Kali Linux Live USB with persistence and wireless on Macbook Pro

kali_osx_persistence_wifi.md

Kali Linux Bootable USB with Persistence and Wireless on OSX

Download the appropriate Kali Linux .iso

• Download site: https://www.kali.org/downloads/

I used a 64 bit .iso image, downloaded via HTTP. I downloaded the amd64 weekly version, as the pool linux headers (needed below for installation of wireless drivers) were ahead of the stable release kernel.

Download the SHA256SUMS and SHA256SUMS.gpg files from the same location.

Check the hash

Check that the hashes were not tampered with. First, get the Kali GPG public key, and verify the fingerprint:

$ wget -q -O - https://www.kali.org/archive-key.asc | gpg --import
$ gpg --fingerprint 7D8D0BF6
pub   rsa4096 2012-03-05 [SC] [expires: 2018-02-02]
      44C6 513A 8E4F B3D3 0875  F758 ED44 4FF0 7D8D 0BF6
uid           [ unknown] Kali Linux Repository <[email protected]>
sub   rsa4096 2012-03-05 [E] [expires: 2018-02-02]
$ gpg --verify SHA256SUMS.gpg SHA256SUMS
gpg: Signature made Sun 12 Nov 03:47:29 2017 GMT
gpg:                using RSA key 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6
gpg: Good signature from "Kali Linux Repository <[email protected]>" [unknown]

Compare the SHA256 hash with that reported in SHASUMS:

$ cat SHA256SUMS
16123b76a6d4fc3ed72aef508bee9542462f2d1d5376acd1fcc3369ad337a505  kali-linux-2017-W46-amd64.iso
$ shasum -a 256 kali-linux-2017-W46-amd64.iso
16123b76a6d4fc3ed72aef508bee9542462f2d1d5376acd1fcc3369ad337a505  kali-linux-2017-W46-amd64.iso

Create the USB disk

Identify your external USB with diskutil - the disk ID (disk2, disk3 etc is represented as <DISK> below):

$ diskutil list

If necessary, prep the external USB with diskutil to get a single partition:

$ diskutil eraseDisk FAT32 KALI /dev/<DISK>

Unmount the volume in DIsk Utility, or at the command-line:

$ diskutil unmountDisk /dev/<DISK>

Then use dd to make a bootable image on the USB:

$ sudo dd if=<path to downloaded .iso> of=/dev/<DISK> bs=1m

Boot into Kali Linux

• Restart the Mac
• Hold down the Option key when you hear the chime
• Select EFI as the startup disk
• Select Kali Linux (persistence)

Create a new persistent partition

• Start gparted from the terminal
• Select the USB disk
• Select the Unallocated partition
• Create a new partition (by default this will fill the free space on the USB)
  • Partition -> New
  • Create as: Primary Partition
  • File system: ext3
  • Label: persistence
• Apply the operations
  • Edit -> Apply All Operations
  • Confirm this action
• Exit gparted

Combine the new partition with Kali Linux, persistently

Create a mount point for the persistence particion, and mount it

$ mkdir -p /mnt/my_usb
$ mount <DISK> /mnt/my_usb

Create a partition.conf file. This will enable the persistent storage on USB startup

$ echo "/ union" > /mnt/my_usb/persistence.conf
$ umount <DISK>

Check the persistent partition

• Restart the Mac
• Hold down the Option key when you hear the chime
• Select EFI as the startup disk
• Select Kali Linux (persistence)
• At the terminal:
  • df -h will bring up a list of mounted drives. There should be a mountpoint /lib/live/mount/persistence/<DISK> pointing to your new persistent partition
  • ls -ltrh /lib/live/mount/persistence/<DISK> should show four entries: lost+found, persistence.conf, rw, and work. The rw directory is a persistent link to /.

Update the OS

Update the installer and acquire the appropriate linux headers

$ apt-get update
$ apt-get install linux-image-$(uname -r|sed 's,[^-]*-[^-]*-,,')
$ apt-get install linux-headers-$(uname -r|sed 's,[^-]*-[^-]*-,,')

Install kernel headers

These need to be obtained separately:

$ wget http://http.kali.org/kali/pool/main/l/linux/linux-kbuild-<VERSION>_amd64.deb
$ wget http://http.kali.org/kali/pool/main/l/linux/linux-headers-<VERSION>-common_<VERSION>_amd64.deb
$ wget http://http.kali.org/kali/pool/main/l/linux/linux-headers-<VERSION>-amd64_<VERSION>_amd64.deb
$ dpkg -i linux-kbuild-<VERSION>_amd64.deb
$ dpkg -i linux-headers-<VERSION>-common_<VERSION>_amd64.deb
$ dpkg -i linux-headers-<VERSION>-amd64_<VERSION>_amd64.deb

Install the Broadcom drivers

apt-get install broadcom-sta-dkms

Enable and disable modules

$ modprobe -r b44 b43 b43legacy ssb brcmsmac bcma
$ modprobe wl

Enable network-manager

nano /etc/NetworkManager/NetworkManager.conf

Set the value of managed to true,

If anyone needs to do this without an ethernet cable (as I did), I have instructions to do just that here: https://gist.github.com/flowchartsman/994f545b4db4fb91ae6b8f4b77e54dff

I also can not find unallocated partition.

Yes, no "unallocated partition".
No one on the internet seems to be capable of explaining in simple terms how to prep a USB drive partitions (on Mac) to solve this problem....
Very frustrating.

I also can not find unallocated partition.

To everyone having the issue of not finding the 'unallocated' space of their USB, the solution that worked for me is the following:

• instead of gparted, open disk
• choose the drive you're working on
• you will find there the free space: hit + and make it a partition. You can make it an .ext4, you'll change it in a second
• format and make it an .ext3 partition with the proper label: run mkfs.ext3 -L persistence /dev/yourdiskname then run e2label /dev/yourdiskname persistence
• from here, you can start again following the tutorial (from paragraph Combine the new partition with Kali Linux, persistently), one of the best i've found online

Hope it helps, it worked for me.

Kali Linux Mac Usb Persistence - Working
I have found another way -
If you follow the instructions from beginning to end you will have a 100% working live usb persistence.
Make sure you follow steps

Steps -

• Download Kali Linux iso
• Format Usb to FAT32
• Open Disk Utility - Locate and select usb
  Make 2 Partitions or more as per your need
  1st Partition - Name Kali ( Format FAT32 Size 4GB )
  2nd Partition - Name persistence ( Format FAT32 - it fills up quickly when you update and upgrade Kali so i usually have 8GB or more)
  Once done
• Install Unetbootin for Mac ( its Free ) google it
• Open
• Choose Diskimage
  Click ... ( three dots - open - locate kali iso )
  Select Kali iso ( if already downloaded )
  Now
  Make sure Type is Selected as Usb Drive
  Select Partition to install Kali on Usb ( Kali partition for me )
  Click ok
  Once finished click exit.
• Restart Mac and hold option key on start-up
  Select EFI Boot
• Select Live System Persistence
• Open Gparted
• Select Device ( Usb )
• U will see all usb Partitions and Select persistence
• Right click On persistence and select Unmount
• Again Right click on persistence and select delete
• Apply pending opration
• Once finish it will automatically named
  Unallocated
• Again Select and Right click and Select New
• Create as Primary Partition
  File System - ext4
  Label - persistence
• Apply Pending Operations
  Once done
• Exit gparted
• Now open terminal
• type following
  fdisk -l ( To see disks/Volumes )
  mkdir -p /mnt/myusb
  enter
  mount (persistence partion name) /mnt/myusb/
  for me it was - mount /dev/sdb3 /mnt/myusb/
  enter
  echo "/ union" > /mnt/myusb/persistence.conf
  umount disk ( For me umount /dev/sdb3 )
  enter
  open persistence partition from Files and open file persistence.conf
  if it contains text / union (you should be good).
  reboot to kali live persistence again
  After reboot it should be working.

Just want to thank Garrysui for the the steps above.
Worked out perfectly!
One little tip so others dont make the same little mistake I made -- at the end of the steps where you have to unmount the disk, pay close attention to the syntax, the command is "umount" (I kept typing unmount and couldn't figure out why the heck it wasn't working). Total linux rookie mistake.

i have the a working persistent USB now with kali linux except i can not get it to recognize the laptop keyboard, track pad, wifi card ext and im having to use external plug in devises for everything. Any help would be great ?

pigw2204 I think you are looking for this https://github.com/Dunedan/mbp-2016-linux#keyboard--touchpad

Keybase proof

I hereby claim:

• I am ghani6155 on github.
• I am ghani6155 (https://keybase.io/ghani6155) on keybase.
• I have a public key ASCJz9AJ-iozjU6Ol21gBpVHHDgfdbdE4TDPVAZcF-MA8wo

To claim this, I am signing this object:

{
  "body": {
    "key": {
      "eldest_kid": "012089cfd009fa2a338d4e8e976d600695471c381f75b744e130cf54065c17e300f30a",
      "host": "keybase.io",
      "kid": "012089cfd009fa2a338d4e8e976d600695471c381f75b744e130cf54065c17e300f30a",
      "uid": "553032745215e849ef977191b3423819",
      "username": "ghani6155"
    },
    "merkle_root": {
      "ctime": 1568485415,
      "hash": "abd22bc555beac00714cb6a0b0fd3d67cc8df449ba1a724ea8962abfead8a1217dc9aa650aa685bed4ab1e1465f01db92a3e4b40bd0ef1334a0b130128729999",
      "hash_meta": "4b44f489d8803cd75f5429bdc5c3211a56f16e4ff866ef5f24a73e530af04df7",
      "seqno": 7341160
    },
    "service": {
      "entropy": "d7a5IIdDWHPRV7ZtrM2rqi/m",
      "name": "github",
      "username": "ghani6155"
    },
    "type": "web_service_binding",
    "version": 2
  },
  "client": {
    "name": "keybase.io go client",
    "version": "4.4.2"
  },
  "ctime": 1568485458,
  "expire_in": 504576000,
  "prev": "28e72aaabc47eb64aa53ec475a9d658cd256543ec0a4dbb46c295fac79885f76",
  "seqno": 8,
  "tag": "signature"
}

with the key ASCJz9AJ-iozjU6Ol21gBpVHHDgfdbdE4TDPVAZcF-MA8wo, yielding the signature:

hKRib2R5hqhkZXRhY2hlZMOpaGFzaF90eXBlCqNrZXnEIwEgic/QCfoqM41OjpdtYAaVRxw4H3W3ROEwz1QGXBfjAPMKp3BheWxvYWTESpcCCMQgKOcqqrxH62SqU+xHWp1ljNJWVD7ApNu0bClfrHmIX3bEIM5Z9Q5ydbcwem0oQmDd824ffJQJAAfsHDbWSrigrnW8AgHCo3NpZ8RA3esHFDV1V3subBbK432TUVDn7JWq2dRJHs8rjzeTcjYUD88ckFIPvqoOEVRo8LC5/Mk90OeEM28y6XJCsFmxCqhzaWdfdHlwZSCkaGFzaIKkdHlwZQildmFsdWXEIALxIMoWa5oCaeW39O3sqR1yQvo/j5+gmEKeeu5+SIxeo3RhZ80CAqd2ZXJzaW9uAQ==

And finally, I am proving ownership of the github account by posting this as a gist.

My publicly-auditable identity:

https://keybase.io/ghani6155

From the command line:

Consider the keybase command line program.

# look me up
keybase id ghani6155

I have been following Garrysui's method with success so far but I am stuck at this point:
"type following
fdisk -l ( To see disks/Volumes )
mkdir -p /mnt/myusb
enter
mount (persistence partion name) /mnt/myusb/
for me it was - mount /dev/sdb3 /mnt/myusb/
enter
echo "/ union" > /mnt/myusb/persistence.conf
umount disk ( For me umount /dev/sdb3 )
enter
open persistence partition from Files and open file persistence.conf
if it contains text / union (you should be good).
reboot to kali live persistence again
After reboot it should be working."

Any of these commands won't work, fdisk -l says command not found.
mkdir -p /mnt/myusb says invalid option

I tried bypassing those two and going straight for the
echo "/ union" > /mnt/myusb/persistence.conf
and it gives me, there's no such file or directory.

My Linux knowledge is really limited, so not sure how to tackle this. Any ideas?

Thank you!!

Can anyone explain garrysui 3 part

sendhalp maybe you are using Kali Linux latest version

So open terminal type
sudo sh
Then press enter

Then type all commands they will work

Works perfectly!

It didn't work I can't find 'unallocated' and I also can't find open disk and also tried it in terminal and it didn't work.
Please answer me ASAP

I managed to partition a 32Gb SanDisk pendrive (which in my case is as disk2 ATTENTION!) With the following command assigning 8Gb to the KALI partition and the rest to PERSISTENCE:

diskutil partitionDisk disk2 GPT FAT32 KALI 8G FAT32 PERSISTENCE R

If you encounter problems, to return the pendrive to its original state:

diskutil eraseVolume free free disk2s1
diskutil eraseVolume free free disk2s2
diskutil eraseVolume free free disk2s3

Then to create the image of Kali in my case it is in the Download folder that inside has another folder k_ali-linux-2020-3-live-amd64-iso_:

diskutil unmountDisk /dev/disk2

sudo dd if=Downloads/kali-linux-2020-3-live-amd64-iso/kali-linux-2020.3-live-amd64.iso of=/dev/disk2s2 bs=1m

(With ctrl + T I see the progress, 30 minutes approx)

pigw2204 I think you are looking for this https://github.com/Dunedan/mbp-2016-linux#keyboard--touchpad

will this also work for 2019 intel MacBook Air?