you will keep your data persistent and encrypted.
If you have used a USB drive larger than 4 GB, there should be some unallocated space left after recording the Kali image on it. We will use this space for our persistent partition. The steps are as follows (we will continue doing it on a Kali Linux VM):
fdisk -l
.du -bcm kali-linux-2.0-amd64.iso
parted /dev/sdb mkpart primary 3167 7gb
Say Yes if parted offers you another allocation and ignore the following warning. The process should look like the following screenshot:
fdisk -l
and you should see the new one (/dev/sdb3
in our case).cryptsetup
software. The following prompt can be seen on the screen, and install it if you don't have it yet (sudo apt-get install cryptsetup-bin
):cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb3
kali_stor
:cryptsetup luksOpen /dev/sdb3 kali_stor
persistence
on the new partition. The filesystem type should be ext3
(this process can also take several minutes):mkfs.ext3 -L persistence /dev/mapper/kali_stor && e2label /dev/mapper/kali_stor persistence
/mnt/
:mkdir -p /mnt/kali_stor && mount /dev/mapper/kali_stor /mnt/kali_stor
persistence.conf
file in /mnt/kali_stor
with the content / union
:echo "/ union" > /mnt/kali_stor/persistence.conf
umount /dev/mapper/kali_stor && cryptsetup luksClose /dev/mapper/kali_stor
13.58.190.38