Skip to content

Instantly share code, notes, and snippets.

@majduk

majduk/import-kali-to-gcp.md

Last active January 31, 2023 15:43
Show Gist options
  • Save majduk/a9be6c9d771182fbe1e3b72eb6b365eb to your computer and use it in GitHub Desktop.
Save majduk/a9be6c9d771182fbe1e3b72eb6b365eb to your computer and use it in GitHub Desktop.
Download ZIP
Import Kali Linux to GCE
Raw
import-kali-to-gcp.md

Importing Kali Linux image to Google Compute Engine

While there is a ready to use desktop Kali in GCP marketplace, it is possible to create a GCP instance out of it.

Currently fails due to bug Lack of GCE image is also reported to Kali in bug/16

Get the cloud image

First you need to download the cloud image:

wget https://kali.download/cloud-images/kali-2022.4/kali-linux-2022.4-cloud-genericcloud-amd64.tar.xz

Notes:

  • You can finetune the version of Kali in the URL, the latest images are available at kali.org

Then, the image needs to be uncompressed:

xz -d -v kali-linux-2022.4-cloud-genericcloud-amd64.tar.xz
tar -xvf kali-linux-2022.4-cloud-genericcloud-amd64.tar

That creates ca 12G disk.raw file.

Setup GCP project

There are some pre-requirements. The VM image import and export tool requires the following accounts to perform the operation on its behalf:

  • User account. The account from which you're running the import and export commands.
  • Cloud Build service account. A default Cloud Build service account that is created when the import or export tool enables the Cloud Build API.
  • Compute Engine service account. A default or custom Compute Engine service account that is required for the import and export workflow.

To import or export images, your user account requires the following roles:

  • Storage Admin role (roles/storage.admin)
  • Viewer role (roles/viewer)
  • Project IAM Admin role (roles/resourcemanager.projectIamAdmin)
  • Cloud Build Editor role (roles/cloudbuild.builds.editor)

Import the Kali cloud image

Command below creates GCP image usable when launching new GCP instances:

gcloud compute images import kali-linux-2022-4 \
    --os=debian-11 \
    --source-file=disk.raw

This is one step command, documented here that under the hood involves four steps:

  • Upload the virtual disk file to Cloud Storage.
  • Import the image to Compute Engine.
  • Detect the OS and bootloader contained on the disk.
  • Translate the image to make a bootable image. This command performs all four of these steps as required, depending on the input arguments specified.

The command installs also GCE gues environment to make the image bootable and manageable on GCP.

Notes

  • --os determines the guest environment version and needs to be aligned with Kali's base Debian rfelease.
  • all the intermediate files and logs are stored so if everything goes well, it's best to clean them up
  • bug

Example output:

majduk@majduk-linux:~$ gcloud compute images import kali-linux-2022-4     --os=debian-11 --source-file=disk.raw
Copying [disk.raw] to [gs://<project-bucket>/tmpimage/2cefa291-199e-4f8f-a70f-7f1a41794a92-84dfdc72-ed65-4e61-bed1-a000d327b24c-disk.raw]...done.                                                                                                
WARNING: Importing image. This may take up to 2 hours.


Created [https://cloudbuild.googleapis.com/v1/projects/<project>/locations/us-central1/builds/1cd88c16-5f19-4a8b-b435-71f1cfb8b586].
Logs are available at [https://console.cloud.google.com/cloud-build/builds;region=us-central1/1cd88c16-5f19-4a8b-b435-71f1cfb8b586?project=<project>].
starting build "1cd88c16-5f19-4a8b-b435-71f1cfb8b586"
[import-image]: 2023-01-31T10:26:34Z Inspecting the image file...
[import-image]: 2023-01-31T10:27:28Z Creating Google Compute Engine disk from gs://<project>-daisy-bkt-us/tmpimage/2cefa291-199e-4f8f-a70f-7f1a41794a92-84dfdc72-ed65-4e61-bed1-a000d327b24c-disk.raw
[import-image]: 2023-01-31T10:32:48Z Finished creating Google Compute Engine disk
[import-image]: 2023-01-31T10:32:48Z Inspecting disk for OS and bootloader
[import-image]: 2023-01-31T10:34:14Z Inspection result=os_release:{distro:"kali" major_version:"2022" minor_version:"4" architecture:X64 distro_id:KALI} bios_bootable:true uefi_bootable:true elapsed_time_ms:85873 os_count:1
[import-image]: 2023-01-31T10:34:14Z The boot disk can boot with either BIOS or a UEFI bootloader. The default setting for booting is BIOS. If you want to boot using UEFI, please see https://cloud.google.com/compute/docs/import/importing-virtual-disks#importing_a_virtual_disk_with_uefi_bootloader'.
[import-image]: 2023-01-31T10:34:30Z Making disk bootable on Google Compute Engine
[import-image]: 2023-01-31T10:38:21Z Finished making disk bootable

In case the import fails with an error:

[import-image]: 2023-01-30T16:10:01Z Making disk bootable on Google Compute Engine
[import-image]: 2023-01-30T16:17:47Z step "translate-disk" run error: step "wait-for-translator" run error: WaitForInstancesSignal FailureMatch found for "inst-translator-translate-translate-disk-rtvzj": "TranslateFailed: error: E: Unable to correct problems, you have held broken packages."

This mean that there is a misalignment between --os flag value and the base Debian rerelease of the Kali version you use.

Test your image!

You can launch the instance using your image (it is under Custom images).

Clean up the resporces

Files stored on Cloud Storage and images in Compute Engine incur charges. It's best to clean them up. See here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment