There are two things that I particularly love doing: security auditing, and tinkering with live distributions. It is very intriguing to see exactly how weak or strong your own electronic devices are against various attacks, and sometimes very contrary to expectations.
This is, of course, an extension of my usual love of seeing exactly what new and strange things I can get my old electronic devices to do, which brings us to live distributions. Live distros are simply operating systems designed to work from removable media, usually across multiple, different devices. For example, I once turned an old laptop into an ethernet/wireless bridge for my games console, by creating a live distro that ran off a USB stick. Boot with the USB stick: it’s a bridge! Without the USB: it’s my old laptop again! This gets even better if you’re dealing with embedded systems, systems with no permanent storage, etc.
(Live distros are also a gateway drug to stateless distributions, which are absolutely fascinating for repeatable engineering processes, testing, compliance, etc.)
Kali is Amazing
Given these two interests, it’s amazing that I hadn’t heard about Kali Linux until last week. Kali is a Debian-based OS, primarily designed for live usage, that is all about security testing.
Anyone who has ever tried security testing from their main OS knows what a pain it can be. Patch these drivers. Downgrade these packages. Install this thing from git. Oh no it sprayed random files all over your meticulously managed distro lol oops sorry not sorry…
But Kali gives you a nice, safe live distro, complete with patched drivers, recent kernels, up-to-date software, etc. Run it, mess around, hack on whatever, check to see if the router you bought from that dodgy shop in Ultimo patched a nasty WPS vulnerability, then reboot back into your normal day-to-day OS.
I felt like a ninja. In a tuxedo. WITH POISON DARTS.
…and that was, Kali didn’t work too well on my machine. When using the virtual consoles (accessed by
f1), I would have missed or repeated keystrokes. I couldn’t do serial debugging when running under Qemu. There were extra utilities that I wanted to install, and some cruft that I wanted to remove. Then I discovered that Kali actually provides instructions and repositories for building your own Debian-based live image.
At this point I’m just drunk on sheer technological possibility.
live-build a lot before, and it’s a wonderful tool. Its major drawback is that it’s a fast-moving target, and Kali seems to be a little behind. Using the instructions on the website proved problematic with the version of
live-build (4 point something) in Debian Wheezy (which is what I use for packaging and certain kinds of tinkering).
When I tried simply using
live-build with the Kali repos as the main package source (as per their git repo), the
live-config hooks didn’t run, which meant the live user wasn’t set up, the serial console wasn’t available, and so on.