You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Kali Linux is not maintaining their own cloud images. Therefore we need to create them manually. To create a Kali image, follow this article. The image is built with tightvncserver enabled for the root user, with a default password ("kaliVNC"). Cloud-init is configured to not disable the root user. This makes it possible to SSH into the root account, and the keypair injected from Openstack will be valid for root login.

This article describes how to build the image on a Linux computer, with KVM/libvirt running locally.

Install Kali on a local virtual machine

  1. Download the latest Kali Linux image, with the xfce DE. The gnome3 version works kind of poorly when remoting to it via VNC.. Download here
  2. Create a new VM on your local Linux computer running KVM/libvirt, and install Kali from the ISO. 15GB disk should be sufficient. Use the qcow2 format. Make sure to select the virtio driver both for disk and NIC. The VM also need internet connectivity.
  3. During the installation, use manual partitioning. Create just one partition, with / mounted, and enable the bootable flag. Disable swap.
  4. When prompted, set the root password to "toor" (default for Kali)

Modify the image, to make it cloud ready

  1. Login to the virtual machine with root, and run apt update && apt upgrade. Reboot if necessary.
  2. Install cloud-init: apt install cloud-init
    1. Add datasource_list: [ OpenStack, ConfigDrive, Ec2 ] to /etc/cloud/cloud.cfg
  3. Run systemctl enable cloud-init
  4. Run systemctl enable cloud-final
  5. Edit the file /etc/default/grub, and make sure that the variable GRUB_CMDLINE_LINUX_DEFAULT contains console=ttyS0 console=tty0 (if there's other content in this variable that's fine. Just add this to the end of the string.
    NOTE: remove quiet
    1. Run update-grub

Enable ssh server

  1. systemctl enable ssh

Enable vncserver for user "kali", and add it to upstart

  1. Install tightvncserver
  2. Run vncserver
    1. Enter the password "kaliVNC" twice
    2. When the command returns, kill the vncserver with vncserver -kill :1

  3. Create /usr/local/bin/vncserv and paste this content

    #!/bin/bash
PATH="$PATH:/usr/bin"
DISPLAY="1"
DEPTH="24"
GEOMETRY="1280x960"
OPTIONS="-depth ${DEPTH} -geometry ${GEOMETRY} :${DISPLAY}"

case "$1" in
start)
/usr/bin/vncserver ${OPTIONS}
;;

stop)
/usr/bin/vncserver -kill :${DISPLAY}
;;

restart)
$0 stop
$0 start
;;
esac
exit 0

  4. Create /lib/systemd/system/vncserv.service and paste this content

    [Unit]
Description=VNC Server

[Service]
Type=forking
ExecStart=/usr/local/bin/vncserv start
ExecStop=/usr/local/bin/vncserv stop
ExecReload=/usr/local/bin/vncserv restart
User=kali

[Install]
WantedBy=multi-user.target

  5. Run systemctl daemon-reload; systemctl enable vncserv

Final steps

  1. Shutdown the virtual machine
  2. Unmount the ISO file (if still mounted)
  3. Run (on your local machine) virt-sysprep -d <vm-name>
  4. Convert the qcow2 disk to raw format, and upload it to glance. (howto)

 

 

  • No labels