====== Kali Linux for CSP/CSS ======
Kali Linux install for Virtualbox on **__Apple Silicon__** M1/M2/M3/M4?\\
For x86_64 -> [[os:kali:css|go here]]\\
:!: :!: NOT FOR PRODUCTION :!: :!:
===== Prerequisite =====
* Apple Silicon MX CPU
* [[https://www.virtualbox.org/wiki/Downloads|Vitrualbox Apple Silicon Hosts]]
* [[https://www.virtualbox.org/wiki/Downloads|VirtualBox Extension Pack]]
* Kali ARM iso install [[https://www.kali.org/get-kali/#kali-installer-images| Apple Silicon (ARM64)]]
===== Install =====
Create a VM using the iso as bootable CD
{{ :os:kali:screenshot_2024-11-10_at_09.19.42.png?nolink |}}
==== Launch the machine ====
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_54_30.png?nolink |}}
==== select language ====
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_54_55.png?nolink |}}
==== select country ====
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_55_11.png?nolink |}}
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_55_22.png?nolink |}}
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_55_31.png?nolink |}}
==== locales ====
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_55_38.png?nolink |}}
==== Keyboard mapping ====
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_55_50.png?nolink |}}
or
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_56_08.png?nolink |}}
==== machine name ====
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_57_51.png?nolink |}}
==== user (sudoer) + password ====
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_58_25.png?nolink |}}
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_58_42.png?nolink |}}
==== Partitioning ====
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_59_00.png?nolink |}}
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_59_08.png?nolink |}}
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_59_14.png?nolink |}}
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_59_21.png?nolink |}}
{{ :os:kali:virtualbox_kali_linux_10_11_2024_09_59_28.png?nolink |}}
==== Default packages ====
{{ :os:kali:virtualbox_kali_linux_10_11_2024_10_01_46.png?nolink |}}
{{ :os:kali:virtualbox_kali_linux_10_11_2024_10_15_32.png?nolink |}}
==== First reboot ====
check your login/pass then shutdown the VM
{{ :os:kali:virtualbox_kali_linux_10_11_2024_10_15_49.png?nolink |}}
{{ :os:kali:virtualbox_kali_linux_10_11_2024_10_54_51.png?nolink |}}
==== Snapshot ====
{{ :os:kali:screenshot_2024-11-10_at_11.06.44.png?nolink |}}
==== First full upgrade ====
sudo su
apt update
apt dist-upgrade -y && reboot
{{ :os:kali:virtualbox_kali_linux_10_11_2024_11_08_31.png?nolink |}}
we can safely apply any update/restart any services set default values as nobody but us is on this VM
{{ :os:kali:virtualbox_kali_linux_10_11_2024_11_27_01.png?nolink |}}
...
{{ :os:kali:virtualbox_kali_linux_10_11_2024_11_31_16.png?nolink |}}
Takes a while but should finish then immediately reboot. If it doesn't reboot, note the error and google/Ai for it
==== snapshot II ====
shutdown the machine and make a new snapshot
{{ :os:kali:screenshot_2024-11-10_at_11.36.18.png?nolink |}}
==== Guest Tools installation ====
boot the VM, log in your session\\
click on the menu Devices> Insert Guest Addition CD\\
Right-click on the CD on the Desktop and choose "Mount Volume"
{{ :os:kali:virtualbox_kali_linux_10_11_2024_11_40_20.png?nolink |}}
Launch a terminal
sudo su
cd /media/cdrom0
{{ :os:kali:virtualbox_kali_linux_10_11_2024_11_43_45.png?nolink |}}
apt install -y dkms linux-headers-`uname -r` build-essential
sh ./VBoxLinuxAdditions-arm64.run
usermod -sG vboxsf warnaud
:!: chane **warnaud** by the name of your user
{{ :os:kali:virtualbox_kali_linux_10_11_2024_12_01_11.png?nolink |}}
==== Fine tuning ====
stop the machine and click on the settings button to fine tune it:
* add more RAM and CPU if possible (runs fine with defaults)
* add clipboard
* 3D acceleration
* disable audio
* share folder
{{ :os:kali:screenshot_2024-11-10_at_12.05.50.png?nolink |}}
{{ :os:kali:screenshot_2024-11-10_at_12.06.14.png?nolink |}}
{{ :os:kali:screenshot_2024-11-10_at_12.06.29.png?nolink |}}
{{ :os:kali:screenshot_2024-11-10_at_12.06.45.png?nolink |}}
{{ :os:kali:screenshot_2024-11-10_at_12.07.10.png?nolink |}}
{{ :os:kali:screenshot_2024-11-10_at_12.07.53.png?nolink |}}
==== Extra packages ====
Start the machine, now you "should be able to copy/paste commands !
apt update && apt install -y htop ccze dfc iftop libreoffice libreoffice-l10n-de libreoffice-l10n-fr clipit zaproxy
===== Hacks =====
==== sudoers ====
sudo su
usermod -aG kali-trusted kali
==== Autologin ====
sudo su
=== Manual ===
vi /etc/lightdm/lightdm.conf
...
[Seat:*]
...
autologin-user=kali
autologin-user-timeout=0
...
=== One-liner ===
8-)
sudo sed -i 's/#autologin-user=/autologin-user=kali/g; s/#autologin-user-timeout=0/autologin-user-timeout=0/g' /etc/lightdm/lightdm.conf
===== Extra packages =====
==== Docker ====
sudo su
apt update
apt install -y apt-transport-https ca-certificates curl gnupg lsb-release
# Add Docker's official GPG key
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
# Add Docker repository (using Debian as base since Kali is Debian-based)
echo "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian bullseye stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
# Update package list again
apt update
apt install -y docker-ce docker-ce-cli containerd.io
systemctl enable docker --now
usermod -aG docker kali
==== Docker-compose ====
check: https://github.com/docker/compose/releases/ for url
sudo su
sudo wget https://github.com/docker/compose/releases/download/v2.30.3/docker-compose-linux-aarch64 -O /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose
==== Test ====
Does it work?\\
:!: log out or reboot so the user kali is part of the docker group :!:
docker info
docker-compose info
==== Volatility 2 & python2 ====
sudo su
# Install dependencies
apt install -y python2 python2-dev build-essential git libdistorm3-dev yara libraw1394-11 libcapstone-dev capstone-tool tzdata libpython2-dev libjpeg-dev zlib1g-dev libfreetype6-dev liblcms2-dev libwebp-dev tcl8.6-dev tk8.6-dev python2.7-tk
#Install pip
cd
curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py
python2 get-pip.py
# Install Python deps with python2 pip
python2 -m pip install -U setuptools wheel
python2 -m pip install importlib
python2 -m pip install distorm3
python2 -m pip install pycrypto
python2 -m pip install yara-python==3.11.0
python2 -m pip install pillow
python2 -m pip install openpyxl
python2 -m pip install pytz
python2 -m pip install ipython
python2 -m pip install capstone
# link yara
ln -s /usr/lib/aarch64-linux-gnu/libyara.so.10 /usr/lib/libyara.so
# Check python & yara are working
python2 -c "import yara; print('YARA Python working')"
yara --version
# Clone Volatility 2
cd /opt
git clone https://github.com/volatilityfoundation/volatility.git
echo "#! /usr/bin/bash
/usr/bin/python2 /opt/volatility/vol.py \$@" > /usr/local/bin/volatility
chmod +x /usr/local/bin/volatility
==== Volatility 3 ====
sudo su
cd /opt
git clone https://github.com/volatilityfoundation/volatility3.git
ln -s /opt/volatility3/vol.py /usr/local/bin/volatility3
==== Yara ====
sudo su
mkdir /opt/yara
cd /opt/yara
git clone https://github.com/Yara-Rules/rules.git