-
Notifications
You must be signed in to change notification settings - Fork 3
How to use
First you need a rootfs so you can chroot into it. This can be achieved through many ways, including (but not limited to) installing Kali inside a VM and then backing up its rootfs. But that's too much work to do.
Easiest ways to get a rootfs:
-
debootstrap: Downloads and installs packages inside a folder -
kali-vmdk2tar+kali-tar2rootfs: Convert official Kali OVI package totar.zstimages, then extract them to desired directory.
You should have an empty directory/mounted partition ready for chroot environment bootstrapping (for example /kali).
# debootstrap kali-rolling /kali http://http.kali.org/kali
This only installs basic packages required for a working chroot environment.
To have a more complete Kali chroot environment, you can install kali-linux-default group, kali-linux-large group, kali-linux-everything group, or even cherry pick tools you need from what Kali provides in its repositories.
# kali-chroot /kali
# apt update && apt install kali-linux-large
This way is more recommended if chroot host is offline and has no internet access.
First, you have to ensure that you have installed QEMU and have a Linux kernel with NBD (Network Block Device) support. Other requirements are usually installed in every GNU/Linux distro, by default.
After that, download the latest OVA under "Kali Linux VirtualBox Images" section from this page.
NOTE: Only OVA files are supported and Multi-part VMDK images available as "Kali Linux VMWare Images" have not been tested and may not work.
NOTE: Both kali-vmdk2tar and kali-tar2rootfs are time consuming and each may take up to 5 minutes or more (depending on the system specs and the storage type). Please be patient while they're running. Also, both are Work-in-progress and still don't have a "setup/teardown" model, so if you press Ctrl-C the script can't revert things it has done, such as loading the NBD module, connecting the NBD device, etc. Use at your own risk.
After downloading OVA file, you should extract it using tar or any other tool of choice to get the .vmdk disk image out of it.
$ tar xvf kali-linux-2020.2a-vbox-amd64.ova
Then you can run the following command to make an image from .vmdk file.
# kali-vmdk2tar Kali-Linux-2020.2a-vbox-amd64-disk001.vmdk /root/kali-image.tar.zst
Now, you can bootstrap your chroot environment by extracting tar image to the chroot's rootfs directory.
# kali-tar2rootfs /root/kali-image.tar.zst /kali
To be able to use PulseAudio, you should configure PulseAudio server in host environment to listen on a UNIX Domain Socket and accept incoming connections from all users and also configure the client (chroot environment) to connect to this UNIX socket.
Best place for this socket is inside /run as it is bound in chroot environment to host's /run directory by default.
Please note that this is not the best solution as it has the UNIX socket overhead, and you will be better off using instructions found in here.
Notice: This section contains content (modified) from Arch Linux Wiki on PulseAudio.
It is sometimes desirable to run some programs as another user on the same desktop of the primary user in order to isolate the software. However, PulseAudio will not accept by default connections by the secondary users, since a PulseAudio daemon is already running for the primary user. However, a PulseAudio UNIX socket can be created in order to accept connections from other users to the main PulseAudio daemon run by the primary user.
First, edit /etc/pulse/default.pa or ~/.config/pulse/default.pa and add a directive for the unix socket to be created:
load-module module-native-protocol-unix auth-anonymous=1 socket=/run/pulse-socket
Afterwards, set PulseAudio as a client to the UNIX socket just created in the chroot environment by putting this directive in /etc/pulse/client.conf:
default-server = unix:/run/pulse-socket
In order to be able to use that server, you should export DBus machine ID to chroot environment, which can be done using -m switch.
# kali-chroot -d ":0" -m /kali
(chroot) # xterm