Kali/Persistent USB: Difference between revisions
From charlesreid1
(→Before) |
(→Before) |
||
| Line 41: | Line 41: | ||
===Before=== | ===Before=== | ||
Here is what the disks look like before, from Kali Linux. The output of <code>fdisk -l</code> shows | Here is what the disks look like before, from Kali Linux, running fdisk (if you can't find the fdisk utility, make sure you are root!). | ||
The output of <code>fdisk -l</code> shows a block of information about each disk device. Here, we have <code>/dev/sda</code>, which is the hard drive on the machine, with several NTFS/linux partitions, and <code>/dev/sdb</code>, the USB jump drive with Kali installed: | |||
<pre> | <pre> | ||
| Line 50: | Line 52: | ||
Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors | Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors | ||
Units: sectors of 1 * 512 = 512 bytes | Units: sectors of 1 * 512 = 512 bytes | ||
Sector size (logical/physical): 512 bytes / | Sector size (logical/physical): 512 bytes / 4096 bytes | ||
I/O size (minimum/optimal): | I/O size (minimum/optimal): 4096 bytes / 4096 bytes | ||
Disklabel type: | Disklabel type: dos | ||
Disk identifier: | Disk identifier: 0xd228527c | ||
Device Boot Start End Sectors Size Id Type | |||
/dev/sda1 * 2048 718847 716800 350M 7 HPFS/NTFS/exFAT | |||
/dev/sda2 718848 230348799 229629952 109.5G 7 HPFS/NTFS/exFAT | |||
/dev/sda3 457674752 488394751 30720000 14.7G 27 Hidden NTFS WinRE | |||
/dev/sda4 230350846 457674751 227323906 108.4G 5 Extended | |||
/dev/sda5 448380928 457674751 9293824 4.4G 82 Linux swap / Solaris | |||
/dev/sda6 230350848 448380927 218030080 104G 83 Linux | |||
Partition 4 does not start on physical sector boundary. | |||
Partition table entries are not in disk order. | |||
Disk /dev/sdb: | |||
Disk /dev/sdb: 58.9 GiB, 63229132800 bytes, 123494400 sectors | |||
Units: sectors of 1 * 512 = 512 bytes | Units: sectors of 1 * 512 = 512 bytes | ||
Sector size (logical/physical): 512 bytes / 512 bytes | Sector size (logical/physical): 512 bytes / 512 bytes | ||
I/O size (minimum/optimal): 512 bytes / 512 bytes | I/O size (minimum/optimal): 512 bytes / 512 bytes | ||
Disklabel type: dos | Disklabel type: dos | ||
Disk identifier: | Disk identifier: 0x8312dfc0 | ||
Device Boot Start End Sectors Size Id Type | Device Boot Start End Sectors Size Id Type | ||
/dev/sdb1 * 64 | /dev/sdb1 * 64 5636095 5636032 2.7G 17 Hidden HPFS/NTFS | ||
/dev/sdb2 | /dev/sdb2 5636096 5637503 1408 704K 1 FAT12 | ||
</pre> | </pre> | ||
Revision as of 14:19, 16 January 2018
Start with your Kali USB drive. See Kali/Live USB for details.
Instructions
Following the instructions here: http://docs.kali.org/downloading/kali-linux-live-usb-persistence
Start by flashing a USB drive with the Kali image. This article assumes this as a starting point. There should be two partitions on the USB drive.
The procedure we follow below is to create a new partition for storing persistent data. The persistent partition will start right above the second partition (the Kali Live partition). The existing partitions with Kali will take up about 3 GB, so the persistent partition will be about (N - 3) GB in size (where N is the size of your jump drive in GB).
Once we create the partition, we'll format it as an ext3 file system, then create a persistence.conf file to make it usable by Kali as a persistent partition.
Find Your Disk
Start by listing disks.
Linux
On Linux,
$ fdisk -l
Look for the USB drive. Should be at /dev/sdb.
Mac
On Mac,
$ diskutil list
The USB drive should be at /dev/disk1 or /dev/disk2.
Create Persistent Partition
Now we will create a partition on the USB drive, which will store persistent data.
Before
Here is what the disks look like before, from Kali Linux, running fdisk (if you can't find the fdisk utility, make sure you are root!).
The output of fdisk -l shows a block of information about each disk device. Here, we have /dev/sda, which is the hard drive on the machine, with several NTFS/linux partitions, and /dev/sdb, the USB jump drive with Kali installed:
root@kali:~# fdisk -l
Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: dos
Disk identifier: 0xd228527c
Device Boot Start End Sectors Size Id Type
/dev/sda1 * 2048 718847 716800 350M 7 HPFS/NTFS/exFAT
/dev/sda2 718848 230348799 229629952 109.5G 7 HPFS/NTFS/exFAT
/dev/sda3 457674752 488394751 30720000 14.7G 27 Hidden NTFS WinRE
/dev/sda4 230350846 457674751 227323906 108.4G 5 Extended
/dev/sda5 448380928 457674751 9293824 4.4G 82 Linux swap / Solaris
/dev/sda6 230350848 448380927 218030080 104G 83 Linux
Partition 4 does not start on physical sector boundary.
Partition table entries are not in disk order.
Disk /dev/sdb: 58.9 GiB, 63229132800 bytes, 123494400 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x8312dfc0
Device Boot Start End Sectors Size Id Type
/dev/sdb1 * 64 5636095 5636032 2.7G 17 Hidden HPFS/NTFS
/dev/sdb2 5636096 5637503 1408 704K 1 FAT12
Create Partition
The next step is to create the partition. The size of Kali Linux is a little over 3 GB. The total size of the remaining persistent partition should be less than N - 3, where N is the size of the jump drive.
Device Boot Start End Sectors Size Id Type /dev/sdb1 * 64 6324223 6324160 3G 17 Hidden HPFS/NTFS /dev/sdb2 6324224 6485375 161152 78.7M 1 FAT12
Now we create the partition:
root@kali:~# end=7gb root@kali:~# read start _ < <(du -bcm /root/Downloads/kali-linux-2.0-amd64/kali-linux-2.0-amd64.iso | tail -1); echo $start; parted /dev/sdb mkpart primary $start $end 3167 Warning: You requested a partition from 3167MB to 7000MB (sectors 6185546..13671875). The closest location we can manage is 3321MB to 7000MB (sectors 6485376..13671875). Is this still acceptable to you? Yes/No? y Warning: The resulting partition is not properly aligned for best performance. Ignore/Cancel? Ignore Information: You may need to update /etc/fstab.
After
Here is what the disks look like after. There is a new /dev/sdb3 partition:
root@kali:~# fdisk -l Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: gpt Disk identifier: 14F3CA11-2903-4ABB-B891-5C4584781D0D Device Start End Sectors Size Type /dev/sda1 40 409639 409600 200M EFI System /dev/sda2 409640 194715871 194306232 92.7G Apple HFS/HFS+ /dev/sda3 194715872 195985407 1269536 619.9M Apple HFS/HFS+ /dev/sda4 195985408 488134983 292149576 139.3G Apple HFS/HFS+ Disk /dev/sdb: 14.5 GiB, 15512174592 bytes, 30297216 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x0a9a1b1a Device Boot Start End Sectors Size Id Type /dev/sdb1 * 64 6324223 6324160 3G 17 Hidden HPFS/NTFS /dev/sdb2 6324224 6485375 161152 78.7M 1 FAT12 /dev/sdb3 6485376 13671875 7186500 3.4G 83 Linux Disk /dev/loop0: 2.8 GiB, 2969686016 bytes, 5800168 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Make Filesystem
Now make a filesystem, and label it what you will (here, persistence):
mkfs.ext3 -L persistence /dev/sdb3 e2label /dev/sdb3 persistence
Mount Point
Last step is to create a mount point for the persistent partition. Then mount the partition, create a persistence config file in the partition, and unmount it.
root@kali:~# mkdir -p /mnt/usbdrive root@kali:~# mount /dev/sdb3 /mnt/usbdrive root@kali:~# echo "/ union" > /mnt/usbdrive/persistence.conf root@kali:~# unmount /dev/sdb3
Flags
