Fix up the mirrors in the script since most people probably don't have access to my build system and network... probably.
260 lines
8.9 KiB
Bash
Executable File
260 lines
8.9 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# This is the Trimslice Kali ARM build script - http://utilite-computer.com/web/home
|
|
# A trusted Kali Linux image created by Offensive Security - http://www.offensive-security.com
|
|
|
|
if [[ $# -eq 0 ]] ; then
|
|
echo "Please pass version number, e.g. $0 1.0.1"
|
|
exit 0
|
|
fi
|
|
|
|
basedir=`pwd`/trimslice-$1
|
|
|
|
# Make sure that the cross compiler can be found in the path before we do
|
|
# anything else, that way the builds don't fail half way through.
|
|
export CROSS_COMPILE=arm-linux-gnueabihf-
|
|
if [ $(compgen -c $CROSS_COMPILE | wc -l) -eq 0 ] ; then
|
|
echo "Missing cross compiler. Set up PATH according to the README"
|
|
exit 1
|
|
fi
|
|
# Unset CROSS_COMPILE so that if there is any native compiling needed it doesn't
|
|
# get cross compiled.
|
|
unset CROSS_COMPILE
|
|
|
|
# Package installations for various sections.
|
|
# This will build a minimal XFCE Kali system with the top 10 tools.
|
|
# This is the section to edit if you would like to add more packages.
|
|
# See http://www.kali.org/new/kali-linux-metapackages/ for meta packages you can
|
|
# use. You can also install packages, using just the package name, but keep in
|
|
# mind that not all packages work on ARM! If you specify one of those, the
|
|
# script will throw an error, but will still continue on, and create an unusable
|
|
# image, keep that in mind.
|
|
|
|
arm="abootimg cgpt fake-hwclock ntpdate vboot-utils vboot-kernel-utils uboot-mkimage"
|
|
base="kali-menu kali-defaults initramfs-tools usbutils"
|
|
desktop="xfce4 network-manager network-manager-gnome xserver-xorg-video-fbdev"
|
|
tools="passing-the-hash winexe aircrack-ng hydra john sqlmap wireshark libnfc-bin mfoc"
|
|
services="openssh-server apache2"
|
|
extras="iceweasel wpasupplicant"
|
|
|
|
export packages="${arm} ${base} ${desktop} ${tools} ${services} ${extras}"
|
|
export architecture="armhf"
|
|
# If you have your own preferred mirrors, set them here.
|
|
# You may want to leave security.kali.org alone, but if you trust your local
|
|
# mirror, feel free to change this as well.
|
|
# After generating the rootfs, we set the sources.list to the default settings.
|
|
export mirror=http.kali.org
|
|
export security=security.kali.org
|
|
|
|
# Set this to use an http proxy, like apt-cacher-ng, and uncomment further down
|
|
# to unset it.
|
|
#export http_proxy="http://localhost:3142/"
|
|
|
|
mkdir -p ${basedir}
|
|
cd ${basedir}
|
|
|
|
# create the rootfs - not much to modify here, except maybe the hostname.
|
|
debootstrap --foreign --arch $architecture kali kali-$architecture http://$mirror/kali
|
|
|
|
cp /usr/bin/qemu-arm-static kali-$architecture/usr/bin/
|
|
|
|
LANG=C chroot kali-$architecture /debootstrap/debootstrap --second-stage
|
|
cat << EOF > kali-$architecture/etc/apt/sources.list
|
|
deb http://$mirror/kali kali main contrib non-free
|
|
deb http://$security/kali-security kali/updates main contrib non-free
|
|
EOF
|
|
|
|
# Set hostname
|
|
echo "kali" > kali-$architecture/etc/hostname
|
|
|
|
cat << EOF > kali-$architecture/etc/hosts
|
|
127.0.0.1 kali localhost
|
|
::1 localhost ip6-localhost ip6-loopback
|
|
fe00::0 ip6-localnet
|
|
ff00::0 ip6-mcastprefix
|
|
ff02::1 ip6-allnodes
|
|
ff02::2 ip6-allrouters
|
|
EOF
|
|
|
|
cat << EOF > kali-$architecture/etc/network/interfaces
|
|
auto lo
|
|
iface lo inet loopback
|
|
|
|
auto eth0
|
|
iface eth0 inet dhcp
|
|
EOF
|
|
|
|
cat << EOF > kali-$architecture/etc/resolv.conf
|
|
nameserver 8.8.8.8
|
|
EOF
|
|
|
|
export MALLOC_CHECK_=0 # workaround for LP: #520465
|
|
export LC_ALL=C
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
|
|
mount -t proc proc kali-$architecture/proc
|
|
mount -o bind /dev/ kali-$architecture/dev/
|
|
mount -o bind /dev/pts kali-$architecture/dev/pts
|
|
|
|
cat << EOF > kali-$architecture/debconf.set
|
|
console-common console-data/keymap/policy select Select keymap from full list
|
|
console-common console-data/keymap/full select en-latin1-nodeadkeys
|
|
EOF
|
|
|
|
cat << EOF > kali-$architecture/third-stage
|
|
#!/bin/bash
|
|
dpkg-divert --add --local --divert /usr/sbin/invoke-rc.d.chroot --rename /usr/sbin/invoke-rc.d
|
|
cp /bin/true /usr/sbin/invoke-rc.d
|
|
echo -e "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d
|
|
chmod +x /usr/sbin/policy-rc.d
|
|
|
|
apt-get update
|
|
apt-get install locales-all
|
|
|
|
debconf-set-selections /debconf.set
|
|
rm -f /debconf.set
|
|
apt-get update
|
|
apt-get -y install git-core binutils ca-certificates initramfs-tools uboot-mkimage
|
|
apt-get -y install locales console-common less nano git
|
|
echo "root:toor" | chpasswd
|
|
sed -i -e 's/KERNEL\!=\"eth\*|/KERNEL\!=\"/' /lib/udev/rules.d/75-persistent-net-generator.rules
|
|
rm -f /etc/udev/rules.d/70-persistent-net.rules
|
|
apt-get --yes --force-yes install $packages
|
|
|
|
rm -f /usr/sbin/policy-rc.d
|
|
rm -f /usr/sbin/invoke-rc.d
|
|
dpkg-divert --remove --rename /usr/sbin/invoke-rc.d
|
|
|
|
rm -f /third-stage
|
|
EOF
|
|
|
|
chmod +x kali-$architecture/third-stage
|
|
LANG=C chroot kali-$architecture /third-stage
|
|
|
|
cat << EOF > kali-$architecture/cleanup
|
|
#!/bin/bash
|
|
rm -rf /root/.bash_history
|
|
apt-get update
|
|
apt-get clean
|
|
rm -f /0
|
|
rm -f /hs_err*
|
|
rm -f cleanup
|
|
rm -f /usr/bin/qemu*
|
|
EOF
|
|
|
|
chmod +x kali-$architecture/cleanup
|
|
LANG=C chroot kali-$architecture /cleanup
|
|
|
|
umount kali-$architecture/proc/sys/fs/binfmt_misc
|
|
umount kali-$architecture/dev/pts
|
|
umount kali-$architecture/dev/
|
|
umount kali-$architecture/proc
|
|
|
|
# Create the disk and partition it
|
|
echo "Creating image file for Trimslice"
|
|
dd if=/dev/zero of=${basedir}/kali-$1-trimslice.img bs=1M count=7000
|
|
parted kali-$1-trimslice.img --script -- mklabel msdos
|
|
parted kali-$1-trimslice.img --script -- mkpart primary ext2 2048s 264191s
|
|
parted kali-$1-trimslice.img --script -- mkpart primary ext4 264192s 100%
|
|
|
|
# Set the partition variables
|
|
loopdevice=`losetup -f --show ${basedir}/kali-$1-trimslice.img`
|
|
device=`kpartx -va $loopdevice| sed -E 's/.*(loop[0-9])p.*/\1/g' | head -1`
|
|
device="/dev/mapper/${device}"
|
|
bootp=${device}p1
|
|
rootp=${device}p2
|
|
|
|
# Create file systems
|
|
mkfs.ext2 $bootp
|
|
mkfs.ext4 $rootp
|
|
|
|
# Create the dirs for the partitions and mount them
|
|
mkdir -p ${basedir}/bootp ${basedir}/root
|
|
mount $bootp ${basedir}/bootp
|
|
mount $rootp ${basedir}/root
|
|
|
|
echo "Rsyncing rootfs into image file"
|
|
rsync -HPavz -q ${basedir}/kali-$architecture/ ${basedir}/root/
|
|
|
|
# Enable serial console access
|
|
echo "T1:23:respawn:/sbin/agetty -L ttys0 115200 vt100" >> ${basedir}/root/etc/inittab
|
|
|
|
cat << EOF >> ${basedir}/root/etc/udev/links.conf
|
|
M ttyS0 c 5 1
|
|
EOF
|
|
|
|
cat << EOF >> ${basedir}/root/etc/securetty
|
|
ttyS0
|
|
EOF
|
|
|
|
cat << EOF > ${basedir}/root/etc/apt/sources.list
|
|
deb http://http.kali.org/kali kali main non-free contrib
|
|
deb http://security.kali.org/kali-security kali/updates main contrib non-free
|
|
|
|
deb-src http://http.kali.org/kali kali main non-free contrib
|
|
deb-src http://security.kali.org/kali-security kali/updates main contrib non-free
|
|
EOF
|
|
|
|
# Uncomment this if you use apt-cacher-ng otherwise git clones will fail.
|
|
#unset http_proxy
|
|
|
|
# Kernel section. If you want to use a custom kernel, or configuration, replace
|
|
# them in this section.
|
|
git clone --depth 1 git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git ${basedir}/kernel
|
|
cd ${basedir}/kernel
|
|
patch -p1 --no-backup-if-mismatch < ${basedir}/../patches/mac80211.patch
|
|
touch .scmversion
|
|
export ARCH=arm
|
|
export CROSS_COMPILE=arm-linux-gnueabihf-
|
|
cp ${basedir}/../kernel-configs/trimslice.config .config
|
|
#make tegra_defconfig
|
|
make -j $(grep -c processor /proc/cpuinfo) zImage modules dtbs
|
|
make modules_install INSTALL_MOD_PATH=${basedir}/root
|
|
cp arch/arm/boot/zImage ${basedir}/bootp/
|
|
cp arch/arm/boot/dts/tegra20-trimslice.dtb ${basedir}/bootp/
|
|
cd ${basedir}
|
|
|
|
rm -rf ${basedir}/root/lib/firmware
|
|
cd ${basedir}/root/lib
|
|
git clone --depth 1 https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git firmware
|
|
rm -rf ${basedir}/root/lib/firmware/.git
|
|
cd ${basedir}
|
|
|
|
echo << EOF > ${basedir}/bootp/boot.txt
|
|
setenv bootargs root=/dev/mmcblk0p2 nohdparm rootwait console=ttyS0,115200n8 earlyprintk
|
|
ext2load usb 0:1 4080000 uImage
|
|
ext2load usb 0:1 4800000 uInitrd
|
|
ext2load usb 0:1 4000000 tegra20-trimslice.dtb
|
|
bootm 4080000 4800000 4000000
|
|
EOF
|
|
|
|
# Create u-boot boot script image
|
|
mkimage -A arm -T script -C none -d ${basedir}/bootp/boot.txt ${basedir}/bootp/boot.scr
|
|
|
|
# Unmount partitions
|
|
umount $bootp
|
|
umount $rootp
|
|
kpartx -dv $loopdevice
|
|
losetup -d $loopdevice
|
|
|
|
# Clean up all the temporary build stuff and remove the directories.
|
|
# Comment this out to keep things around if you want to see what may have gone
|
|
# wrong.
|
|
echo "Removing temporary build files"
|
|
rm -rf ${basedir}/patches ${basedir}/kernel ${basedir}/bootp ${basedir}/root ${basedir}/kali-$architecture ${basedir}/boot
|
|
|
|
# If you're building an image for yourself, comment all of this out, as you
|
|
# don't need the sha1sum or to compress the image, since you will be testing it
|
|
# soon.
|
|
echo "Generating sha1sum for kali-$1-trimslice.img"
|
|
sha1sum kali-$1-trimslice.img > ${basedir}/kali-$1-trimslice.img.sha1sum
|
|
# Don't pixz on 32bit, there isn't enough memory to compress the images.
|
|
MACHINE_TYPE=`uname -m`
|
|
if [ ${MACHINE_TYPE} == 'x86_64' ]; then
|
|
echo "Compressing kali-$1-trimslice.img"
|
|
pixz ${basedir}/kali-$1-trimslice.img ${basedir}/kali-$1-trimslice.img.xz
|
|
rm ${basedir}/kali-$1-trimslice.img
|
|
echo "Generating sha1sum for kali-$1-trimslice.img.xz"
|
|
sha1sum kali-$1-trimslice.img.xz > ${basedir}/kali-$1-trimslice.img.xz.sha1sum
|
|
fi
|