Kali Linux | Website Cyber Security (2023)

on August 9, 2022 at 12:00 am

In light of “Hacker Summer Camp 2022” (BlackHat USA, BSides LV, and DEFCON) occurring right now, we wanted to push out Kali Linux 2022.3 as a nice surprise for everyone to enjoy! With the publishing of this blog post, we have the download links ready for immediate access, or you can update any existing installation.The highlights for Kali’s 2022.3’s release:Discord Server – Kali’s new community real-time chat option has launched!Test Lab Environment – Quickly create a test bed to learn, practice, and benchmark tools and compare their resultsOpening Kali-Tools Repo – We have opened up the Kali tools repository & are accepting your submissions!Help Wanted – We are looking for a Go developer to help us on an open-source projectKali NetHunter Updates – New releases in our NetHunter storeVirtual Machines Updates – New VirtualBox image format, weekly images, and build-scripts to build your ownNew Tools In Kali – Would not be a release without some new tools!For more details, see the bug tracker changelog.Kali is on DiscordWe have started up a new discord server, Kali Linux & Friends. This is our new place for the Kali community to get together and chat in real-time all about Kali Linux (as well as other community projects that OffSec has to offer).This is a community server, all with common interests. We do not have the goal to get as many users as possible, instead, we are growing a place for each other to help one another. We are focusing on quality not quantity.Please bear in mind, if you are looking for help, first search for your problem, ask questions, then wait for the community support from your peers. Remember no one is under obligation to help you, and you are more likely to get assistance if you are polite and show you have put some effort into solving your own issue.Speaking of “real-time chatting”, we are going to be starting a new tradition. We will be doing an hour long session after every Kali release where various Kali developers will come and voice chat on Discord, answer questions about Kali and its direction, take your input, and so on. We will be sure to add details about this in every blog post release going forwards.The first one is on Tuesday, 16th August 2022 16:00 -> 17:00 UTC/+0 GMT.Feel free to be a fly on the wall, come by to say a hello, or ask questions! This is a great opportunity to ask questions, provide your input on what can help improve Kali, or get involved and contribute!Please note, we will not be recording these sessions. These are live sessions only.Why Discord? In short, people are already there. It’s a common and popular platform that has become very popular over the years. People have already gone through the process of signing up and becoming familiar with the UI. For those who are not, you can register and within minutes be chatting. It’s simple and straight forward to get going.Real-time chat can be seen like a social network, as it’s only as good as the people who are on it.Why not use Matrix? In short, same reasons as above, the user-base. Going into a bit more depth, the entry barrier is higher. It’s a bit more complex to get setup and it’s not as user-friendly.Matrix is great (and various team members do use it daily)! Kali being open-source, using open-source solutions to match does make sense.But we are not trying to be a trend setter – we are going with the crowd. We believe the key to a successful community is the community itself. We are not wanting to reinvent the wheel, we are not wanting people to sign up once again to another service, using another chat application, another thing that’s giving you notifications. If people are already there, we are going with them.Lastly, we do not want to be focusing on running and maintaining infrastructure of a self-hosted solution for a real-time chat, as that takes us away from developing an OS with everything that goes with it.What happened to IRC? In short, it’s still there. We are still using it from a Kali development perspective. The network may have changed (from Freenode to Libera Chat), but we still do use Internet Relay Chat.Back in the heyday of Freenode, it was the place to be. “Everyone” was on it. It did slowly start to lose some users, before the crash in 2021. Libera Chat stepped it, and did recover some of the broken pieces but various homes moved on to other networks or even protocols.The IRC channels are public, so anyone can join in on the development side of things. However the Kali community focus will be on Discord.Test Lab Environment“A craftsman is only as good as their tools.”This is true, even outside of Information Security field, you need to understand your tools to master your craft.You can read their code to understand how they work (or a very detailed REAME at times), help screens and their manuals (if they have one) will give you a starting point on how to use them. But where do you use them especially when they are security tools? What output should the tool give? What is a successful run? How long does the tool take? What is its baseline? How can I get experience with it? All valid questions which need answers.To try and achieve these answers, most seasoned professionals will practice first (hopefully in a known, controlled environment!). This is where a “Test Bed/Laboratory” comes into play. Theory is different to practical (You may remember this the first time you were tasked of something new to accomplish). You can take the static theory-based output from help screens, READMEs, and manual pages and hands-on enter the data into programs and monitor the dynamic output and practical response. Its one thing to read something, its another to do it. The result often gives people a deeper understanding.Practice makes ~perfect~ permanent. So practice, practice, practice!Inquisitive minds can then start to experiment with new configurations, options, commands and flags. Then start to chain items together, or compare similar and alternative solutions, then compare the results, to become more educated and build up a benchmark of knowledge. This grows experience.We are trying to make it a bit easier to build up your test lab. So we have packaged up:DVWA – Damn Vulnerable Web ApplicationJuice Shop – OWASP Juice ShopAll you have to do is apt install <package>, else you can use the kali-linux-labs metapackage to get them all!This list will be growing in the upcoming Kali releases!At times, you may be running codes that are designed to be vulnerable. Please take the necessary steps to secure your environment.Practice tools, sharpen skills, and benchmark alternativesIf you put all your trust into something without understanding it, there could be complications…Credit: unknown!Kali for Virtual MachinesWe have already provided Kali Linux images for VMware and VirtualBox since the start. For this release, there’s been a few changes worth noting.We now distribute the VirtualBox image as a VDI disk and a .vbox metadata file, or to say it short: the native format for VirtualBox images. It should be a bit faster to download, as those images have a better compression ratio compared to the OVA images that we used to provide. It should also be a bit more straightforward to use it, you just need to unpack the image in your VirtualBox folder and run it. In case you need help, refer to our documentation: Import Pre-Made Kali VirtualBox VM.Additionally, we just started to provide weekly builds of our VM images. These images are built from the kali-rolling branch, meaning that they have the most up-to-date packages, but on the other hand they don’t receive as much testing as our quarterly releases.Last but not least, the scripts that we use to build those images are now available on GitLab. If you need to build custom Kali VM images, this is the place to go!Help WantedDo you know Go? The Kali team is looking for some help! Bonus points if you know Redis as well!This work would be going into an already existing Open-Source project, MirrorBits. We have a few desirable features we would love to be added into it.Interested? Let’s talk. Please get in touch by emailing icanhelp at kali dot org, or tweeting at us directly. If you have any previous work to showcase, even better.Why are you guys not doing it? Our development team has a maxed out roadmap and we don’t want to be waiting until items are closed out before this goes into production.Other Kali updatesFor people who use Xrdp (like Win-KeX), there is a new look to the loginWe have fixed up some confusion between fuse and fuse3We did some maintenance to our network repository, and shrank /kali from 1.7Tb to 520Gb!New Tools in KaliIt would not be a Kali release if there were not any new tools added! A quick run down of what has been added (to the network repositories):BruteShark – Network Analysis ToolDefectDojo – Open-source application vulnerability correlation and security orchestration toolphpsploit – Stealth post-exploitation frameworkshellfire – Exploiting LFI/RFI and command injection vulnerabilitiesSprayingToolkit – Password spraying attacks against Lync/S4B, OWA and O365There have been numerous packages updates as well.Kali NetHunter UpdatesFull Android 12 support is getting closer to being a reality with 6 new kernels in our NetHunter repository and updates to the NetHunter app. It is still not for the fainthearted as a little tinkering is required to install all the components individually but we’re getting closer to releasing the first OnePlus image soon.For the meantime, we have updated the apps in our NetHunter Store to the latest releases, including:aRDP, aSPICE, bVNC, Opaque = v5.1.0Connectbot = 1.9.8-ossIntercepter-NG = 2.8OONI Probe = 3.7.0OpenVPN = 0.7.38Orbot = 16.4.1-RC-2-tor.0.4.4.6SnoopSnitch = 2.0.12-nbcTermux = 118Termux-API = 51Termux-Styling = 29Termux-Tasker = 6Termux-Widget = 13Termux-Float = 15WiGLE WiFi Wardriving = 2.64If you would like to get involved and help out with the development, or just like to chat to like-minded Android tinkerers, why don’t you join us in the NetHunter channels on our new Discord server? We’d love to see you around!Kali ARM UpdatesAll Raspberry Pi devices have had their kernel upgraded to 5.15.Created arm.kali.org to have a overview and statistics for kali-arm (very similar to nethunter.kali.org).Every Kali ARM device has had their default size for the boot partition set to 256 MB.Pinebook has had the broken sleep modes removed, so it should no longer go to sleep and be unable to wake up.USBArmory MKII moved to the 2022.04 u-boot release.Kali Documentation UpdatesThere has been a number of new pages added to our kali-docs sub section, as well as numerous updates to existing pages, keeping them up-to-date as well as adding more details.A summary of the new pages added:Radxa Zero (eMMC)Radxa Zero (sdcard)Raspberry Pi Zero W P4wnP1 A.L.O.A (A Little Offensive Application)LinodeUsing Kali Linux Podman ImagesBare-bones KaliDiscovering Problems With Download SpeedNo sound on Kali 2022.2USB Boot in VirtualBoxImport Pre-Made Kali VirtualBox VMImport Pre-Made Kali VMware VMImproving Virtual Machine Performance for VMwareKali inside Hyper-V (Guest VM)Kali inside QEMU/LibVirt with virt-manager (Guest VM)Kali inside UTM (Guest VM)Kali inside Vagrant (Guest VM)Installing VMware on Apple Silicon (M1/M2) Macs (Host)Kali Tools DocumentationA little off-topic, but also worth mentioning. Kali-docs is our documentation of Kali as an operating system. Kali-tools is our documentation for the tools inside of Kali.We have also opened up the kali-tools repository, allowing for community contributions as well.We will be updating this on a frequent basis. But you can help speed this up! Our goal is to have general information about every tool, as well as examples of the tool being used, and how to use the tool. If you want to get involved with Kali Linux, this is a great way to!We are after any media format possible, text, images, and videos (asciinema is our preferred option for videos rather than Vimeo/YouTube).Please note, if there is too much “self-promotion”, submissions will be declined.Kali Blog RecapIn case you missed our recent blog posts, here’s what you missed:Kali Linux in Linode’s CloudSecure Kali Pi (2022)Weekly Virtual Machines, with Build ScriptsIf you would like them straight to your e-mail inbox, sign up to the newsletter.Community Shout-outsIn this last quarter, there have been multiple contributions from a number of people (the joy of Kali Linux being open-source). We do thank you guys! A few of these people’s actions have helped make a significant improvement to Kali, so we want to call them out:CloudFlare’s Jade Wang who has been working on some behind the scene stuff for usLorenzo Bernardi for helping with Azure (Yes, it’s coming back soon…)Mark Egan-Fuller and elrey (alex) for helping get a QEMU Vagrant image building – go check it out!Anyone can help out, anyone can get involved! And, in case you didn’t know, you can always follow how Kali is going by checking out the activity page of our GitLab!Get Kali Linux 2022.3Fresh Images:So what are you waiting for? Go get Kali already!Seasoned Kali Linux users are already aware of this, but for the ones who are not, we do also produce weekly builds that you can use as well. If you cannot wait for our next release and you want the latest packages (or bug fixes) when you download the image, you can just use the weekly image instead.This way you will have fewer updates to do.Just know that these are automated builds that we do not QA like we do our standard release images. But we gladly take bug reports about those images because we want any issues to be fixed before our next release!Existing Installs:If you already have an existing Kali Linux installation, remember you can always do a quick update:┌──(kali㉿kali)-[~]└─$ echo “deb http://http.kali.org/kali kali-rolling main non-free contrib” | sudo tee /etc/apt/sources.list┌──(kali㉿kali)-[~]└─$ sudo apt update && sudo apt -y full-upgrade┌──(kali㉿kali)-[~]└─$ cp -rbi /etc/skel/. ~┌──(kali㉿kali)-[~]└─$ [ -f /var/run/reboot-required ] && sudo reboot -fYou should now be on Kali Linux 2022.3 We can do a quick check by doing:┌──(kali㉿kali)-[~]└─$ grep VERSION /etc/os-releaseVERSION=”2022.3″VERSION_ID=”2022.3″VERSION_CODENAME=”kali-rolling”┌──(kali㉿kali)-[~]└─$ uname -v#1 SMP PREEMPT_DYNAMIC Debian 5.18.5-1kali6 (2022-07-07)┌──(kali㉿kali)-[~]└─$ uname -r5.18.0-kali5-amd64NOTE: The output of uname -r may be different depending on the system architecture.As always, should you come across any bugs in Kali, please submit a report on our bug tracker. We will never be able to fix what we do not know is broken! And Twitter is not a Bug Tracker!Want to keep in up-to-date easier? We have a RSS feeds and newsletter of our blog!

on August 2, 2022 at 12:00 am

This is the first part of a 3 part series of blog posts surrounding Kali usage on Raspberry Pi devices. This first post will cover enabling Full Disk Encryption (FDE) on a Raspberry Pi, part two will cover remotely connecting to it, and finally, part three will cover debugging issues we ran into while making these posts, so others can learn how to do so as well.With everything that has been going on in the world in the last few years, more people are working remotely. We are no exception to this, and today, we are going to be revisiting our “drop box” machine, which has been encrypted thus making it harder to identify if discovered.The goal is to create a stand-alone “leave behind” headless device that, that if/when discovered, does not make it easy to figure out what we were doing as our data is secure at all times. To accomplish this, we will use Full Disk Encryption (FDE), and allow for it to be remotely unlocked (should the device get restarted for any reason). There will be the option as well to use LUKS Nuke capability should we wish to make the disk inaccessible at any point after we are done with it.We will be doing this on a Raspberry Pi 4 Model B+, but it also has been tested on a Raspberry Pi 3 Model B as well. You should be able to use most makes/models of similar devices, it may just require a bit of creative adaptations/adjustments in order to secure your own system.This is an updated process as we have previously covered part of this before. This time we include additional developments, with some community contributions thrown in. We would like to give a shout-out to Richard Nelson (@unixabg) for his automated script. We will touch on this after going through the manual method, as we always recommend you understand what is going on under the hood.Higher-level overviewBefore we dive into the lower-levels of technical details of what we are going to accomplish, let’s take a quick look at our goals that we want to achieve, and break it down:Install Kali Linux on a Raspberry Pi 4 (henceforth called “RPi”)Prepare the system for encrypted boot ready for remote disk unlockSetup SSH keys to allow the remote unlock to occur (using initramfs and Dropbear)Backup any existing dataConfigure the encrypted partitionsRestore our dataHack away!This might sound like a lot, but it’s rather straightforward even if there are a fair few steps. Once completed, we will have a RPi that will:BootGet an IP from DHCPWait for us to connect via SSH using keysAllow us to provide either the LUKS unlock, or LUKS Nuke passphrasesThen down the road when we are done with whatever it is we are wanting to do, the only thing left is to retrieve it …at our leisure!Installing Kali Linux on a RPiIf you’re following along, be sure to know where you are imaging the file to, and replace /dev/sdX. Don’t blindly copy/paste!We will be creating our drop box machine on an existing Kali installation. It should be very easy to use other Debian-based distributions, and pretty straight forward for other OSes (except Windows users!)We first will download the latest stable Kali RPi image. At the time of writing, that’s Kali 2022.2.We have also chosen the 64-bit image, as we have more than 4GB of RAM, and are not using any HATs (Hardware Attached on Top). The steps for 32-bit would be the same, after adjusting filenames:$ wget https://kali.download/arm-images/kali-2022.2/kali-linux-2022.2-raspberry-pi-arm64.img.xz$ xzcat kali-linux-2022.2-raspberry-pi-arm64.img.xz | sudo dd of=/dev/sdX bs=512k status=progressPreparing the systemPreparing the chrootWe next are going to get things ready for a chroot. Let’s create where we want to mount the microSD card, then mount it:$ sudo mkdir -vp /mnt/chroot/$ sudo mount /dev/sdX2 /mnt/chroot/$ sudo mount /dev/sdX1 /mnt/chroot/boot/$ sudo mount -t proc none /mnt/chroot/proc$ sudo mount -t sysfs none /mnt/chroot/sys$ sudo mount -o bind /dev /mnt/chroot/dev$ sudo mount -o bind /dev/pts /mnt/chroot/dev/pts$ sudo apt install -y qemu-user-static$ sudo cp /usr/bin/qemu-aarch64-static /mnt/chroot/usr/bin/The last two commands will come in handy ready for initramfs later.Installing required packagesNow that our system is set up we can use the chroot to set up the RPi image for encryption. Let’s first enter the chroot and install some necessary packages:$ sudo env LANG=C chroot /mnt/chroot/┌──(root㉿kali)-[/]└─# apt update┌──(root㉿kali)-[/]└─# apt install -y busybox cryptsetup dropbear-initramfs lvm2We want to ensure we are on the latest kernel before we get started, so lets also make sure we have them installed:┌──(root㉿kali)-[/]└─# apt install -y kalipi-kernel kalipi-bootloader kalipi-re4son-firmwareBoot optionsNext we are going to edit /boot/cmdline.txt and change the root path. The /boot/cmdline.txt file on a RPi device is used to pass the kernel command line options. We will want to change the root path to be /dev/mapper/crypt, and then we will add in cryptdevice=PARTUUID=$partuuid:crypt right after that.The reason for this is that the kernel needs to know where the root filesystem is, in order to mount it and use it, and since we are encrypting the rootfs later in the post, during boot time it can’t see the unencrypted device either, because of the encryption! While we are changing the name here to “crypt”, you can call it anything you want.The end result should look like this:┌──(root㉿kali)-[/]└─# vim /boot/cmdline.txt┌──(root㉿kali)-[/]└─# cat /boot/cmdline.txtdwc_otg.fiq_fix_enable=2 console=serial0,115200 kgdboc=serial0,115200 console=tty1 root=/dev/mapper/crypt cryptdevice=PARTUUID=ed889dad-02:crypt rootfstype=ext4 fsck.repair=yes rootwait net.ifnames=0Partition layoutWe now need to update the /etc/fstab file, this is a configuration file on the system that contains all available disks, disk partitions, and what options to use when handling them.Currently it is populated with the UUID of the root filesystem, and we need it to point at the encrypted filesystem that we will be making. In this example, we’ve commented out what the previous root device’s UUID, and point at /dev/mapper/crypt which is what our encrypted filesystem will mount as, once we create it:┌──(root㉿kali)-[/]└─# vim /etc/fstab┌──(root㉿kali)-[/]└─# cat /etc/fstab# <file system> <mount point> <type> <options> <dump> <pass>proc /proc proc defaults 0 0/dev/mapper/crypt / ext4 errors=remount-ro 0 0#UUID=747bfa7c-edd2-471f-8fff-0ecafc2d3791 / ext4 errors=remount-ro 0 1LABEL=BOOT /boot vfat defaults 0 2Configure the encrypted partitionsWhen using encrypted partitions, we need to edit, or create, if it doesn’t exist, the /etc/crypttab file, which is used by cryptsetup to know what options are needed in order to unlock the encrypted device.Because this file doesn’t exist, we will create the /etc/crypttab file, and fill it with the options we need:┌──(root㉿kali)-[/]└─# echo -e ‘crypt\tPARTUUID=ed889dad-02\tnone\tluks’ > /etc/crypttabNow we do a little file-system trickery. We create a fake LUKS file-system which will allow cryptsetup to be included in the initramfs because it sees an encrypted partition. When you format any LUKS partitions, you will be prompted for a password, and while normally you will use a strong password, because we are only using this as a hack to include cryptsetup into our initramfs, the password you create at this prompt will not be needed or used past these steps, so you can set it to something short/quick to type. This will happen at the cryptsetup luksFormat step, and you will be prompted for the password you set during cryptsetup luksFormat when you run the cryptsetup luksOpen step.You will not see any input being typed when entering the password┌──(root㉿kali)-[/]└─# dd if=/dev/zero of=/tmp/fakeroot.img bs=1M count=20┌──(root㉿kali)-[/]└─# exit$ sudo cryptsetup luksFormat /mnt/chroot/tmp/fakeroot.img$ sudo cryptsetup luksOpen /mnt/chroot/tmp/fakeroot.img crypt$ sudo mkfs.ext4 /dev/mapper/cryptConfiguring SSH keysAfter that we need to copy over OR generate a new ssh key to be added to Dropbear’s authorized_keys file.If we already have an existing key to copy over:$ sudo cp ~/.ssh/id_rsa.pub /mnt/chroot/Alternatively to generate a new key:$ ssh-keygen -t rsa -b 4096[…]Enter file in which to save the key (/home/kali/.ssh/id_rsa): /home/kali/.ssh/id_rsa_dropbearEnter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /home/kali/.ssh/id_rsa_dropbearYour public key has been saved in /home/kali/.ssh/id_rsa_dropbear.pub[…]$ sudo cp ~/.ssh/id_rsa_dropbear.pub /mnt/chroot/You will not see any input being typed when entering a passphraseConfiguring for encryptionGoing back into the chroot, we need to create a few new files.First is the zz-cryptsetup hook which adds the files we need for cryptsetup into the initramfs. For it to work, it needs to be marked as executable so that mkinitramfs will run the hook:$ sudo env LANG=C chroot /mnt/chroot/┌──(root㉿kali)-[/]└─# vim /etc/initramfs-tools/hooks/zz-cryptsetup┌──(root㉿kali)-[/]└─# cat /etc/initramfs-tools/hooks/zz-cryptsetup#!/bin/shset -ePREREQ=””prereqs(){echo “${PREREQ}”}case “${1}” inprereqs)prereqsexit 0;;esac. /usr/share/initramfs-tools/hook-functionsmkdir -p ${DESTDIR}/cryptroot || truecat /etc/crypttab >> ${DESTDIR}/cryptroot/crypttabcat /etc/fstab >> ${DESTDIR}/cryptroot/fstabcat /etc/crypttab >> ${DESTDIR}/etc/crypttabcat /etc/fstab >> ${DESTDIR}/etc/fstabcopy_file config /etc/initramfs-tools/unlock.sh /etc/unlock.sh┌──(root㉿kali)-[/]└─# chmod +x /etc/initramfs-tools/hooks/zz-cryptsetupShould you wish to disable it at any point in the future for any reason, simply remove the executable bit.We edit the modules file for initramfs-tools so that we include the dm-crypt module, and cat the file to verify it is correct:┌──(root㉿kali)-[/]└─# grep -q dm_crypt /etc/initramfs-tools/modules || echo dm_crypt >> /etc/initramfs-tools/modules┌──(root㉿kali)-[/]└─# cat /etc/initramfs-tools/modules# List of modules that you want to include in your initramfs.# They will be loaded at boot time in the order below.## Syntax: module_name [args …]## You must run update-initramfs(8) to effect this change.## Examples:## raid1# sd_moddm_cryptConfiguring remote SSH unlockCreate an unlock.sh script with the following contents, and then mark it as executable so that the script runs in the initramfs:┌──(root㉿kali)-[/]└─# vim /etc/initramfs-tools/unlock.sh┌──(root㉿kali)-[/]└─# cat /etc/initramfs-tools/unlock.sh#!/bin/shexport PATH=’/sbin:/bin:/usr/sbin:/usr/bin’while true; dotest -e /dev/mapper/crypt && break || cryptsetup luksOpen /dev/disk/by-uuid/$REPLACE_LATER cryptdone/scripts/local-top/cryptrootfor i in $(ps aux | grep ‘cryptroot’ | grep -v ‘grep’ | awk ‘{print $1}’); do kill -9 $i; donefor i in $(ps aux | grep ‘askpass’ | grep -v ‘grep’ | awk ‘{print $1}’); do kill -9 $i; donefor i in $(ps aux | grep ‘ask-for-password’ | grep -v ‘grep’ | awk ‘{print $1}’); do kill -9 $i; donefor i in $(ps aux | grep ‘\\-sh’ | grep -v ‘grep’ | awk ‘{print $1}’); do kill -9 $i; doneexit 0┌──(root㉿kali)-[/]└─# chmod +x /etc/initramfs-tools/unlock.shNext we must add the following to the beginning of /etc/dropbear/initramfs/authorized_keys, which tells it to run this command when we SSH in if the key matches:┌──(root㉿kali)-[/]└─# vim /etc/dropbear/initramfs/authorized_keys┌──(root㉿kali)-[/]└─# cat /etc/dropbear/initramfs/authorized_keyscommand=”/etc/unlock.sh; exit”After doing so, we can append the SSH key that we copied over and then remove it from the card:┌──(root㉿kali)-[/]└─# cat id_rsa.pub >> /etc/dropbear/initramfs/authorized_keys && rm -v id_rsa.pubOnce you’re done, /etc/dropbear/initramfs/authorized_keys should look like this:┌──(root㉿kali)-[/]└─# cat /etc/dropbear/initramfs/authorized_keyscommand=”/etc/unlock.sh; exit” ssh-rsa <key> [emailprotected]Everything in the authorized_keys file should be one line, as well as a space between the command’s ending ” and the ssh key (e.g. […]exit” ssh-rsa[…])We now need to edit /usr/share/initramfs-tools/scripts/init-premount/dropbear to add a sleep timer, this allows for networking to start before Dropbear does. It is important to note that when there are updates to the dropbear-initramfs package, this edit will need to be re-added:┌──(root㉿kali)-[/]└─# vim /usr/share/initramfs-tools/scripts/init-premount/dropbear┌──(root㉿kali)-[/]└─# cat /usr/share/initramfs-tools/scripts/init-premount/dropbear[ “$BOOT” != nfs ] || configure_networkingsleep 5run_dropbear &echo $! >/run/dropbear.pidNow we enable cryptsetup:┌──(root㉿kali)-[/]└─# echo CRYPTSETUP=y >> /etc/cryptsetup-initramfs/conf-hook┌──(root㉿kali)-[/]└─# tail /etc/cryptsetup-initramfs/conf-hook## Whether to include the askpass binary to the initramfs image. askpass# is required for interactive passphrase prompts, and ASKPASS=y (the# default) is implied when the hook detects that same device needs to be# unlocked interactively (i.e., not via keyfile nor keyscript) at# initramfs stage. Setting ASKPASS=n also skips `cryptroot-unlock`# inclusion as it requires the askpass executable.#ASKPASS=yCRYPTSETUP=yKernelThe next step is important for the people who are following along. What to select, depends on the RPi device you are using, will . Below are five kernel names/editions/flavours which you need to select one of for your needs (please pay attention!):Re4son+ is for 32-bit ARMEL armv6 devices – i.e. RPi1, RPi0, or RPi0wRe4son-v7+ is for 32-bit ARMHF armv7 devices – i.e. RPi2 v1.2, RPi3 or RPi02wRe4son-v8+ is for 64-bit ARM64 armv8 devices – i.e. RPi2 v1.2, RPi3 or RPi02wRe4son-v7l+ is for 32-bit ARMHF armv7 devices – i.e. RPi4 or RPi400 devicesRe4son-v8l+ is for 64-bit ARM64 armv8 devices – i.e. RPi4 or RPi400 devicesThe l in the name stands for lpae – Large Physical Address ExtensionAs a reminder, we are using the RPi4, 64-bit image. So we would need Re4son-v8l+. Please make sure you adjust to your device.So now we know what kernel name to use, we now need to find what kernel version. This will alter from device to device, and it will also change as and when Kali gets updates At the time of writing, it is 5.15.44 for our RPi:Keep in mind the kernel versions may change, however the name will not:┌──(root㉿kali)-[/]└─# ls -l /lib/modules/ | awk -F” ” ‘{print $9}’5.15.44-Re4son+5.15.44-Re4son-v7+5.15.44-Re4son-v7l+5.15.44-Re4son-v8+5.15.44-Re4son-v8l+┌──(root㉿kali)-[/]└─# echo “initramfs initramfs.gz followkernel” >> /boot/config.txtKeep in mind the kernel versions (5.15.44) may change, however the kernel name (Re4son-v8l+) will not.Now we need to create the initramfs. This is where the kernel version comes into play:┌──(root㉿kali)-[/]└─# mkinitramfs -o /boot/initramfs.gz 5.15.44-Re4son-v8l+Now we want to ensure that we created the initramfs correctly. If there is no result, then something went wrong:┌──(root㉿kali)-[/]└─# lsinitramfs /boot/initramfs.gz | grep cryptsetupusr/lib/aarch64-linux-gnu/libcryptsetup.so.12usr/lib/aarch64-linux-gnu/libcryptsetup.so.12.7.0usr/lib/cryptsetupusr/lib/cryptsetup-nuke-passwordusr/lib/cryptsetup-nuke-password/cryptusr/lib/cryptsetup/askpassusr/lib/cryptsetup/askpass.cryptsetupusr/lib/cryptsetup/functionsusr/sbin/cryptsetup┌──(root㉿kali)-[/]└─# lsinitramfs /boot/initramfs.gz | grep authorizedroot-Q2iWOODUwk/.ssh/authorized_keys┌──(root㉿kali)-[/]└─# lsinitramfs /boot/initramfs.gz | grep unlock.shetc/unlock.shDisable servicesBefore we can backup, we have to ensure that rpi-resizerootfs is disabled. This is a service we typically run on all of our ARM devices that resizes the root filesystem partition to increase the size of the partition to the full size of the storage device it is on. Since we are doing this step manually, we want to disable it, so it doesn’t potentially delete our root filesystem and re-make it.┌──(root㉿kali)-[/]└─# systemctl disable rpi-resizerootfsBackup any existing dataNow we can ensure that all the changes are written, then we can encrypt the disk:┌──(root㉿kali)-[/]└─# sync┌──(root㉿kali)-[/]└─# exit$ sudo umount /mnt/chroot/{boot,sys,proc,dev/pts,dev}$ sudo mkdir -vp /mnt/{backup,encrypted}$ sudo rsync -avh /mnt/chroot/* /mnt/backup/$ sudo cryptsetup luksClose crypt$ sudo umount /mnt/chroot$ echo -e “d\n2\nw” | sudo fdisk /dev/sdX$ echo -e “n\np\n2\n\n\nw” | sudo fdisk /dev/sdXConfigure the encrypted partitionsDepending on what device you are using you will have to use one of two commands. If you are using a RPi4 with 4GB or more, use this command:$ sudo cryptsetup -v -y –cipher aes-cbc-essiv:sha256 –key-size 256 luksFormat /dev/sdX2Otherwise you will want to use the following which uses an older version of LUKS:$ sudo cryptsetup -v -y –pbkdf pbkdf2 –cipher aes-cbc-essiv:sha256 –key-size 256 luksFormat /dev/sdX2Restore our dataAfterwards you can finish restoring data back to the now encrypted partition:$ sudo cryptsetup -v luksOpen /dev/sdX2 crypt$ sudo mkfs.ext4 /dev/mapper/crypt$ sudo mount /dev/mapper/crypt /mnt/encrypted/$ sudo rsync -avh /mnt/backup/* /mnt/encrypted/$ syncThe final steps that we have to make are to fix up the /etc/fstab file for the new LUKS UUID, or you can leave it as /dev/mapper/crypt and replace the UUID in our unlock script and remake the initramfs file, this step is important as it will not properly boot if not done, because it won’t have the information to use the encrypted filesystem! Remember to put the information in from YOUR system, as the UUID will be different for every system:$ sudo mount /dev/sdX1 /mnt/encrypted/boot/$ sudo mount -t proc none /mnt/encrypted/proc$ sudo mount -t sysfs none /mnt/encrypted/sys$ sudo mount -o bind /dev /mnt/encrypted/dev$ sudo mount -o bind /dev/pts /mnt/encrypted/dev/pts$ sudo env LANG=C chroot /mnt/encrypted┌──(root㉿kali)-[/]└─# blkid /dev/sdX2/dev/sdX2: UUID=”173e2de4-0501-4d8e-9039-a4923bfa5ee7″ TYPE=”crypto_LUKS” PARTUUID=”e1750e08-02″┌──(root㉿kali)-[/]└─# cat /etc/fstab# <file system> <mount point> <type> <options> <dump> <pass>proc /proc proc defaults 0 0UUID=173e2de4-0501-4d8e-9039-a4923bfa5ee7 / ext4 errors=remount-ro 0 1LABEL=BOOT /boot vfat defaults 0 2┌──(root㉿kali)-[/]└─# vim /etc/initramfs-tools/unlock.sh┌──(root㉿kali)-[/]└─# cat /etc/initramfs-tools/unlock.sh#!/bin/shexport PATH=’/sbin:/bin:/usr/sbin:/usr/bin’while true; dotest -e /dev/mapper/crypt && break || cryptsetup luksOpen /dev/disk/by-uuid/173e2de4-0501-4d8e-9039-a4923bfa5ee7 cryptdone/scripts/local-top/cryptrootfor i in $(ps aux | grep ‘cryptroot’ | grep -v ‘grep’ | awk ‘{print $1}’); do kill -9 $i; donefor i in $(ps aux | grep ‘askpass’ | grep -v ‘grep’ | awk ‘{print $1}’); do kill -9 $i; donefor i in $(ps aux | grep ‘ask-for-password’ | grep -v ‘grep’ | awk ‘{print $1}’); do kill -9 $i; donefor i in $(ps aux | grep ‘\\-sh’ | grep -v ‘grep’ | awk ‘{print $1}’); do kill -9 $i; doneexit 0┌──(root㉿kali)-[/]└─# vim /etc/crypttab┌──(root㉿kali)-[/]└─# cat /etc/crypttabcrypt PARTUUID=e1750e08-02 none luks┌──(root㉿kali)-[/]└─# mkinitramfs -o /boot/initramfs.gz 5.15.44-Re4son-v8l+If you get a cryptsetup error here, similar to cryptsetup: ERROR: Couldn’t resolve device PARTUUID=ed889dad-02 that means that you did not edit the /etc/crypttab file and put the correct PARTUUID in. The warning about no fsck.luks existing can be ignored, as there is no such thing.Now we can unmount and close up everything:┌──(root㉿kali)-[/]└─# exit$ sudo umount /mnt/encrypted/{boot,sys,proc,dev/pts,dev}$ sudo umount /mnt/encrypted$ sudo cryptsetup luksClose cryptEarlier, we mentioned the LUKS Nuke capability. If you plan to use it, while booted on your freshly encrypted RPi rootfs, simply run the following command to add the Nuke password and follow the prompt:[emailprotected]:~$ sudo dpkg-reconfigure cryptsetup-nuke-passwordStay tuned for part two where we cover remotely connecting to the Raspberry Pi as a dropbox device!Automate!Now how about we get this automated? Thanks to Richard Nelson (@unixabg), anyone who wants to get this all set up in much less time than the manual method and much easier, can!First things first, let’s download unixabg’s cryptmypi script:$ git clone https://github.com/unixabg/cryptmypi.git$ cd cryptmypi/There are a number of things we want to do before we can run the build scripts however. Let’s go through those together now:$ cp cryptmypi.conf config/.$ cat ~/.ssh/id_rsa.pub >> config/authorized_keysNow we need to edit cryptmypi.conf to change some settings in stage-2. These settings will be personal, but let’s just give you all an example:$ vim config/cryptmypi.conf$ cat config/cryptmypi.conf#################### cryptmypi settings################### export prefix for hooksexport _VER=”2.2-beta”# base and buildexport _BASEDIR=$(pwd)export _BUILDDIR=${_BASEDIR}/cryptmypi-build#################### Stage-1##################_IMAGEURL=https://kali.download/arm-images/kali-2022.2/kali-linux-2022.2-raspberry-pi-arm64.img.xz# compose package actionsexport _PKGSPURGE=””export _PKGSINSTALL=””# iodine settings_IODINE_PASSWORD=”your iodine password goes here”_IODINE_DOMAIN=”your iodine domain goes here”# final package actionsexport _FINALPKGPURGE=””export _FINALPKGINSTALL=”telnet dsniff bettercap”#################### Stage-2################### block device_BLKDEV=”/dev/sdb”# luks encryption cipher_LUKSCIPHER=”aes-cbc-essiv:sha256″# luks encryption password_LUKSPASSWD=”toor”# root passwordexport _ROOTPASSWD=”toor”What we changed here is the block device, LUKS encryption password, and the root password. The image URL can be changed if you would like to use a different image file, so be sure to do that now if need be.Now the only thing left to do is run both stages’ scripts and follow the instructions. By the end of it, you’ll have a fully encrypted file-system with Dropbear SSH access!

on July 21, 2022 at 12:00 am

We have always made all our build-scripts public. These are the same set of tools which we use to generate Kali Linux (for each release, or our weekly images). You may have noticed that previously there wasn’t anything about Virtual Machines (VMs). This is because until recently it was a manually done process, which followed our guides (VMware & VirtualBox).We have now upped our DevOps game, and automated the build process! Enter build-scripts/Kali-VM.Another positive outcome of this is that it allows us to generate weekly VMs now! These images are more up-to-date, meaning less packages need updates out of the box, but the only set of tests run are the automated ones. Our release images have an additional set of Quality Assurance (QA) smoke-tests run against them, with the knowledge of last-snapshot, meaning the packages are in a known state. You have a choice: Stable vs updates!Let’s start with a quick introduction to the weekly VMs, then we’ll have a glimpse at the Kali-VM build script.Weekly Kali VMsYou can find these Kali images in the Virtual Machines section of Get Kali. Scroll down a bit, they are just there. At the moment we have weekly images for VMware and VirtualBox.The VMware weekly image will be no surprise for those who already use the quaterly Kali VMware images: it’s pretty much identical, except that it’s built from the kali-rolling branch. In order to use it you just need to import it in VMware.However, the VirtualBox weekly image is published in a different format than the one we use for Kali releases. For various reasons, we decided to distribute it in the “native” VirtualBox format, that is: a VDI disk and a .vbox metadata file. Fear not though, because importing this VM in VirtualBox is super easy. If you’re already a user of the VirtualBox image, we’d love to hear your feedback on this new image! Feel free to drop us a word on the Kali-VM GitLab repository.The Kali-VM build scriptFor the most demanding users, here’s the good news: we published the build script to generate those images! If you are wondering “Cool, but what can I do with Your Kali-VM repository,” a feature highlight (for the time being):Create VMs for VMware, VirtualBox, QEMU or a single VM which works with all three (aka “generic”)Create VMs for x64 and x86 (sorry, no ARM64 at this point in time!)Create the VMs directly on the host or in a container (Docker or Podman)Select as many (or as little!) tools/metapackages you wish to be includedConfigure your locale, timezone, username and passwordThe build script is stable enough that we are using it in production, but its still early days. As a result, there is a roadmap of features we would like to add:ARM64 supportHyper-V supportHook support (allowing you to customize Kali’s settings, such as changing preferences or altering the wallpaper)Many more ideas!If the above sounds great to you, we would love a hand adding it! We are gladly encouraging merge requests! If you find a bug, great! Let us know as well =)Now if you are wondering “Okay, this is pretty cool. How do I get started?” please take a look at the README. This will give you a basic idea of what requirements are needed, and how to get started. Then its just a case of looking at the help screen, and customizing the arguments to your needs!Want some examples to get you going?$ ./build.sh -v vmware$ ./build.sh -v virtualbox -a i386 -D kde$ ./build.sh -v virtualbox -b kali-last-snapshot -D gnome -T everything$ ./build.sh -v qemu -D none -T none -P nmap,sqlmapHappy hacking

on July 8, 2022 at 12:00 am

A few months ago, Linode reached out to us asking “What would be needed in order to get Kali added to Linode?”. We explained to them how all the build-scripts that we used to create Kali are public, and what their different options and configurations mean. They went away and came back shortly with an image for us to try out! After a bit of testing, we can now say “Kali is in Linode… (Twice)”!Twice? You can get Kali two ways. Either:Create a new Linode and select Kali as the Distribution. This gives you a bare install of Kali without any tools.Alternatively, go to Linode’s marketplace, and select Kali, and scroll down…Using Linode’s marketplace allows you to customize your Kali installation directly in the web browser! You will be asked a series of questions allowing you to personalize the installation, without having to SSH in, such as as “which metapackages to install (none, default, or everything)” or “do you want GUI access (via VNC)”? That’s pretty cool right?!Which option is best? That depends on you. Some people like to have a bare install, without any tools, and as little packages as possible. You can install whichever package you want. This will reduce the running cost of the cloud instance and help you understand your system environment better.However, if you want to get going as quickly as possible, or be in a more familiar graphical environment (using Xfce), then the market place option may be better!Kali is free in Linode’s marketplace, the only cost is the running cost of a Cloud instance. How much is that? That depends on the system requirements you pick! There aren’t any extra changes for using Kali.What’s the username/password to connect? That depends! The username will be root (by default), and the password will be what you set during setup. You can also use SSH keys if you selected one during setup also. If you installed via the marketplace, you can also use VNC details you entered.It goes without saying, also make sure you have permission. Make sure to read the Linode’s small print, read over their security page and open up a Linode ticket if you need it in writing!If you want more to read, check Linode’s blog post, Linode’s documentation, as well as Kali’s documentation.Happy Hacking!

on May 16, 2022 at 12:00 am

It’s that time of year again, time for another Kali Linux release! Quarter #2 – Kali Linux 2022.2. This release has various impressive updates, all of which are ready for immediate download or updating.The summary of the changelog since the 2022.1 release from February 2022 is:GNOME 42 – Major release update of the popular desktop environmentKDE Plasma 5.24 – Version bump with a more polished experienceMultiple desktop enhancements – Disabled motherboard beep on Xfce, alternative panel layout for ARM, better support for VirtualBox shared folders, and lots moreTweaks for the terminal – Enhanced Zsh syntax-highlighting, inclusion of Python3-pip and Python3-virtualenv by defaultApril fools – Hollywood mode – Awesome screensaverKali Unkaputtbar – BTRFS snapshot support for KaliWin-KeX 3.1 – sudo support for GUI appsNew tools – Various new tools addedWPS attacks in Kali NetHunter – Added WPS attacks tab to the NetHunter appGNOME 42Like for every (almost) half-year, there is a new version bump for the GNOME desktop environment. Kali 2022.2 brings the new version, GNOME 42, which is a more polished experienced following the work previously introduced in versions 40 and 41.The shell theme now includes a more modern look, removing the arrows from the pop-up menus and using more rounded edges. In addition, we’ve upgraded and tweaked the dash-to-dock extension, making it integrate better with the new look and fixing some bugs.Here is a preview of the upgraded Kali themes for gnome-shell:Kali-Dark:Kali-Light:GNOME 42’s Built-In Screenshot and Screencast ToolWith GNOME 42, there is one new feature that is brighter than all of the others: the screenshot and screen-recording tool. It’s an enormous improvement in terms of user experience. Screenshots are, at the same time, saved to the ~/Pictures/Screenshots/ folder and copied to the clipboard, so the user does not need to find them.Quick shortcuts to skip the On Screen Display (OSD) dialog:Window screenshot: Alt + PtrScrFull-screen screenshot: Shift + PtrScrKDE Plasma 5.24This new Plasma release focuses on smoothing out wrinkles, evolving the design, and improving the overall feel and usability of the environment:Other Desktop EnhancementsXfce TweaksDisable noisy motherboard beep when clicking the logout dialog!Thank you @DavidAlvesWeb!Configure mousepad (text editor) to add the missing newline at the end of the file (POSIX standard):It was especially problematic if you used the text file in the terminal. Printing two files would show their respective last and first lines joined.Set the default wallpaper for multi-monitor setupsFix mouse pointer size to prevent auto-scaling in large displaysNew simplified panel layout for arm devices:The layout we generally use for Xfce works perfectly, but it could not fit in undersized displays. This issue was common on ARM devices like the Raspberry Pi, which can use a screen the size of the board. Therefore, we have created an alternative panel layout that gets automatically applied for all ARM-based images. Here is an example of a display with a 800×480 resolution:This modification also removes the CPU graph widget, not only due to the horizontal space it required, but also because it had a performance hit in low spec ARM devices.App IconsIt has been some time since the last update of the kali menu. This time the icons for nmap, ffuf, and edb-debugger were improved and updated, and new ones were added for evil-winrm and bloodhound.Another improvement for the app dashboard is that the programs that include a user interface will now respect the custom icon provided by Kali. Previously, the icon in the app drawer showed the proper image, but once you launched it, the icon hardcoded to the program took preference, usually using a lower quality and pixelated image. This change will only affect KDE and GNOME desktops and, unfortunately, does not work on Xfce. Thankfully, this issue was more noticeable in these desktops, as icons in Xfce’s panel are tiny.Before:After:Automated Copy of Missing Configurations:Generally, configuration files in Kali are stored outside of the $HOME directory, but some programs do not support this. As a workaround, some config-files need to be copied to the user’s home directory when it gets created.This method has two issues:Firstly, if the user removes an important file inside their folder, the system might not behave as expected.Alternatively, the user will only receive the config-files available the moment it gets created. Therefore, if an OS update or program adds a new file (or modifies and existing), the user will not receive it unless they manually copy it.With this change, the system will automatically copy any file from /etc/skel found missing in your home folder without replacing the already existing ones (do not worry, your changes will not get overwritten). So if, for example, you remove the Zsh shell configuration file, ~/.zshrc, the next time you log in, the file will be replaced.VirtualBox Shared Folder SupportIf you are using VirtualBox, when a user account is created, it is now automatically added to the vboxsf group by default. This means if you are using VirtualBox, there is now one less step if you want to use shared folders.Tweaks for the TerminalSmall changes to the Zsh syntax-highlighting colours to improving legibility.python3-pip and python3-virtualenv are now included by default Kali installations.Added shell autocompletion for John The Ripper.All …2john tools (zip2john, 7z2john, pdf2john, etc.) can now be called directly by just typing their name, no need to cd /usr/share/john/ first.Resource packages (wordlists, windows-resources, powersploit, etc.) now show a much clearer output with colours differentiating the type of file or directory:Hollywood Activate / Kali Screensaver (April Fools)Last year for April Fools Day we did our “Kali 4 Kids” joke, which a scarily large number of people took VERY seriously. The number of organizations that contacted us wanting access to Kali 4 Kids was crazy.This year, instead of celebrating with a joke, we wanted to give everyone something fun.We have all seen Kali show up in movies and TV shows (like Mr. Robot) over the years. Hacking as shown in popular media, has ranged from really fun to completely absurd, so we saw the opportunity to do a tribute to some of our favourite instances (and get a little nostalgic).Your browser does not support the video tag.Even though this project was designed for 1st April it still works as an awesome screensaver. For this reason, we thought it would be a good idea to keep it in our repository so you can install it whenever you want:Installation:┌──(kali㉿kali)-[~]└─$ sudo apt -y install kali-screensaverYou can also install the hollywood-activate command to be able to launch it immediately from the terminal and avoid waiting for the screensaver to launch:┌──(kali㉿kali)-[~]└─$ sudo apt -y install hollywood-activate┌──(kali㉿kali)-[~]└─$ hollywood-activateIf you want this on macOS or Windows, download the video file, and then use something like:macOS: SaveHollywoodWindows: videosaverKali UnkaputtbarLast March we introduced the official support for BTRFS snapshotting in Kali Linux. We call it Kali Unkaputtbar!Sounds great, doesn’t it!Unkaputtbar brings Virtual Machines’ (VMs’) snapshot feature to bare-metal and injects some steroids.Have you ever wished you could travel back in time after deleting that important customer report or after installing a broken driver (Nvidia?) just before heading into a board meeting? Well, you’d better read on, because now you can!FeaturesBoot snapshotDiff snapshotsBrowse snapshotsAdditional automatic snapshotsFor more information, here you have all the documentation for BTRFS Installation.Preview of Kali Unkaputtbar in action, showing all the previous snapshots you can choose from the boot menu.Win-KeX 3.1This update eliminates a restriction preventing GUI application from being run as root. Now you can start any GUI application with sudo, e.g.sudo wiresharkNew Tools in KaliIt would not be a Kali release if there were not any new tools added! A quick run down of what has been added (to the network repositories):BruteShark – Network Forensic Analysis Tool (NFAT)Evil-WinRM – Ultimate WinRM shellHakrawler – Web crawler designed for easy, quick discovery of endpoints and assetsHttpx – Fast and multi-purpose HTTP toolkitLAPSDumper – Dumps LAPS passwordsPhpSploit – Stealth post-exploitation frameworkPEDump – Dump Win32 executable filesSentryPeer – SIP peer-to-peer honeypot for VoIPSparrow-wifi – Graphical Wi-Fi Analyzer for Linuxwifipumpkin3 – Powerful framework for rogue access pointsWe want Kali to be able to access and interact with as many different services as possible. We all know that databases often contain juicy information. And MongoDB is no exception. The client has been restored & fixed up. Sorry for the down time!There have been numerous packages updates as well.Kali NetHunter UpdatesThe legendary @yesimxev has added a new WPS Attacks tab to the Kali NetHunter app, which utilizes OneShot to perform various WPS attacks without monitor mode from your internal wireless chip, even from your Kali NetHunter watch!The TicWatch Pro 3 GPS, LTE, Ultra GPS, Ultra LTEare receiving initial NetHunter support. It features the same functionalities as the TicWatch Pro, except BadUSB. We are Trying Harder to bring you even more for the next release on this watch! In the meantime, all TicWatch Pros are now supported – TicWatch Pro, Pro 2020, Pro 4G/LTE.Head over to our documentation site for a step-by-step guide on how to install Kali NetHunter on your TicWatch Pro 3 device.Kali ARM UpdatesRaspberry Pi:Bump kernel to 5.10.103Bluetooth is fixed, for real this timeWi-Fi firmware now uses 7.45.206 by default instead of 7.45.154, with nexmon patches appliedRaspberry Pi Zero 2 W is now supported by nexmonImprovements to the wpa_supplicant.conf handlingKernel has NVME support built in, instead of module, so Raspberry Pi Compute Modules that use NVMe for their root device will work out of the boxThe Raspberry Pi userland is now packaged up for ARM64 instead of built manually at image creationPinebook Pro:Use the Kali kernel and u-boot instead of compiling our ownUSB Armory MKII:Bump to kernel 5.15Radxa Zero:Build scripts available for either eMMC or SD Card. Documentation still needs to be written, but loosely follow the instructions on the Radxa Zero wikiBuild Script improvements:command-not-found and kali-tweaks are included in minimal buildsThe base directory is now cleaned up at build completion instead of an empty directory left aroundWe would also like to give a community shout-out to Syndrowm, who improved wpa_supplicant.conf handling on Raspberry Pi devices – thank you!Kali Documentation UpdatesWe’ve pushed a couple of changes to the Kali-Docs during this time as well. One new page that we think Apple silicon users will enjoy, and a sizeable change to another page that will interest any users wishing to access a “Desktop” (aka Graphical User Interface – GUI) from a normally strictly headless instance.Running x86 on ARM (New)Accessing Xfce with RDP (Updated)Download Kali Linux 2022.2Fresh Images:So what are you waiting for? Start downloading already!Seasoned Kali Linux users are already aware of this, but for the ones who are not, we do also produce weekly builds that you can use as well. If you cannot wait for our next release and you want the latest packages (or bug fixes) when you download the image, you can just use the weekly image instead. This way you will have fewer updates to do.Just know that these are automated builds that we do not QA like we do our standard release images. But we gladly take bug reports about those images because we want any issues to be fixed before our next release!Existing Installs:If you already have an existing Kali Linux installation, remember you can always do a quick update:┌──(kali㉿kali)-[~]└─$ echo “deb http://http.kali.org/kali kali-rolling main non-free contrib” | sudo tee /etc/apt/sources.list┌──(kali㉿kali)-[~]└─$ sudo apt update && sudo apt -y full-upgrade┌──(kali㉿kali)-[~]└─$ [ -f /var/run/reboot-required ] && sudo reboot -fYou should now be on Kali Linux 2022.2 We can do a quick check by doing:┌──(kali㉿kali)-[~]└─$ grep VERSION /etc/os-releaseVERSION=”2022.2″VERSION_ID=”2022.2″VERSION_CODENAME=”kali-rolling”┌──(kali㉿kali)-[~]└─$ uname -v#1 SMP PREEMPT Debian 5.16.18-1kali1 (2022-04-01)┌──(kali㉿kali)-[~]└─$ uname -r5.16.0-kali7-amd64NOTE: The output of uname -r may be different depending on the system architecture.As always, should you come across any bugs in Kali, please submit a report on our bug tracker. We will never be able to fix what we do not know is broken! And Twitter is not a Bug Tracker!Want to keep in up-to-date easier? We have a RSS feeds & newsletter of our blog!