Tutorials for running live Kali on OSX often require you have networking on your laptop to apt install the drivers, but without an ethernet adapter you're not going to be able to do that, so this tutorial will cover a method of doing this manually, using another thumbdrive or external data source.
Download the appropriate Kali Linux .iso
- Download site: https://www.kali.org/downloads/
I used a 64 bit .iso image, downloaded via HTTP.
Download the SHA256SUMS and SHA256SUMS.gpg files from the same location.
Check the hash
Check that the hashes were not tampered with. First, get the Kali GPG public key, and verify the fingerprint:
$ wget -q -O - https://www.kali.org/archive-key.asc | gpg --import
$ gpg --fingerprint 7D8D0BF6
pub rsa4096 2012-03-05 [SC] [expires: 2018-02-02]
44C6 513A 8E4F B3D3 0875 F758 ED44 4FF0 7D8D 0BF6
uid [ unknown] Kali Linux Repository <[email protected]>
sub rsa4096 2012-03-05 [E] [expires: 2018-02-02]
$ gpg --verify SHA256SUMS.gpg SHA256SUMS
gpg: Signature made Sun 12 Nov 03:47:29 2017 GMT
gpg: using RSA key 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6
gpg: Good signature from "Kali Linux Repository <[email protected]>" [unknown]Compare the SHA256 hash with that reported in SHASUMS:
$ cat SHA256SUMS
16123b76a6d4fc3ed72aef508bee9542462f2d1d5376acd1fcc3369ad337a505 kali-linux-2017-W46-amd64.iso
$ shasum -a 256 kali-linux-2017-W46-amd64.iso
16123b76a6d4fc3ed72aef508bee9542462f2d1d5376acd1fcc3369ad337a505 kali-linux-2017-W46-amd64.isoCreate the USB disk
Identify your external USB with diskutil - the disk ID (disk2, disk3 etc is represented as <DISK> below):
$ diskutil listIf necessary, prep the external USB with diskutil to get a single partition:
$ diskutil eraseDisk FAT32 KALI /dev/<DISK>Unmount the volume in DIsk Utility, or at the command-line:
$ diskutil unmountDisk /dev/<DISK>Then use dd to make a bootable image on the USB. Use pv to track progress if you have it installed:
$ pv -tpreb <path to downloaded .iso> | sudo dd of=/dev/<DISK> bs=1m
$ diskutil unmountDisk /dev/<DISK>If you don't have pv:
$ sudo dd if=<path to downloaded .iso> of=/dev/<DISK> bs=1m
$ diskutil unmountDisk /dev/<DISK>Boot into Kali Linux
- Restart the Mac
- Hold down the Option key when you hear the chime
- Select
EFIas the startup disk - Select
Live system (encrypted persistence)
Create a new persistent encrypted partition
- Open the terminal
$ parted -l
# ... other drives listed...
Model: <Your flash drive here>
Disk: <DEVICE_PATH>
# ... other information...
$ parted <DEVICE_PATH>
(parted) print freeThere should be a single large block without a number on the last line representing the remaining free space on your drive. On mine, it looks like this:
Number Start End Size Type File system Flags
0.03MB 0.03MB 0.00MB Free Space
1 0.03MB 2936MB 2936MB primary boot, hidden
2 2936MB 2937MB 0.72MB primary
2937MB 64173MB 6123MB Free Space
You want to use the start of this final block of free space as the basis of your new partition:
(parted) mkpart primary 2937MB 100%
(parted) quit
Information: You may need to update /etc/fstabWe can verify this completed and get our partition device path for the next step by doing the following:
$ fdisk -l
# ... other drives listed ...
Device Boot Start End Sectors Size Id Type
<DEVICE_PATH>1 * 64 5734399 5734336 2.8G 17 Hidden HPFS/NTFS
<DEVICE_PATH>2 5734400 5735807 1408 704K 1 FAT12
<DEVICE_PATH>3 5736448 125337599 119601152 57G 83 LinuxThe last, largest partition is what we want, (something like /dev/sdb3) now we can create the encrypted container:
$ cryptsetup --verbose --verify-passphrase luksFormat <PARTITION_PATH>
WARNING!
========
This will overwrite data on <PARTITION_PATH> irrevocably.
Are you sure> (Type uppercase yes): YES
Enter passphrase for <PARTITION_PATH>: <strong password>
Verify passphrase: <same password>
Command successful.
$ cryptsetup luksOpen <PARTITION_PATH> my_usb
Enter passphrase for <PARTITION_PATH>: <same password>
$ mkfs.ext3 -L persistence /dev/mapper/my_usb
# ... loads of mke2fs output ...
Writing superblocks and filesystem accounting information:
# ... this can take a VERY long time, depending on the size and speed of your drive, be patient ...
done
$ e2label /dev/mapper/my_usb persistence
$ mkdir -p /mnt/my_usb
$ mount /dev/mapper/my_usb /mnt/my_usb
$ echo "/ union" > /mnt/my_usb/persistence.conf
$ umount /dev/mapper/my_usb
$ cryptsetup luksClose /dev/mapper/my_usb
$ reboot- Hold down the Option key when you hear the chime
- Select
EFIas the startup disk - Select
Live system (encrypted persistence) - At some point, you will be prompted to enter your password from earlier by a prompt that says
Please unlock disk <PARTITION_PATH>Depending on the model and boot order, the brightness might be very low and this might be difficult to see. If anyone has a fix for this, please let me know.
Install the wireless Drivers We will need to manually download these from their locations using the network, but since you don't have networking yet, we will extract the URLs to a text file and place them on a thumbdrive so we can reboot into OSX and download them.
- Plug in a portable drive
- It should come up under
/media/root - We'll make a handy function to get package URLs, and echo these to a file.
$ cd /media/root/<THUMBDRIVE_NAME>
$ getpkgurl(){ apt-get download --print-uris $1 | cut -d\' -f2 >> deps.txt; }
$ KERNELF=$(uname -r |cut -d- -f-2)
$ ARCH=$(uname -r|cut -d- -f3)
$ KERNELM=$(uname -r |cut -d- -f1|cut -d. -f-2)
$ getpkgurl linux-headers-$KERNELF-common
$ getpkgurl linux-headers-$KERNELF-$ARCH
$ getpkgurl linux-kbuild-$KERNELM
$ getpkgurl linux-compiler-gcc-7-x86
$ getpkgurl dkms
$ getpkgurl broadcom-sta-dkms
$ rebootYou should now have a file called deps.txt on your second flash drive that will have the URLs to all of the packages you need to download.
- reboot the machine into OSX
- open the terminal
- download dependencies like so:
$ cd /Volumes/<SECOND_THUMBDRIVE>
$ while read dep; do curl -LOs $dep; done < deps.txt- Restart the Mac
- Hold down the Option key when you hear the chime
- Select
EFIas the startup disk - Select
Live system (encrypted persistence) - Enter the password as before
- Open a terminal and install the debs we downloaded manually:
$ cd /media/root/<THUMBDRIVE_NAME>
$ ARCH=$(uname -r|cut -d- -f3)
$ dpkg -i linux-kbuild*.deb
$ dpkg -i linux-compiler*.deb
$ dpkg -i linux-headers*common*.deb
$ dpkg -i linux-headers*$ARCH*.deb
$ dpkg -i dkms*.deb
$ dpkg -i broadcom-sta-dkms*.deb
$ modprobe -r b44 b43 b43legacy ssb brcmsmac bcma
$ modprobe wl
$ sed -i 's/managed=false/managed=true/g' /etc/NetworkManager/NetworkManager.conf
$ service network-manager restartYou're done!
That does NOT work.
diskutil eraseDisk FAT32 KALI /dev/ allocates ALL the remaining disk space to the ISO portion, there is NO remaining space.