mirror of
https://github.com/kforney/pentest-distro-builder.git
synced 2024-11-21 09:40:10 -07:00
Add modules, but no longer as submodules.
This commit is contained in:
parent
15a5ec8a70
commit
faeefa37cd
642 changed files with 4660 additions and 11 deletions
|
@ -32,21 +32,43 @@ mv ftkimager /usr/bin/
|
||||||
rm ftkimager.3.1.1_ubuntu64.tar.gz
|
rm ftkimager.3.1.1_ubuntu64.tar.gz
|
||||||
|
|
||||||
#Install VS Code extensions
|
#Install VS Code extensions
|
||||||
codium --install-extension dbaeumer.vscode-eslint --user-data-dir=~/.vscode-oss
|
#codium --install-extension dbaeumer.vscode-eslint --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension ecmel.vscode-html-css --user-data-dir=~/.vscode-oss
|
#codium --install-extension ecmel.vscode-html-css --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension hookyqr.beautify --user-data-dir=~/.vscode-oss
|
#codium --install-extension hookyqr.beautify --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension ms-azuretools.vscode-docker --user-data-dir=~/.vscode-oss
|
#codium --install-extension ms-azuretools.vscode-docker --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension ms-python.python --user-data-dir=~/.vscode-oss
|
#codium --install-extension ms-python.python --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension ms-vscode.cpptools --user-data-dir=~/.vscode-oss
|
#codium --install-extension ms-vscode.cpptools --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension ms-vscode.csharp --user-data-dir=~/.vscode-oss
|
#codium --install-extension ms-vscode.csharp --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension ms-vscode.go --user-data-dir=~/.vscode-oss
|
#codium --install-extension ms-vscode.go --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension ms-vscode.powershell --user-data-dir=~/.vscode-oss
|
#codium --install-extension ms-vscode.powershell --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension rebornix.ruby --user-data-dir=~/.vscode-oss
|
#codium --install-extension rebornix.ruby --user-data-dir=~/.vscode-oss
|
||||||
codium --install-extension zignd.html-css-class-completion --user-data-dir=~/.vscode-oss
|
#codium --install-extension zignd.html-css-class-completion --user-data-dir=~/.vscode-oss
|
||||||
|
|
||||||
#Make Nemo the defualt file manager
|
#Make Nemo the defualt file manager
|
||||||
xdg-mime default nemo.desktop inode/directory application/x-gnome-saved-search
|
xdg-mime default nemo.desktop inode/directory application/x-gnome-saved-search
|
||||||
|
|
||||||
|
#Install the REAL Autopsy for Linux.
|
||||||
|
apt remove sleuthkit autopsy libtsk13 -y
|
||||||
|
apt install testdisk -y
|
||||||
|
wget -q -O - https://download.bell-sw.com/pki/GPG-KEY-bellsoft | sudo apt-key add -
|
||||||
|
echo "deb [arch=amd64] https://apt.bell-sw.com/ stable main" | sudo tee /etc/apt/sources.list.d/bellsoft.list
|
||||||
|
apt update
|
||||||
|
apt install bellsoft-java8 -y
|
||||||
|
export JAVA_HOME=/usr/lib/jvm/bellsoft-java8-amd64/
|
||||||
|
echo "JAVA_HOME=/usr/lib/jvm/bellsoft-java8-amd64/" >> /etc/environment
|
||||||
|
wget https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.7.0/sleuthkit-java_4.7.0-1_amd64.deb
|
||||||
|
apt install ./sleuthkit-java_4.7.0-1_amd64.deb -y
|
||||||
|
rm sleuthkit-java_4.7.0-1_amd64.deb
|
||||||
|
wget https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.13.0/autopsy-4.13.0.zip
|
||||||
|
unzip autopsy-4.13.0.zip
|
||||||
|
rm autopsy-4.13.0.zip
|
||||||
|
mv autopsy-4.13.0 /opt/autopsy
|
||||||
|
cd /opt/autopsy
|
||||||
|
chmod +x unix_setup.sh
|
||||||
|
./unix_setup.sh
|
||||||
|
cd /usr/bin
|
||||||
|
ln -s /opt/autopsy/bin/autopsy autopsy
|
||||||
|
|
||||||
#Distro-specific stuff
|
#Distro-specific stuff
|
||||||
DISTRO=$(cat /etc/lsb-release | grep DISTRIB_ID | cut -c 12-30)
|
DISTRO=$(cat /etc/lsb-release | grep DISTRIB_ID | cut -c 12-30)
|
||||||
|
|
||||||
|
|
11
modules/live-build-config/.getopt.sh
Normal file
11
modules/live-build-config/.getopt.sh
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
# Supported options are:
|
||||||
|
# -d | --distribution <distro>
|
||||||
|
# -p | --proposed-updates
|
||||||
|
# -a | --arch <architecture>
|
||||||
|
# --subdir <directory-name>
|
||||||
|
# --version <version>
|
||||||
|
# --variant <variant>
|
||||||
|
# -v | --verbose
|
||||||
|
# -s | --salt
|
||||||
|
BUILD_OPTS_SHORT="d:pa:vs"
|
||||||
|
BUILD_OPTS_LONG="distribution:,proposed-updates,arch:,subdir:,version:,variant:,verbose,salt"
|
16
modules/live-build-config/.gitignore
vendored
Normal file
16
modules/live-build-config/.gitignore
vendored
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
binary.*
|
||||||
|
prepare.log
|
||||||
|
binary
|
||||||
|
images
|
||||||
|
cache
|
||||||
|
chroot
|
||||||
|
chroot.packages.install
|
||||||
|
chroot.packages.live
|
||||||
|
.mirror
|
||||||
|
.stage
|
||||||
|
.lock
|
||||||
|
.build/
|
||||||
|
config/binary
|
||||||
|
config/bootstrap
|
||||||
|
config/common
|
||||||
|
config/source
|
4
modules/live-build-config/README.md
Normal file
4
modules/live-build-config/README.md
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
# live-build configuration for Kali ISO images
|
||||||
|
|
||||||
|
Have a look at https://docs.kali.org/development/live-build-a-custom-kali-iso
|
||||||
|
for explanations on how to use this repository.
|
7
modules/live-build-config/auto/clean
Executable file
7
modules/live-build-config/auto/clean
Executable file
|
@ -0,0 +1,7 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
lb clean noauto "$@"
|
||||||
|
rm -f config/binary config/bootstrap \
|
||||||
|
config/chroot config/common config/source \
|
||||||
|
config/package-lists/live.list.chroot
|
||||||
|
find config/hooks/ -type l | xargs --no-run-if-empty rm -f
|
144
modules/live-build-config/auto/config
Executable file
144
modules/live-build-config/auto/config
Executable file
|
@ -0,0 +1,144 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
set -o pipefail # Bashism
|
||||||
|
|
||||||
|
# You can put a local mirror here if you want (or you can set
|
||||||
|
# it in .mirror)
|
||||||
|
if [ -e .mirror ]; then
|
||||||
|
kali_mirror=$(cat .mirror)
|
||||||
|
else
|
||||||
|
kali_mirror=http://archive.kali.org/kali
|
||||||
|
fi
|
||||||
|
|
||||||
|
### DO NOT EDIT THE REST OF THIS FILE ###
|
||||||
|
|
||||||
|
public_kali_mirror=http://http.kali.org/kali
|
||||||
|
|
||||||
|
# Detect target architecture and filter args
|
||||||
|
temp=""
|
||||||
|
arch=$(dpkg --print-architecture)
|
||||||
|
dist="kali-rolling"
|
||||||
|
lb_opts=""
|
||||||
|
while [ $# -gt 0 ]; do
|
||||||
|
arg="$1"
|
||||||
|
case "$arg" in
|
||||||
|
-a|--arch|--architecture|--architectures)
|
||||||
|
arch="$2"
|
||||||
|
temp="$temp "'"'"$arg"'"'
|
||||||
|
temp="$temp "'"'"$2"'"'
|
||||||
|
shift
|
||||||
|
;;
|
||||||
|
--distribution)
|
||||||
|
dist="$2"
|
||||||
|
shift
|
||||||
|
;;
|
||||||
|
--variant)
|
||||||
|
variant="$2"
|
||||||
|
shift
|
||||||
|
;;
|
||||||
|
-p|--proposed-updates)
|
||||||
|
enable_pu="1"
|
||||||
|
;;
|
||||||
|
--)
|
||||||
|
# Skip the separator, it was added so that "lb config"
|
||||||
|
# doesn't barf on our own options, but now we are
|
||||||
|
# filtering them away assuming that the remaining ones
|
||||||
|
# are intended for lb config !
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
temp="$temp "'"'"$arg"'"'
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
shift
|
||||||
|
done
|
||||||
|
eval set -- "$temp"
|
||||||
|
|
||||||
|
# Resolve release name
|
||||||
|
dist=$(curl -s $kali_mirror/dists/$dist/Release | awk '/^Codename:/ {print $2}')
|
||||||
|
|
||||||
|
# live-build doesn't work if --parent-debian-distribution is unknown of
|
||||||
|
# debian-cd => we have to put a symlink so that it deals with kali like sid
|
||||||
|
if [ ! -e ${LIVE_BUILD:-/usr/share/live/build}/data/debian-cd/$dist ]; then
|
||||||
|
if [ -w ${LIVE_BUILD:-/usr/share/live/build}/data/debian-cd ]; then
|
||||||
|
ln -sf sid ${LIVE_BUILD:-/usr/share/live/build}/data/debian-cd/$dist
|
||||||
|
else
|
||||||
|
echo "ERROR: Run this first:"
|
||||||
|
echo "ln -sf sid ${LIVE_BUILD:-/usr/share/live/build}/data/debian-cd/$dist"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Define options that vary across architectures
|
||||||
|
case "$arch" in
|
||||||
|
amd64)
|
||||||
|
lb_opts="$lb_opts --debian-installer live"
|
||||||
|
;;
|
||||||
|
i386)
|
||||||
|
lb_opts="$lb_opts --debian-installer live --linux-flavours 686-pae"
|
||||||
|
;;
|
||||||
|
armel|armhf)
|
||||||
|
lb_opts="$lb_opts --binary-images hdd --binary-filesystem ext4 --chroot-filesystem none"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "WARNING: configuration not tested on arch $arch" >&2
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# Define options that vary across distributions
|
||||||
|
case "$dist" in
|
||||||
|
kali-last-snapshot)
|
||||||
|
# We don't want kali-last-snapshot to end up in the image, it
|
||||||
|
# should be replaced with kali-rolling
|
||||||
|
lb_opts="$lb_opts --distribution-binary kali-rolling"
|
||||||
|
lb_opts="$lb_opts --debootstrap-script /usr/share/debootstrap/scripts/kali-rolling"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# Setup configuration files from variant and options
|
||||||
|
|
||||||
|
# Drop all files that a former run might have put into place
|
||||||
|
for file in $(cd kali-config && find . -type f); do
|
||||||
|
file=${file#./*/}
|
||||||
|
rm -f config/$file
|
||||||
|
done
|
||||||
|
rm -f config/archives/kali-proposed-updates.list.*
|
||||||
|
|
||||||
|
# Copy over all files from official kali configuration
|
||||||
|
cp -rT kali-config/common config
|
||||||
|
[ ! -d kali-config/release-$dist ] || cp -rTL kali-config/release-$dist config
|
||||||
|
[ ! -d kali-config/variant-$variant ] || cp -rTL kali-config/variant-$variant config
|
||||||
|
|
||||||
|
if [ -n "$enable_pu" ]; then
|
||||||
|
mkdir -p config/archives
|
||||||
|
echo "deb $kali_mirror $dist-proposed-updates main contrib non-free" \
|
||||||
|
> config/archives/kali-proposed-updates.list.chroot
|
||||||
|
echo "deb $public_kali_mirror $dist-proposed-updates main contrib non-free" \
|
||||||
|
> config/archives/kali-proposed-updates.list.binary
|
||||||
|
fi
|
||||||
|
|
||||||
|
lb config noauto \
|
||||||
|
--distribution "$dist" \
|
||||||
|
--debian-installer-distribution "$dist" \
|
||||||
|
--archive-areas "main contrib non-free" \
|
||||||
|
--debootstrap-options "--keyring=/usr/share/keyrings/kali-archive-keyring.gpg" \
|
||||||
|
--keyring-packages kali-archive-keyring \
|
||||||
|
--updates false \
|
||||||
|
--backports false \
|
||||||
|
--source false \
|
||||||
|
--firmware-binary true \
|
||||||
|
--firmware-chroot true \
|
||||||
|
--mirror-bootstrap "$kali_mirror" \
|
||||||
|
--mirror-debian-installer "$kali_mirror" \
|
||||||
|
--mirror-binary "$public_kali_mirror" \
|
||||||
|
--iso-application "Kali Linux" \
|
||||||
|
--iso-publisher "Kali" \
|
||||||
|
--iso-volume "Kali Live" \
|
||||||
|
--linux-packages linux-image \
|
||||||
|
--memtest memtest86 \
|
||||||
|
--bootappend-live "boot=live components splash username=kali hostname=kali" \
|
||||||
|
--bootappend-live-failsafe "boot=live components username=kali hostname=kali memtest noapic noapm nodma nomce nolapic nomodeset nosmp nosplash vga=normal" \
|
||||||
|
--bootappend-install "net.ifnames=0" \
|
||||||
|
--security false \
|
||||||
|
$lb_opts \
|
||||||
|
"$@"
|
186
modules/live-build-config/build.sh
Executable file
186
modules/live-build-config/build.sh
Executable file
|
@ -0,0 +1,186 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
set -o pipefail # Bashism
|
||||||
|
|
||||||
|
KALI_DIST="kali-rolling"
|
||||||
|
KALI_VERSION=""
|
||||||
|
KALI_VARIANT="default"
|
||||||
|
TARGET_DIR="$(dirname $0)/images"
|
||||||
|
TARGET_SUBDIR=""
|
||||||
|
SUDO="sudo"
|
||||||
|
VERBOSE=""
|
||||||
|
HOST_ARCH=$(dpkg --print-architecture)
|
||||||
|
|
||||||
|
image_name() {
|
||||||
|
local arch=$1
|
||||||
|
|
||||||
|
case "$arch" in
|
||||||
|
i386|amd64)
|
||||||
|
IMAGE_TEMPLATE="live-image-ARCH.hybrid.iso"
|
||||||
|
;;
|
||||||
|
armel|armhf)
|
||||||
|
IMAGE_TEMPLATE="live-image-ARCH.img"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
echo $IMAGE_TEMPLATE | sed -e "s/ARCH/$arch/"
|
||||||
|
}
|
||||||
|
|
||||||
|
target_image_name() {
|
||||||
|
local arch=$1
|
||||||
|
|
||||||
|
IMAGE_NAME="$(image_name $arch)"
|
||||||
|
IMAGE_EXT="${IMAGE_NAME##*.}"
|
||||||
|
if [ "$IMAGE_EXT" = "$IMAGE_NAME" ]; then
|
||||||
|
IMAGE_EXT="img"
|
||||||
|
fi
|
||||||
|
if [ "$KALI_VARIANT" = "default" ]; then
|
||||||
|
echo "${TARGET_SUBDIR:+$TARGET_SUBDIR/}kali-linux-$KALI_VERSION-$KALI_ARCH.$IMAGE_EXT"
|
||||||
|
else
|
||||||
|
echo "${TARGET_SUBDIR:+$TARGET_SUBDIR/}kali-linux-$KALI_VARIANT-$KALI_VERSION-$KALI_ARCH.$IMAGE_EXT"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
target_build_log() {
|
||||||
|
TARGET_IMAGE_NAME=$(target_image_name $1)
|
||||||
|
echo ${TARGET_IMAGE_NAME%.*}.log
|
||||||
|
}
|
||||||
|
|
||||||
|
default_version() {
|
||||||
|
case "$1" in
|
||||||
|
kali-*)
|
||||||
|
echo "${1#kali-}"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "$1"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
|
failure() {
|
||||||
|
# Cleanup update-kali-menu that might stay around so that the
|
||||||
|
# build chroot can be properly unmounted
|
||||||
|
$SUDO pkill -f update-kali-menu || true
|
||||||
|
echo "Build of $KALI_DIST/$KALI_VARIANT/$KALI_ARCH live image failed (see build.log for details)" >&2
|
||||||
|
exit 2
|
||||||
|
}
|
||||||
|
|
||||||
|
run_and_log() {
|
||||||
|
if [ -n "$VERBOSE" ]; then
|
||||||
|
"$@" 2>&1 | tee -a build.log
|
||||||
|
else
|
||||||
|
"$@" >>build.log 2>&1
|
||||||
|
fi
|
||||||
|
return $?
|
||||||
|
}
|
||||||
|
|
||||||
|
. $(dirname $0)/.getopt.sh
|
||||||
|
|
||||||
|
# Parsing command line options
|
||||||
|
temp=$(getopt -o "$BUILD_OPTS_SHORT" -l "$BUILD_OPTS_LONG,get-image-path" -- "$@")
|
||||||
|
eval set -- "$temp"
|
||||||
|
while true; do
|
||||||
|
case "$1" in
|
||||||
|
-d|--distribution) KALI_DIST="$2"; shift 2; ;;
|
||||||
|
-p|--proposed-updates) OPT_pu="1"; shift 1; ;;
|
||||||
|
-a|--arch) KALI_ARCHES="${KALI_ARCHES:+$KALI_ARCHES } $2"; shift 2; ;;
|
||||||
|
-v|--verbose) VERBOSE="1"; shift 1; ;;
|
||||||
|
-s|--salt) shift; ;;
|
||||||
|
--variant) KALI_VARIANT="$2"; shift 2; ;;
|
||||||
|
--version) KALI_VERSION="$2"; shift 2; ;;
|
||||||
|
--subdir) TARGET_SUBDIR="$2"; shift 2; ;;
|
||||||
|
--get-image-path) ACTION="get-image-path"; shift 1; ;;
|
||||||
|
--) shift; break; ;;
|
||||||
|
*) echo "ERROR: Invalid command-line option: $1" >&2; exit 1; ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
# Set default values
|
||||||
|
KALI_ARCHES=${KALI_ARCHES:-$HOST_ARCH}
|
||||||
|
if [ -z "$KALI_VERSION" ]; then
|
||||||
|
KALI_VERSION="$(default_version $KALI_DIST)"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check parameters
|
||||||
|
for arch in $KALI_ARCHES; do
|
||||||
|
if [ "$arch" = "$HOST_ARCH" ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
case "$HOST_ARCH/$arch" in
|
||||||
|
amd64/i386|i386/amd64)
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Can't build $arch image on $HOST_ARCH system." >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
if [ ! -d "$(dirname $0)/kali-config/variant-$KALI_VARIANT" ]; then
|
||||||
|
echo "ERROR: Unknown variant of Kali configuration: $KALI_VARIANT" >&2
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Build parameters for lb config
|
||||||
|
KALI_CONFIG_OPTS="--distribution $KALI_DIST -- --variant $KALI_VARIANT"
|
||||||
|
if [ -n "$OPT_pu" ]; then
|
||||||
|
KALI_CONFIG_OPTS="$KALI_CONFIG_OPTS --proposed-updates"
|
||||||
|
KALI_DIST="$KALI_DIST+pu"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Set sane PATH (cron seems to lack /sbin/ dirs)
|
||||||
|
export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||||
|
|
||||||
|
# Either we use a git checkout of live-build
|
||||||
|
# export LIVE_BUILD=/srv/cdimage.kali.org/live/live-build
|
||||||
|
|
||||||
|
# Or we ensure we have proper version installed
|
||||||
|
ver_live_build=$(dpkg-query -f '${Version}' -W live-build)
|
||||||
|
if dpkg --compare-versions "$ver_live_build" lt 1:20151215kali1; then
|
||||||
|
echo "ERROR: You need live-build (>= 1:20151215kali1), you have $ver_live_build" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check we have a good debootstrap
|
||||||
|
ver_debootstrap=$(dpkg-query -f '${Version}' -W debootstrap)
|
||||||
|
if dpkg --compare-versions "$ver_debootstrap" lt "1.0.97"; then
|
||||||
|
if ! echo "$ver_debootstrap" | grep -q kali; then
|
||||||
|
echo "ERROR: You need debootstrap >= 1.0.97 (or a Kali patched debootstrap). Your current version: $ver_debootstrap" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# We need root rights at some point
|
||||||
|
if [ "$(whoami)" != "root" ]; then
|
||||||
|
if ! which $SUDO >/dev/null; then
|
||||||
|
echo "ERROR: $0 is not run as root and $SUDO is not available" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
SUDO="" # We're already root
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$ACTION" = "get-image-path" ]; then
|
||||||
|
for KALI_ARCH in $KALI_ARCHES; do
|
||||||
|
echo $(target_image_name $KALI_ARCH)
|
||||||
|
done
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
cd $(dirname $0)
|
||||||
|
mkdir -p $TARGET_DIR/$TARGET_SUBDIR
|
||||||
|
|
||||||
|
for KALI_ARCH in $KALI_ARCHES; do
|
||||||
|
IMAGE_NAME="$(image_name $KALI_ARCH)"
|
||||||
|
set +e
|
||||||
|
: > build.log
|
||||||
|
run_and_log $SUDO lb clean --purge
|
||||||
|
[ $? -eq 0 ] || failure
|
||||||
|
run_and_log lb config -a $KALI_ARCH $KALI_CONFIG_OPTS "$@"
|
||||||
|
[ $? -eq 0 ] || failure
|
||||||
|
run_and_log $SUDO lb build
|
||||||
|
if [ $? -ne 0 ] || [ ! -e $IMAGE_NAME ]; then
|
||||||
|
failure
|
||||||
|
fi
|
||||||
|
set -e
|
||||||
|
mv -f $IMAGE_NAME $TARGET_DIR/$(target_image_name $KALI_ARCH)
|
||||||
|
mv -f build.log $TARGET_DIR/$(target_build_log $KALI_ARCH)
|
||||||
|
done
|
1
modules/live-build-config/build_all.sh
Symbolic link
1
modules/live-build-config/build_all.sh
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
build.sh
|
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,62 @@
|
||||||
|
set default=0
|
||||||
|
|
||||||
|
loadfont $prefix/dejavu-bold-16.pf2
|
||||||
|
loadfont $prefix/dejavu-bold-14.pf2
|
||||||
|
loadfont $prefix/unicode.pf2
|
||||||
|
set gfxmode=auto
|
||||||
|
insmod all_video
|
||||||
|
insmod gfxterm
|
||||||
|
insmod png
|
||||||
|
|
||||||
|
set color_normal=light-gray/black
|
||||||
|
set color_highlight=white/black
|
||||||
|
|
||||||
|
if [ -e /isolinux/splash.png ]; then
|
||||||
|
# binary_syslinux modifies the theme file to point to the correct
|
||||||
|
# background picture
|
||||||
|
set theme=/boot/grub/live-theme/theme.txt
|
||||||
|
elif [ -e /boot/grub/splash.png ]; then
|
||||||
|
set theme=/boot/grub/live-theme/theme.txt
|
||||||
|
else
|
||||||
|
set menu_color_normal=cyan/blue
|
||||||
|
set menu_color_highlight=white/blue
|
||||||
|
fi
|
||||||
|
|
||||||
|
terminal_output gfxterm
|
||||||
|
|
||||||
|
insmod play
|
||||||
|
play 960 440 1 0 4 440 1
|
||||||
|
|
||||||
|
# Live boot
|
||||||
|
LINUX_LIVE
|
||||||
|
|
||||||
|
menuentry "Live system (forensic mode)" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE noswap noautomount
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
menuentry "Live system (persistence, check kali.org/prst)" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE persistence
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
menuentry "Live system (encrypted persistence, check kali.org/prst)" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE persistent=cryptsetup persistence-encryption=luks persistence
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
|
||||||
|
# Installer (if any)
|
||||||
|
LINUX_INSTALL
|
||||||
|
|
||||||
|
menuentry "Start installer with speech synthesis" {
|
||||||
|
linux KERNEL_GI speakup.synth=soft APPEND_GI
|
||||||
|
initrd INITRD_GI
|
||||||
|
}
|
||||||
|
|
||||||
|
submenu 'Advanced options...' {
|
||||||
|
|
||||||
|
# More installer entries (if any)
|
||||||
|
LINUX_ADVANCED_INSTALL
|
||||||
|
|
||||||
|
# Memtest (if any)
|
||||||
|
MEMTEST
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,63 @@
|
||||||
|
desktop-image: "../splash.png"
|
||||||
|
title-color: "#ffffff"
|
||||||
|
title-font: "DejaVu Sans Bold 16"
|
||||||
|
title-text: ""
|
||||||
|
message-font: "Unifont Regular 16"
|
||||||
|
terminal-font: "Unifont Regular 16"
|
||||||
|
|
||||||
|
#help bar at the bottom
|
||||||
|
+ label {
|
||||||
|
top = 100%-50
|
||||||
|
left = 0
|
||||||
|
width = 100%
|
||||||
|
height = 20
|
||||||
|
text = "@KEYMAP_SHORT@"
|
||||||
|
align = "center"
|
||||||
|
color = "#ffffff"
|
||||||
|
font = "DejaVu Sans Bold 14"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Title in the middle box
|
||||||
|
+ label {
|
||||||
|
top = 38%
|
||||||
|
left = 0
|
||||||
|
width = 100%
|
||||||
|
height = 35
|
||||||
|
align = "center"
|
||||||
|
color = "#ffffff"
|
||||||
|
text = "Kali Linux Live Boot Menu"
|
||||||
|
font = "DejaVu Sans Bold 16"
|
||||||
|
}
|
||||||
|
|
||||||
|
#boot menu
|
||||||
|
+ boot_menu {
|
||||||
|
left = 13%
|
||||||
|
width = 74%
|
||||||
|
top = 38%+35
|
||||||
|
height = 170
|
||||||
|
item_color = "#a8a8a8"
|
||||||
|
item_font = "DejaVu Sans Bold 14"
|
||||||
|
selected_item_color= "#ffffff"
|
||||||
|
selected_item_font = "DejaVu Sans Bold 14"
|
||||||
|
item_height = 16
|
||||||
|
item_padding = 0
|
||||||
|
item_spacing = 4
|
||||||
|
icon_width = 0
|
||||||
|
icon_heigh = 0
|
||||||
|
item_icon_space = 0
|
||||||
|
}
|
||||||
|
|
||||||
|
#progress bar
|
||||||
|
+ progress_bar {
|
||||||
|
id = "__timeout__"
|
||||||
|
left = 13%
|
||||||
|
top = 100%-80
|
||||||
|
height = 16
|
||||||
|
width = 74%
|
||||||
|
font = "DejaVu Sans Bold 14"
|
||||||
|
text_color = "#000000"
|
||||||
|
fg_color = "#ffffff"
|
||||||
|
bg_color = "#a8a8a8"
|
||||||
|
border_color = "#ffffff"
|
||||||
|
text = "@TIMEOUT_NOTIFICATION_LONG@"
|
||||||
|
}
|
Binary file not shown.
After Width: | Height: | Size: 72 KiB |
|
@ -0,0 +1,15 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
if [ ! -d isolinux ]; then
|
||||||
|
cd binary
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat >>isolinux/install.cfg <<END
|
||||||
|
|
||||||
|
label installspk
|
||||||
|
menu label Install with ^speech synthesis
|
||||||
|
linux /install/gtk/vmlinuz
|
||||||
|
initrd /install/gtk/initrd.gz
|
||||||
|
append video=vesa:ywrap,mtrr vga=788 speakup.synth=soft -- quiet
|
||||||
|
END
|
||||||
|
|
15
modules/live-build-config/kali-config/common/hooks/live/forensic-menu.binary
Executable file
15
modules/live-build-config/kali-config/common/hooks/live/forensic-menu.binary
Executable file
|
@ -0,0 +1,15 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
if [ ! -d isolinux ]; then
|
||||||
|
cd binary
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat >>isolinux/live.cfg <<END
|
||||||
|
|
||||||
|
label live-forensic
|
||||||
|
menu label Live (^forensic mode)
|
||||||
|
linux /live/vmlinuz
|
||||||
|
initrd /live/initrd.img
|
||||||
|
append boot=live username=kali hostname=kali noswap noautomount
|
||||||
|
END
|
||||||
|
|
46
modules/live-build-config/kali-config/common/hooks/live/kali-hacks.chroot
Executable file
46
modules/live-build-config/kali-config/common/hooks/live/kali-hacks.chroot
Executable file
|
@ -0,0 +1,46 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Handle systems where /lib is not merged in /usr/lib
|
||||||
|
if [ ! -h /lib ]; then
|
||||||
|
mv /usr/lib/live/config/* /lib/live/config/
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Manually enabling pulseaudio for root since autospawning does
|
||||||
|
# not work for root
|
||||||
|
# See https://bugs.kali.org/view.php?id=2392
|
||||||
|
systemctl --user enable pulseaudio.service || true
|
||||||
|
|
||||||
|
# Enable cryptsetup in the initramfs for later use if the user
|
||||||
|
# adds an encrypted persistence partition.
|
||||||
|
# This is until https://bugs.debian.org/908220 has a proper fix.
|
||||||
|
if [ -e /etc/cryptsetup-initramfs/conf-hook ]; then
|
||||||
|
if grep -q '^#CRYPTSETUP=' /etc/cryptsetup-initramfs/conf-hook; then
|
||||||
|
sed -i -e 's/^#CRYPTSETUP=.*/CRYPTSETUP=y/' /etc/cryptsetup-initramfs/conf-hook
|
||||||
|
else
|
||||||
|
echo "CRYPTSETUP=y" >>/etc/cryptsetup-initramfs/conf-hook
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Disable the udev rules renaming the network interfaces (can also be
|
||||||
|
# achieved with kernel command line net.ifnames=0 but we don't have a nice
|
||||||
|
# way to set it on the installed system)
|
||||||
|
mkdir -p /etc/systemd/network /etc/udev/rules.d
|
||||||
|
ln -sf /dev/null /etc/systemd/network/90-mac-for-usb.link
|
||||||
|
ln -sf /dev/null /etc/systemd/network/99-default.link
|
||||||
|
echo > /etc/udev/rules.d/73-special-net-names.rules
|
||||||
|
|
||||||
|
# Rebuild the initramfs to include the last two changes (cryptsetup,
|
||||||
|
# network device)
|
||||||
|
update-initramfs -u
|
||||||
|
|
||||||
|
# Run updatedb to initialize the database for the locate command
|
||||||
|
if [ -x "$(which updatedb 2>/dev/null)" ]; then
|
||||||
|
updatedb
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Mark kernel related packages on hold so that they are not upgraded in
|
||||||
|
# the live system
|
||||||
|
for pkg in $(dpkg-query -W -f'${binary:Package}\n' 'linux-image-*' 'linux-headers-*' 'linux-kbuild-*')
|
||||||
|
do
|
||||||
|
apt-mark hold $pkg
|
||||||
|
done
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
if [ ! -d isolinux ]; then
|
||||||
|
cd binary
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat >>isolinux/live.cfg <<END
|
||||||
|
|
||||||
|
label live-persistence
|
||||||
|
menu label ^Live USB Persistence (check kali.org/prst)
|
||||||
|
linux /live/vmlinuz
|
||||||
|
initrd /live/initrd.img
|
||||||
|
append boot=live username=kali hostname=kali persistence
|
||||||
|
|
||||||
|
label live-encrypted-persistence
|
||||||
|
menu label ^Live USB Encrypted Persistence (check kali.org/prst)
|
||||||
|
linux /live/vmlinuz
|
||||||
|
initrd /live/initrd.img
|
||||||
|
append boot=live persistent=cryptsetup persistence-encryption=luks username=kali hostname=kali persistence
|
||||||
|
|
||||||
|
END
|
||||||
|
|
22
modules/live-build-config/kali-config/common/hooks/live/sleep.chroot
Executable file
22
modules/live-build-config/kali-config/common/hooks/live/sleep.chroot
Executable file
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
kali_menu_version=$(dpkg-query -W -f'${Version}\n' kali-menu)
|
||||||
|
kali_menu_pidfile="/var/lock/kali-menu"
|
||||||
|
|
||||||
|
# Wait until update-kali-menu is over
|
||||||
|
if dpkg --compare-versions "$kali_menu_version" ge 2015.3.0; then
|
||||||
|
# This version puts the PID in its lock file
|
||||||
|
if [ -s $kali_menu_pidfile ]; then
|
||||||
|
pid=$(cat $kali_menu_pidfile)
|
||||||
|
while [ -n "$pid" ] && [ -e /proc/$pid ]; do
|
||||||
|
echo "Sleeping 10 seconds as update-kali-menu is still running (pid $pid)..."
|
||||||
|
sleep 10
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
# This version lacks PID info, we match on process name instead
|
||||||
|
while pgrep -f update-kali-menu >/dev/null; do
|
||||||
|
echo "Sleeping 10 seconds as update-kali-menu is still running..."
|
||||||
|
sleep 10
|
||||||
|
done
|
||||||
|
fi
|
Binary file not shown.
After Width: | Height: | Size: 72 KiB |
|
@ -0,0 +1,18 @@
|
||||||
|
menu background splash.png
|
||||||
|
menu color title * #FFFFFFFF *
|
||||||
|
menu color border * #00000000 #00000000 none
|
||||||
|
menu color sel * #ffffffff #76a1d0ff *
|
||||||
|
menu color hotsel 1;7;37;40 #ffffffff #76a1d0ff *
|
||||||
|
menu color tabmsg * #ffffffff #00000000 *
|
||||||
|
menu color help 37;40 #ffdddd00 #00000000 none
|
||||||
|
menu vshift 10
|
||||||
|
menu hshift 4
|
||||||
|
menu width 70
|
||||||
|
menu margin 5
|
||||||
|
menu rows 10
|
||||||
|
menu helpmsgrow 15
|
||||||
|
# The command line must be at least one line from the bottom.
|
||||||
|
menu cmdlinerow 16
|
||||||
|
menu timeoutrow 16
|
||||||
|
menu tabmsgrow 18
|
||||||
|
menu tabmsg Press ENTER to boot or TAB to edit a menu entry
|
|
@ -0,0 +1,110 @@
|
||||||
|
# ~/.bashrc: executed by bash(1) for non-login shells.
|
||||||
|
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
|
||||||
|
# for examples
|
||||||
|
|
||||||
|
# If not running interactively, don't do anything
|
||||||
|
case $- in
|
||||||
|
*i*) ;;
|
||||||
|
*) return;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# don't put duplicate lines or lines starting with space in the history.
|
||||||
|
# See bash(1) for more options
|
||||||
|
HISTCONTROL=ignoreboth
|
||||||
|
|
||||||
|
# append to the history file, don't overwrite it
|
||||||
|
shopt -s histappend
|
||||||
|
|
||||||
|
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
|
||||||
|
HISTSIZE=1000
|
||||||
|
HISTFILESIZE=2000
|
||||||
|
|
||||||
|
# check the window size after each command and, if necessary,
|
||||||
|
# update the values of LINES and COLUMNS.
|
||||||
|
shopt -s checkwinsize
|
||||||
|
|
||||||
|
# If set, the pattern "**" used in a pathname expansion context will
|
||||||
|
# match all files and zero or more directories and subdirectories.
|
||||||
|
#shopt -s globstar
|
||||||
|
|
||||||
|
# make less more friendly for non-text input files, see lesspipe(1)
|
||||||
|
#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
|
||||||
|
|
||||||
|
# set variable identifying the chroot you work in (used in the prompt below)
|
||||||
|
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
|
||||||
|
debian_chroot=$(cat /etc/debian_chroot)
|
||||||
|
fi
|
||||||
|
|
||||||
|
# set a fancy prompt (non-color, unless we know we "want" color)
|
||||||
|
case "$TERM" in
|
||||||
|
xterm-color) color_prompt=yes;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# uncomment for a colored prompt, if the terminal has the capability; turned
|
||||||
|
# off by default to not distract the user: the focus in a terminal window
|
||||||
|
# should be on the output of commands, not on the prompt
|
||||||
|
force_color_prompt=yes
|
||||||
|
|
||||||
|
if [ -n "$force_color_prompt" ]; then
|
||||||
|
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
|
||||||
|
# We have color support; assume it's compliant with Ecma-48
|
||||||
|
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
|
||||||
|
# a case would tend to support setf rather than setaf.)
|
||||||
|
color_prompt=yes
|
||||||
|
else
|
||||||
|
color_prompt=
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$color_prompt" = yes ]; then
|
||||||
|
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
|
||||||
|
else
|
||||||
|
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
|
||||||
|
fi
|
||||||
|
unset color_prompt force_color_prompt
|
||||||
|
|
||||||
|
# If this is an xterm set the title to user@host:dir
|
||||||
|
case "$TERM" in
|
||||||
|
xterm*|rxvt*)
|
||||||
|
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# enable color support of ls and also add handy aliases
|
||||||
|
if [ -x /usr/bin/dircolors ]; then
|
||||||
|
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
|
||||||
|
alias ls='ls --color=auto'
|
||||||
|
#alias dir='dir --color=auto'
|
||||||
|
#alias vdir='vdir --color=auto'
|
||||||
|
|
||||||
|
#alias grep='grep --color=auto'
|
||||||
|
#alias fgrep='fgrep --color=auto'
|
||||||
|
#alias egrep='egrep --color=auto'
|
||||||
|
fi
|
||||||
|
|
||||||
|
# some more ls aliases
|
||||||
|
#alias ll='ls -l'
|
||||||
|
#alias la='ls -A'
|
||||||
|
#alias l='ls -CF'
|
||||||
|
|
||||||
|
# Alias definitions.
|
||||||
|
# You may want to put all your additions into a separate file like
|
||||||
|
# ~/.bash_aliases, instead of adding them here directly.
|
||||||
|
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
|
||||||
|
|
||||||
|
if [ -f ~/.bash_aliases ]; then
|
||||||
|
. ~/.bash_aliases
|
||||||
|
fi
|
||||||
|
|
||||||
|
# enable programmable completion features (you don't need to enable
|
||||||
|
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
|
||||||
|
# sources /etc/bash.bashrc).
|
||||||
|
if ! shopt -oq posix; then
|
||||||
|
if [ -f /usr/share/bash-completion/bash_completion ]; then
|
||||||
|
. /usr/share/bash-completion/bash_completion
|
||||||
|
elif [ -f /etc/bash_completion ]; then
|
||||||
|
. /etc/bash_completion
|
||||||
|
fi
|
||||||
|
fi
|
|
@ -0,0 +1,4 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Set "kali" as password for the user kali
|
||||||
|
usermod -p 'AqLUsDitNnTsw' kali
|
|
@ -0,0 +1,4 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Allow PasswordAuthentification in sshd config
|
||||||
|
sed -i -e 's|#\?\(PasswordAuthentication\) no|\1 yes|' /etc/ssh/sshd_config
|
|
@ -0,0 +1,108 @@
|
||||||
|
# This file replaces preseed.cfg embedded in the initrd by
|
||||||
|
# debian-installer. It should be kept in sync except with the
|
||||||
|
# mirror/{codename,suite} dropped so that the image installs
|
||||||
|
# what's available on the CD instead of hardcoding a specific
|
||||||
|
# release.
|
||||||
|
|
||||||
|
d-i debian-installer/locale string en_US.UTF-8
|
||||||
|
d-i console-keymaps-at/keymap select us
|
||||||
|
d-i keyboard-configuration/xkb-keymap select us
|
||||||
|
|
||||||
|
# Default repository information (don't include codename data, d-i figures it
|
||||||
|
# out from what's available in the ISO)
|
||||||
|
d-i mirror/country string enter information manually
|
||||||
|
d-i mirror/http/hostname string http.kali.org
|
||||||
|
d-i mirror/http/directory string /kali
|
||||||
|
d-i mirror/http/proxy string
|
||||||
|
d-i mirror/suite string kali-rolling
|
||||||
|
d-i mirror/codename string kali-rolling
|
||||||
|
|
||||||
|
#Set time zone
|
||||||
|
d-i clock-setup/utc boolean true
|
||||||
|
d-i time/zone string US/Mountain
|
||||||
|
|
||||||
|
# Disable security, volatile and backports
|
||||||
|
d-i apt-setup/services-select multiselect
|
||||||
|
|
||||||
|
# Enable contrib and non-free
|
||||||
|
d-i apt-setup/non-free boolean true
|
||||||
|
d-i apt-setup/contrib boolean true
|
||||||
|
|
||||||
|
# Disable CDROM entries after install
|
||||||
|
d-i apt-setup/disable-cdrom-entries boolean true
|
||||||
|
|
||||||
|
# Disable source repositories too
|
||||||
|
d-i apt-setup/enable-source-repositories boolean false
|
||||||
|
|
||||||
|
# Partitioning
|
||||||
|
d-i partman-auto/method string regular
|
||||||
|
d-i partman-lvm/device_remove_lvm boolean true
|
||||||
|
d-i partman-md/device_remove_md boolean true
|
||||||
|
d-i partman-lvm/confirm boolean true
|
||||||
|
d-i partman-auto/choose_recipe select atomic
|
||||||
|
d-i partman-auto/disk string /dev/sda
|
||||||
|
d-i partman/confirm_write_new_label boolean true
|
||||||
|
d-i partman/choose_partition select finish
|
||||||
|
d-i partman/confirm boolean true
|
||||||
|
d-i partman/confirm_nooverwrite boolean true
|
||||||
|
d-i partman-partitioning/confirm_write_new_label boolean true
|
||||||
|
|
||||||
|
# Upgrade installed packages
|
||||||
|
d-i pkgsel/upgrade select full-upgrade
|
||||||
|
|
||||||
|
# Change default hostname
|
||||||
|
d-i netcfg/get_hostname string kali
|
||||||
|
d-i netcfg/get_domain string unassigned-domain
|
||||||
|
d-i netcfg/choose_interface select auto
|
||||||
|
#d-i netcfg/choose_interface select eth0
|
||||||
|
d-i netcfg/dhcp_timeout string 60
|
||||||
|
|
||||||
|
d-i hw-detect/load_firmware boolean true
|
||||||
|
|
||||||
|
# Do not create a normal user account
|
||||||
|
#d-i passwd/make-user boolean false
|
||||||
|
#d-i passwd/root-password password toor
|
||||||
|
#d-i passwd/root-password-again password toor
|
||||||
|
|
||||||
|
#Create user account and disable root
|
||||||
|
d-i passwd/root-login boolean false
|
||||||
|
d-i passwd/make-user boolean true
|
||||||
|
d-i passwd/user-fullname string Kali User
|
||||||
|
d-i passwd/username string kali
|
||||||
|
d-i passwd/user-password password kali
|
||||||
|
d-i passwd/user-password-again password kali
|
||||||
|
|
||||||
|
d-i apt-setup/use_mirror boolean true
|
||||||
|
d-i grub-installer/only_debian boolean true
|
||||||
|
d-i grub-installer/with_other_os boolean false
|
||||||
|
d-i grub-installer/bootdev string /dev/sda
|
||||||
|
d-i finish-install/reboot_in_progress note
|
||||||
|
|
||||||
|
# Enable eatmydata in kali-installer to boost speed installation
|
||||||
|
d-i preseed/early_command string anna-install eatmydata-udeb
|
||||||
|
|
||||||
|
# Disable popularity-contest
|
||||||
|
popularity-contest popularity-contest/participate boolean false
|
||||||
|
|
||||||
|
kismet kismet/install-setuid boolean false
|
||||||
|
kismet kismet/install-users string
|
||||||
|
|
||||||
|
sslh sslh/inetd_or_standalone select standalone
|
||||||
|
|
||||||
|
mysql-server-5.5 mysql-server/root_password_again password
|
||||||
|
mysql-server-5.5 mysql-server/root_password password
|
||||||
|
mysql-server-5.5 mysql-server/error_setting_password error
|
||||||
|
mysql-server-5.5 mysql-server-5.5/postrm_remove_databases boolean false
|
||||||
|
mysql-server-5.5 mysql-server-5.5/start_on_boot boolean true
|
||||||
|
mysql-server-5.5 mysql-server-5.5/nis_warning note
|
||||||
|
mysql-server-5.5 mysql-server-5.5/really_downgrade boolean false
|
||||||
|
mysql-server-5.5 mysql-server/password_mismatch error
|
||||||
|
mysql-server-5.5 mysql-server/no_upgrade_when_using_ndb error
|
||||||
|
|
||||||
|
console-setup console-setup/charmap47 select UTF-8
|
||||||
|
samba-common samba-common/dhcp boolean false
|
||||||
|
macchanger macchanger/automatically_run boolean false
|
||||||
|
kismet-capture-common kismet-capture-common/install-users string
|
||||||
|
kismet-capture-common kismet-capture-common/install-setuid boolean true
|
||||||
|
wireshark-common wireshark-common/install-setuid boolean false
|
||||||
|
sslh sslh/inetd_or_standalone select standalone
|
|
@ -0,0 +1,8 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Remove the "hold" mark on any package, in Kali we put kernel packages
|
||||||
|
# on hold because upgrading them hurts more than it helps and because
|
||||||
|
# we want to ensure they are not removed by a routine dist-upgrade.
|
||||||
|
in-target sh -c 'apt-mark showhold | while read pkg; do apt-mark unhold $pkg; done'
|
|
@ -0,0 +1,29 @@
|
||||||
|
##
|
||||||
|
## Add all known firmwares
|
||||||
|
##
|
||||||
|
#if ARCHITECTURES i386 amd64
|
||||||
|
firmware-b43legacy-installer
|
||||||
|
firmware-b43-installer
|
||||||
|
#endif
|
||||||
|
zd1211-firmware
|
||||||
|
firmware-linux
|
||||||
|
firmware-netxen
|
||||||
|
firmware-ralink
|
||||||
|
firmware-realtek
|
||||||
|
firmware-iwlwifi
|
||||||
|
firmware-intelwimax
|
||||||
|
firmware-ipw2x00
|
||||||
|
firmware-atheros
|
||||||
|
firmware-bnx2
|
||||||
|
firmware-libertas
|
||||||
|
bluez-firmware
|
||||||
|
firmware-brcm80211
|
||||||
|
firmware-amd-graphics
|
||||||
|
firmware-cavium
|
||||||
|
firmware-intel-sound
|
||||||
|
firmware-misc-nonfree
|
||||||
|
firmware-myricom
|
||||||
|
firmware-qlogic
|
||||||
|
firmware-samsung
|
||||||
|
firmware-siano
|
||||||
|
firmware-ti-connectivity
|
|
@ -0,0 +1,14 @@
|
||||||
|
# ensure eatmydata is available for eatmydata.udeb
|
||||||
|
eatmydata
|
||||||
|
|
||||||
|
# EFI support, ensure we have the required .deb in the ISO available for
|
||||||
|
# installation
|
||||||
|
|
||||||
|
#if ARCHITECTURES i386
|
||||||
|
grub-efi
|
||||||
|
grub-efi-ia32
|
||||||
|
#endif
|
||||||
|
#if ARCHITECTURES amd64
|
||||||
|
grub-efi
|
||||||
|
grub-efi-amd64
|
||||||
|
#endif
|
|
@ -0,0 +1,20 @@
|
||||||
|
##
|
||||||
|
## Add linux headers to build DKMS packages even after the kernel
|
||||||
|
## used to build the live images is gone from kali-rolling.
|
||||||
|
##
|
||||||
|
#if ARCHITECTURES i386
|
||||||
|
linux-headers-686-pae
|
||||||
|
#endif
|
||||||
|
#if ARCHITECTURES amd64
|
||||||
|
linux-headers-amd64
|
||||||
|
#endif
|
||||||
|
#if ARCHITECTURES arm64
|
||||||
|
linux-headers-arm64
|
||||||
|
#endif
|
||||||
|
#if ARCHITECTURES armel
|
||||||
|
linux-headers-marvell
|
||||||
|
#endif
|
||||||
|
#if ARCHITECTURES armhf
|
||||||
|
linux-headers-armmp
|
||||||
|
linux-headers-armmp-lpae
|
||||||
|
#endif
|
|
@ -0,0 +1 @@
|
||||||
|
! Packages Priority standard
|
|
@ -0,0 +1,5 @@
|
||||||
|
# Various preseeding for auto-installed packages
|
||||||
|
|
||||||
|
# Do not register it in inetd so that its status can be controlled
|
||||||
|
# individually
|
||||||
|
atftpd atftpd/use_inetd boolean false
|
|
@ -0,0 +1,10 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Inject default background in e17 configuration (for all known profiles)
|
||||||
|
for profile in mobile standard; do
|
||||||
|
dpkg-divert --local --add /usr/share/enlightenment/data/config/$profile/e.cfg
|
||||||
|
eet -d /usr/share/enlightenment/data/config/$profile/e.cfg config /tmp/e.src
|
||||||
|
awk '/value "desktop_default_name"/ {print " value \"desktop_default_background\" string: \"/usr/share/enlightenment/data/backgrounds/kali-wallpaper_1920x1200.edj\";"}; {print}' /tmp/e.src >/tmp/e2.src
|
||||||
|
eet -e /usr/share/enlightenment/data/config/$profile/e.cfg config /tmp/e2.src 1
|
||||||
|
rm -f /tmp/e.src /tmp/e2.src
|
||||||
|
done
|
Binary file not shown.
|
@ -0,0 +1,15 @@
|
||||||
|
# You always want those
|
||||||
|
kali-linux-core
|
||||||
|
kali-desktop-live
|
||||||
|
|
||||||
|
# Kali applications
|
||||||
|
#<package>
|
||||||
|
# You can customize the set of Kali metapackages (groups of tools) to install
|
||||||
|
# For the complete list see: https://tools.kali.org/kali-metapackages
|
||||||
|
kali-linux-default
|
||||||
|
# kali-linux-large
|
||||||
|
# kali-linux-everything
|
||||||
|
# kali-tools-top10
|
||||||
|
|
||||||
|
# Graphical desktop
|
||||||
|
kali-desktop-e17
|
|
@ -0,0 +1,15 @@
|
||||||
|
# You always want those
|
||||||
|
kali-linux-core
|
||||||
|
kali-desktop-live
|
||||||
|
|
||||||
|
# Kali applications
|
||||||
|
#<package>
|
||||||
|
# You can customize the set of Kali metapackages (groups of tools) to install
|
||||||
|
# For the complete list see: https://tools.kali.org/kali-metapackages
|
||||||
|
kali-linux-default
|
||||||
|
# kali-linux-large
|
||||||
|
# kali-linux-everything
|
||||||
|
# kali-tools-top10
|
||||||
|
|
||||||
|
# Graphical desktop
|
||||||
|
kali-desktop-gnome
|
|
@ -0,0 +1,15 @@
|
||||||
|
# You always want those
|
||||||
|
kali-linux-core
|
||||||
|
kali-desktop-live
|
||||||
|
|
||||||
|
# Kali applications
|
||||||
|
#<package>
|
||||||
|
# You can customize the set of Kali metapackages (groups of tools) to install
|
||||||
|
# For the complete list see: https://tools.kali.org/kali-metapackages
|
||||||
|
kali-linux-default
|
||||||
|
# kali-linux-large
|
||||||
|
# kali-linux-everything
|
||||||
|
# kali-tools-top10
|
||||||
|
|
||||||
|
# Graphical desktop
|
||||||
|
kali-desktop-i3
|
|
@ -0,0 +1,15 @@
|
||||||
|
# You always want those
|
||||||
|
kali-linux-core
|
||||||
|
kali-desktop-live
|
||||||
|
|
||||||
|
# Kali applications
|
||||||
|
#<package>
|
||||||
|
# You can customize the set of Kali metapackages (groups of tools) to install
|
||||||
|
# For the complete list see: https://tools.kali.org/kali-metapackages
|
||||||
|
kali-linux-default
|
||||||
|
# kali-linux-large
|
||||||
|
# kali-linux-everything
|
||||||
|
# kali-tools-top10
|
||||||
|
|
||||||
|
# Graphical desktop
|
||||||
|
kali-desktop-kde
|
|
@ -0,0 +1,13 @@
|
||||||
|
# You always want those
|
||||||
|
#kali-linux-core
|
||||||
|
kali-desktop-live
|
||||||
|
|
||||||
|
# Kali applications
|
||||||
|
#<package>
|
||||||
|
# You can customize the set of Kali metapackages (groups of tools) to install
|
||||||
|
# For the complete list see: https://tools.kali.org/kali-metapackages
|
||||||
|
kali-linux-light
|
||||||
|
# kali-tools-top10
|
||||||
|
|
||||||
|
# Graphical desktop
|
||||||
|
kali-desktop-xfce
|
|
@ -0,0 +1,15 @@
|
||||||
|
# You always want those
|
||||||
|
kali-linux-core
|
||||||
|
kali-desktop-live
|
||||||
|
|
||||||
|
# Kali applications
|
||||||
|
#<package>
|
||||||
|
# You can customize the set of Kali metapackages (groups of tools) to install
|
||||||
|
# For the complete list see: https://tools.kali.org/kali-metapackages
|
||||||
|
kali-linux-default
|
||||||
|
# kali-linux-large
|
||||||
|
# kali-linux-everything
|
||||||
|
# kali-tools-top10
|
||||||
|
|
||||||
|
# Graphical desktop
|
||||||
|
kali-desktop-lxde
|
|
@ -0,0 +1,21 @@
|
||||||
|
# You always want those
|
||||||
|
kali-linux-core
|
||||||
|
kali-desktop-live
|
||||||
|
|
||||||
|
# Kali applications
|
||||||
|
#<package>
|
||||||
|
# You can customize the set of Kali metapackages (groups of tools) to install
|
||||||
|
# For the complete list see: https://tools.kali.org/kali-metapackages
|
||||||
|
kali-linux-default
|
||||||
|
# kali-linux-large
|
||||||
|
# kali-linux-everything
|
||||||
|
# kali-tools-top10
|
||||||
|
|
||||||
|
# Graphical desktop
|
||||||
|
kali-desktop-mate
|
||||||
|
# | NOTE: With Kali 1.x, the mate desktop requires other changes to the live config.
|
||||||
|
# | See https://docs.kali.org/live-build/customize-the-kali-desktop-environment
|
||||||
|
# | for details
|
||||||
|
#if DISTRIBUTION moto
|
||||||
|
mate-archive-keyring
|
||||||
|
#endif
|
|
@ -0,0 +1,15 @@
|
||||||
|
# You always want those
|
||||||
|
kali-linux-core
|
||||||
|
kali-desktop-live
|
||||||
|
|
||||||
|
# Kali applications
|
||||||
|
#<package>
|
||||||
|
# You can customize the set of Kali metapackages (groups of tools) to install
|
||||||
|
# For the complete list see: https://tools.kali.org/kali-metapackages
|
||||||
|
kali-linux-default
|
||||||
|
# kali-linux-large
|
||||||
|
# kali-linux-everything
|
||||||
|
# kali-tools-top10
|
||||||
|
|
||||||
|
# Graphical desktop
|
||||||
|
kali-desktop-xfce
|
15
modules/parrot-build/.gitignore
vendored
Normal file
15
modules/parrot-build/.gitignore
vendored
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
binary.*
|
||||||
|
prepare.log
|
||||||
|
binary
|
||||||
|
images
|
||||||
|
cache
|
||||||
|
chroot
|
||||||
|
chroot.packages.install
|
||||||
|
chroot.packages.live
|
||||||
|
.stage
|
||||||
|
.lock
|
||||||
|
.build/
|
||||||
|
config/binary
|
||||||
|
config/bootstrap
|
||||||
|
config/common
|
||||||
|
config/source
|
7
modules/parrot-build/README
Normal file
7
modules/parrot-build/README
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
Parrot Build config scripts
|
||||||
|
|
||||||
|
|
||||||
|
this configuration folder for live-build is used
|
||||||
|
to build our official ISO images
|
||||||
|
|
||||||
|
the arm build scripts will be replaced with the official one of the ARM team
|
3
modules/parrot-build/auto/build
Executable file
3
modules/parrot-build/auto/build
Executable file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
lb build noauto "$@" 2>&1 | tee logfile.log
|
3
modules/parrot-build/auto/clean
Executable file
3
modules/parrot-build/auto/clean
Executable file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
lb clean noauto "$@"
|
119
modules/parrot-build/auto/config
Executable file
119
modules/parrot-build/auto/config
Executable file
|
@ -0,0 +1,119 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
set -o pipefail # Bashism
|
||||||
|
|
||||||
|
parrot_mirror=https://deb.parrot.sh/parrot
|
||||||
|
|
||||||
|
# Detect target architecture and filter args
|
||||||
|
if [ ! $arch ]; then
|
||||||
|
arch=$(dpkg --print-architecture)
|
||||||
|
fi
|
||||||
|
if [ ! $variant ]; then
|
||||||
|
variant="home"
|
||||||
|
fi
|
||||||
|
dist="rolling"
|
||||||
|
lb_opts=""
|
||||||
|
while [ $# -gt 0 ]; do
|
||||||
|
arg="$1"
|
||||||
|
case "$arg" in
|
||||||
|
-a|--arch|--architecture|--architectures)
|
||||||
|
arch="$2"
|
||||||
|
temp="$temp "'"'"$arg"'"'
|
||||||
|
temp="$temp "'"'"$2"'"'
|
||||||
|
shift
|
||||||
|
;;
|
||||||
|
--distribution)
|
||||||
|
dist="$2"
|
||||||
|
shift
|
||||||
|
;;
|
||||||
|
--variant)
|
||||||
|
variant="$2"
|
||||||
|
shift
|
||||||
|
;;
|
||||||
|
-p|--proposed-updates)
|
||||||
|
enable_pu="1"
|
||||||
|
;;
|
||||||
|
--)
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
temp="$temp "'"'"$arg"'"'
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
shift
|
||||||
|
done
|
||||||
|
eval set -- "$temp"
|
||||||
|
|
||||||
|
if [ ! -e ${LIVE_BUILD:-/usr/share/live/build}/data/debian-cd/$dist ]; then
|
||||||
|
if [ -w ${LIVE_BUILD:-/usr/share/live/build}/data/debian-cd ]; then
|
||||||
|
ln -sf sid ${LIVE_BUILD:-/usr/share/live/build}/data/debian-cd/$dist
|
||||||
|
else
|
||||||
|
echo "ERROR: Run this first:"
|
||||||
|
echo "ln -sf sid ${LIVE_BUILD:-/usr/share/live/build}/data/debian-cd/$dist"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
case "$arch" in
|
||||||
|
amd64)
|
||||||
|
lb_opts="$lb_opts --binary-images iso-hybrid --architecture amd64 --debian-installer live --linux-flavours amd64"
|
||||||
|
;;
|
||||||
|
i386)
|
||||||
|
lb_opts="$lb_opts --binary-images iso-hybrid --architecture i386 --debian-installer live --linux-flavours 686-pae"
|
||||||
|
;;
|
||||||
|
486)
|
||||||
|
lb_opts="$lb_opts --binary-images iso-hybrid --architecture i386 --debian-installer live --linux-flavours 486"
|
||||||
|
;;
|
||||||
|
armel|armhf|arm64)
|
||||||
|
lb_opts="$lb_opts --binary-images hdd --binary-filesystem ext4 --chroot-filesystem none"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "WARNING: configuration not tested on arch $arch" >&2
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# Setup configuration files from variant and options
|
||||||
|
|
||||||
|
# Drop all files that a former run might have put into place
|
||||||
|
for file in $(cd config && find . -type f); do
|
||||||
|
file=${file#./*/}
|
||||||
|
rm -f config/$file || true
|
||||||
|
done
|
||||||
|
|
||||||
|
cp -rT templates/common config
|
||||||
|
[ ! -d templates/parrot-$variant ] || cp -rTL templates/parrot-$variant config
|
||||||
|
|
||||||
|
[ ! $arch ] || sed -i "s/ISO_ARCH/$arch/g" config/includes.binary/isolinux/menu.cfg
|
||||||
|
[ ! $arch ] || sed -i "s/ISO_ARCH/$arch/g" config/includes.binary/boot/grub/live-theme/theme.txt
|
||||||
|
[ ! $version ] || sed -i "s/ISO_VERSION/$version/g" config/includes.binary/isolinux/menu.cfg
|
||||||
|
[ ! $version ] || sed -i "s/ISO_VERSION/$version/g" config/includes.binary/boot/grub/live-theme/theme.txt
|
||||||
|
[ ! $variant ] || sed -i "s/ISO_TITLE/Parrot $variant/g" config/includes.binary/isolinux/menu.cfg
|
||||||
|
[ ! $variant ] || sed -i "s/ISO_TITLE/Parrot $variant/g" config/includes.binary/boot/grub/live-theme/theme.txt
|
||||||
|
|
||||||
|
lb config noauto \
|
||||||
|
--distribution "$dist" \
|
||||||
|
--debian-installer-distribution "$dist" \
|
||||||
|
--archive-areas "main contrib non-free" \
|
||||||
|
--debootstrap-options "--include=ca-certificates,parrot-archive-keyring,gnupg --keyring=templates/common/archives/parrot.key" \
|
||||||
|
--keyring-packages parrot-archive-keyring \
|
||||||
|
--updates false \
|
||||||
|
--security false \
|
||||||
|
--backports false \
|
||||||
|
--firmware-binary false \
|
||||||
|
--firmware-chroot false \
|
||||||
|
--compression xz \
|
||||||
|
--mirror-bootstrap "$parrot_mirror" \
|
||||||
|
--mirror-chroot "$parrot_mirror" \
|
||||||
|
--mirror-debian-installer "$parrot_mirror" \
|
||||||
|
--mirror-binary "$public_mirror" \
|
||||||
|
--iso-application "Parrot" \
|
||||||
|
--iso-publisher "Parrot Project" \
|
||||||
|
--iso-volume "Parrot $variant" \
|
||||||
|
--linux-packages linux-image \
|
||||||
|
--bootappend-live "boot=live hostname=parrot splash noautomount" \
|
||||||
|
--source false \
|
||||||
|
$lb_opts \
|
||||||
|
"$@"
|
||||||
|
|
||||||
|
#use overlay instead of aufs as union filesystem support for squashfs
|
||||||
|
sed -i "s/LB_UNION_FILESYSTEM=\"aufs\"/LB_UNION_FILESYSTEM=\"overlay\"/g" config/chroot
|
65
modules/parrot-build/build.sh
Executable file
65
modules/parrot-build/build.sh
Executable file
|
@ -0,0 +1,65 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
set -o pipefail # Bashism
|
||||||
|
|
||||||
|
export variant=$2
|
||||||
|
export myarch=$3
|
||||||
|
export version=$4
|
||||||
|
|
||||||
|
if [ $myarch == "x64" ]; then
|
||||||
|
export arch=amd64
|
||||||
|
fi
|
||||||
|
if [ $myarch == "x32" ]; then
|
||||||
|
export arch=i386
|
||||||
|
fi
|
||||||
|
|
||||||
|
function helper() {
|
||||||
|
echo -e "Parrot Build System
|
||||||
|
|
||||||
|
|
||||||
|
USAGE
|
||||||
|
./build.sh <action> [<variant> <arch> <version>]
|
||||||
|
|
||||||
|
EXPLAINATION
|
||||||
|
|
||||||
|
action - help, build
|
||||||
|
the action to be performed by this program
|
||||||
|
help will show this message, build will start
|
||||||
|
the build if correctly combined with variant, arch and version
|
||||||
|
|
||||||
|
variant - home, security, kde, studio
|
||||||
|
|
||||||
|
the edition of parrot that is going to
|
||||||
|
be taken from the templates folder
|
||||||
|
|
||||||
|
arch - i386, amd64, armhf, arm64
|
||||||
|
the architecture that will be built
|
||||||
|
|
||||||
|
version - the version of parrot that has to be
|
||||||
|
written in the live boot menu
|
||||||
|
|
||||||
|
EXAMPLE
|
||||||
|
./build.sh build home x64 4.6-CUSTOM
|
||||||
|
"
|
||||||
|
}
|
||||||
|
|
||||||
|
function build() {
|
||||||
|
lb clean
|
||||||
|
rm -rf config || true
|
||||||
|
lb config
|
||||||
|
lb build
|
||||||
|
mv live-image-*.hybrid.iso ../Parrot-$variant-$version\_$myarch.iso
|
||||||
|
}
|
||||||
|
|
||||||
|
case $1 in
|
||||||
|
build)
|
||||||
|
build
|
||||||
|
;;
|
||||||
|
help)
|
||||||
|
helper
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
helper
|
||||||
|
;;
|
||||||
|
esac
|
20
modules/parrot-build/raspberry/LICENSE.txt
Normal file
20
modules/parrot-build/raspberry/LICENSE.txt
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
The MIT License (MIT)
|
||||||
|
Copyright (c) 2015-2016 Niklas Fiekas <niklas.fiekas@backscattering.de>
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
of this software and associated documentation files (the "Software"), to deal
|
||||||
|
in the Software without restriction, including without limitation the rights
|
||||||
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
copies of the Software, and to permit persons to whom the Software is furnished
|
||||||
|
to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all
|
||||||
|
copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
||||||
|
THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
||||||
|
IN THE SOFTWARE.
|
1
modules/parrot-build/raspberry/boot/cmdline.txt
Normal file
1
modules/parrot-build/raspberry/boot/cmdline.txt
Normal file
|
@ -0,0 +1 @@
|
||||||
|
net.ifnames=0 dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 rootwait
|
43
modules/parrot-build/raspberry/boot/config.txt
Normal file
43
modules/parrot-build/raspberry/boot/config.txt
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
# For more options and information see
|
||||||
|
# http://www.raspberrypi.org/documentation/configuration/config-txt.md
|
||||||
|
# Some settings may impact device functionality. See link above for details
|
||||||
|
|
||||||
|
# uncomment if you get no picture on HDMI for a default "safe" mode
|
||||||
|
#hdmi_safe=1
|
||||||
|
|
||||||
|
# uncomment this if your display has a black border of unused pixels visible
|
||||||
|
# and your display can output without overscan
|
||||||
|
#disable_overscan=1
|
||||||
|
|
||||||
|
# uncomment the following to adjust overscan. Use positive numbers if console
|
||||||
|
# goes off screen, and negative if there is too much border
|
||||||
|
#overscan_left=16
|
||||||
|
#overscan_right=16
|
||||||
|
#overscan_top=16
|
||||||
|
#overscan_bottom=16
|
||||||
|
|
||||||
|
# uncomment to force a console size. By default it will be display's size minus
|
||||||
|
# overscan.
|
||||||
|
#framebuffer_width=1280
|
||||||
|
#framebuffer_height=720
|
||||||
|
|
||||||
|
# uncomment if hdmi display is not detected and composite is being output
|
||||||
|
hdmi_force_hotplug=1
|
||||||
|
|
||||||
|
# uncomment to force a specific HDMI mode (this will force VGA)
|
||||||
|
#hdmi_group=1
|
||||||
|
#hdmi_mode=1
|
||||||
|
|
||||||
|
# uncomment to force a HDMI mode rather than DVI. This can make audio work in
|
||||||
|
# DMT (computer monitor) modes
|
||||||
|
#hdmi_drive=2
|
||||||
|
|
||||||
|
# uncomment to increase signal to HDMI, if you have interference, blanking, or
|
||||||
|
# no display
|
||||||
|
#config_hdmi_boost=4
|
||||||
|
|
||||||
|
# uncomment for composite PAL
|
||||||
|
#sdtv_mode=2
|
||||||
|
|
||||||
|
#uncomment to overclock the arm. 700 MHz is the default.
|
||||||
|
#arm_freq=800
|
22
modules/parrot-build/raspberry/bootstrap.sh
Executable file
22
modules/parrot-build/raspberry/bootstrap.sh
Executable file
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
SOURCEDIR=$(dirname $0)
|
||||||
|
|
||||||
|
vmdebootstrap \
|
||||||
|
--arch armhf \
|
||||||
|
--distribution stable \
|
||||||
|
--mirror http://deb.parrotsec.org/parrot \
|
||||||
|
--image `date +parrot-rpi-%Y%m%d.img` \
|
||||||
|
--size 8120M \
|
||||||
|
--bootsize 64M \
|
||||||
|
--boottype vfat \
|
||||||
|
--root-password toor \
|
||||||
|
--verbose \
|
||||||
|
--no-kernel \
|
||||||
|
--no-extlinux \
|
||||||
|
--hostname parrot \
|
||||||
|
--foreign /usr/bin/qemu-arm-static \
|
||||||
|
--debootstrapopts="keyring=$SOURCEDIR/parrotsec.gpg verbose" \
|
||||||
|
--package="gnupg2 dirmngr ca-certificates" \
|
||||||
|
--customize "$SOURCEDIR/customize.sh" \
|
||||||
|
--log-level="debug"
|
229
modules/parrot-build/raspberry/customize.sh
Executable file
229
modules/parrot-build/raspberry/customize.sh
Executable file
|
@ -0,0 +1,229 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
SOURCEDIR=$(dirname $0)
|
||||||
|
ROOTDIR="$1"
|
||||||
|
|
||||||
|
# Do not start services during installation.
|
||||||
|
echo "I: disabling services during setup"
|
||||||
|
echo exit 101 > $ROOTDIR/usr/sbin/policy-rc.d
|
||||||
|
chmod +x $ROOTDIR/usr/sbin/policy-rc.d
|
||||||
|
|
||||||
|
# enable for apt-cacher-ng
|
||||||
|
echo "I: enabling apt cacher"
|
||||||
|
echo "Acquire::http { Proxy \"http://localhost:3142\"; };" > $ROOTDIR/etc/apt/apt.conf.d/50apt-cacher-ng
|
||||||
|
|
||||||
|
#configure temporary networking
|
||||||
|
echo "I: configuring temporary networking"
|
||||||
|
rm $ROOTDIR/etc/resolv.conf
|
||||||
|
echo -e "# ParrotDNS/OpenNIC
|
||||||
|
nameserver 1.1.1.1
|
||||||
|
nameserver 139.99.96.146
|
||||||
|
nameserver 37.59.40.15
|
||||||
|
nameserver 185.121.177.177
|
||||||
|
|
||||||
|
# Round Robin
|
||||||
|
options rotate" > $ROOTDIR/etc/resolv.conf
|
||||||
|
|
||||||
|
# Configure apt.
|
||||||
|
echo "I: configuring apt"
|
||||||
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
cat $SOURCEDIR/parrotsec.gpg | chroot $ROOTDIR apt-key add -
|
||||||
|
echo > $ROOTDIR/etc/apt/sources.list
|
||||||
|
mkdir -p $ROOTDIR/etc/apt/sources.list.d/
|
||||||
|
mkdir -p $ROOTDIR/etc/apt/apt.conf.d/
|
||||||
|
echo "deb http://deb.parrotsec.org/parrot stable main contrib non-free" > $ROOTDIR/etc/apt/sources.list.d/parrot.list
|
||||||
|
chroot $ROOTDIR apt update
|
||||||
|
chroot $ROOTDIR apt -y install parrot-core
|
||||||
|
|
||||||
|
echo "I: copying custom apt configs"
|
||||||
|
cp $SOURCEDIR/etc/apt/sources.list $ROOTDIR/etc/apt/sources.list
|
||||||
|
cp $SOURCEDIR/etc/apt/apt.conf.d/50raspi $ROOTDIR/etc/apt/apt.conf.d/50raspi
|
||||||
|
chroot $ROOTDIR apt update
|
||||||
|
|
||||||
|
# Regenerate SSH host keys on first boot.
|
||||||
|
echo "I: regenerating ssh keys"
|
||||||
|
chroot $ROOTDIR apt-get install -y openssh-server rng-tools
|
||||||
|
rm -f $ROOTDIR/etc/ssh/ssh_host_*
|
||||||
|
mkdir -p $ROOTDIR/etc/systemd/system
|
||||||
|
cp $SOURCEDIR/etc/systemd/system/regen-ssh-keys.service $ROOTDIR/etc/systemd/system/regen-ssh-keys.service
|
||||||
|
chroot $ROOTDIR systemctl enable regen-ssh-keys ssh
|
||||||
|
|
||||||
|
# Configure.
|
||||||
|
echo "I: configuring boot and network setups"
|
||||||
|
cp $SOURCEDIR/boot/cmdline.txt $ROOTDIR/boot/cmdline.txt
|
||||||
|
cp $SOURCEDIR/boot/config.txt $ROOTDIR/boot/config.txt
|
||||||
|
cp -r $SOURCEDIR/etc/default $ROOTDIR/etc/default
|
||||||
|
cp $SOURCEDIR/etc/fstab $ROOTDIR/etc/fstab
|
||||||
|
cp $SOURCEDIR/etc/modules $ROOTDIR/etc/modules
|
||||||
|
cp $SOURCEDIR/etc/network/interfaces $ROOTDIR/etc/network/interfaces
|
||||||
|
|
||||||
|
FILE="$SOURCEDIR/config/authorized_keys"
|
||||||
|
if [ -f $FILE ]; then
|
||||||
|
echo "I: Adding authorized_keys."
|
||||||
|
mkdir -p $ROOTDIR/root/.ssh/
|
||||||
|
cp $FILE $ROOTDIR/root/.ssh/
|
||||||
|
else
|
||||||
|
echo "I: No authorized_keys, allowing root login with password on SSH."
|
||||||
|
sed -i "s/.*PermitRootLogin.*/PermitRootLogin yes/" $ROOTDIR/etc/ssh/sshd_config
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Install kernel.
|
||||||
|
echo "I: installing kernel"
|
||||||
|
mkdir -p $ROOTDIR/lib/modules
|
||||||
|
chroot $ROOTDIR apt install -y ca-certificates curl binutils git-core kmod
|
||||||
|
wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update -O $ROOTDIR/usr/local/sbin/rpi-update
|
||||||
|
chmod a+x $ROOTDIR/usr/local/sbin/rpi-update
|
||||||
|
SKIP_WARNING=1 SKIP_BACKUP=1 ROOT_PATH=$ROOTDIR BOOT_PATH=$ROOTDIR/boot $ROOTDIR/usr/local/sbin/rpi-update
|
||||||
|
|
||||||
|
# Install extra packages.
|
||||||
|
echo "I: installing extra packages"
|
||||||
|
chroot $ROOTDIR apt install -y apt-utils nano whiptail netbase less iputils-ping net-tools isc-dhcp-client parrot-core anacron fake-hwclock ntp fail2ban needrestart sudo
|
||||||
|
chroot $ROOTDIR apt install -y parrot-interface parrot-mate firefox-esr
|
||||||
|
chroot $ROOTDIR apt install -y parrot-pico geany bleachbit
|
||||||
|
|
||||||
|
# Clean some shit.
|
||||||
|
echo "I: cleaning unwanted packages"
|
||||||
|
chroot $ROOTDIR apt -y purge firejail samba qt4-designer qttools5-dev-tools texlive-latex-extra-doc texlive-pstricks-doc texlive-pictures-doc texlive-latex-recommended-doc texlive-latex-base-doc texlive-fonts-recommended-doc texlive-pstricks-doc python-mpltoolkits.basemap-data leafpad xpra ferret minicom xpdf gvim imagemagick imagemagick-* openjdk-10-* android-sdk libandroid* leafpad xpra ferret minicom xpdf gvim imagemagick imagemagick-* vega firefox
|
||||||
|
|
||||||
|
echo "Manually enabling pulseaudio"
|
||||||
|
systemctl --user enable pulseaudio.service || true
|
||||||
|
|
||||||
|
echo "Doing some magic on networking stuff"
|
||||||
|
systemctl enable NetworkManager || true
|
||||||
|
systemctl enable resolvconf || true
|
||||||
|
#rm /etc/resolv.conf || true
|
||||||
|
#ln -s etc/resolvconf/run/resolv.conf etc/resolv.conf || true
|
||||||
|
mkdir -p /etc/systemd/network /etc/udev/rules.d
|
||||||
|
ln -sf /dev/null "/etc/systemd/network/90-mac-for-usb.link"
|
||||||
|
ln -sf /dev/null "/etc/systemd/network/99-default.link"
|
||||||
|
echo > "/etc/udev/rules.d/73-special-net-names.rules"
|
||||||
|
|
||||||
|
echo "Manually disabling inetd"
|
||||||
|
systemctl disable inetd || true
|
||||||
|
|
||||||
|
echo "Manually disabling mariadb"
|
||||||
|
systemctl disable mariadb || true
|
||||||
|
|
||||||
|
echo "Manually disabling postgresql"
|
||||||
|
systemctl disable postgresql || true
|
||||||
|
|
||||||
|
echo "Manualy disabling redis-server"
|
||||||
|
systemctl disable redis-server || true
|
||||||
|
|
||||||
|
echo "Manually disabling nginx"
|
||||||
|
systemctl disable nginx || true
|
||||||
|
|
||||||
|
echo "Manually disaling phpsessionclean"
|
||||||
|
sudo systemctl disable phpsessionclean.timer || true
|
||||||
|
|
||||||
|
echo "Manually disabling apt-daily systemd timers"
|
||||||
|
sudo systemctl disable apt-daily-upgrade.timer || true
|
||||||
|
sudo systemctl disable apt-daily.time || true
|
||||||
|
|
||||||
|
echo "Manually disabling couchdb"
|
||||||
|
systemctl disable couchdb || true
|
||||||
|
|
||||||
|
echo "Manually disabling miredo"
|
||||||
|
systemctl disable miredo || true
|
||||||
|
|
||||||
|
echo "Manualy disabling redis-server"
|
||||||
|
systemctl disable redis-server || true
|
||||||
|
|
||||||
|
echo "Manually disabling samba"
|
||||||
|
systemctl disable smbd samba || true
|
||||||
|
|
||||||
|
echo "Manually disabling snmpd"
|
||||||
|
systemctl disable snmpd || true
|
||||||
|
|
||||||
|
echo "Manually disabling nmbd"
|
||||||
|
systemctl disable nmbd || true
|
||||||
|
|
||||||
|
echo "Manually disabling snapd"
|
||||||
|
systemctl disable snapd || true
|
||||||
|
|
||||||
|
echo "Manually disabling openvas services"
|
||||||
|
systemctl disable openvas-scanner.service || true
|
||||||
|
systemctl disable openvas-manager.service || true
|
||||||
|
systemctl disable greenbone-security-assistant || true
|
||||||
|
|
||||||
|
echo "Manually disabling redsocks"
|
||||||
|
systemctl disable redsocks || true
|
||||||
|
|
||||||
|
echo "Manually disabling dradis"
|
||||||
|
systemctl disable dradis || true
|
||||||
|
|
||||||
|
echo "Manually disabling packagekit"
|
||||||
|
systemctl disable packagekit || true
|
||||||
|
|
||||||
|
echo "Manually disabling avahi-daemon"
|
||||||
|
systemctl disable avahi-daemon.socket || true
|
||||||
|
systemctl disable avahi-daemon.service || true
|
||||||
|
|
||||||
|
echo "Manually disabling colord-sane"
|
||||||
|
systemctl disable colord-sane.service || true
|
||||||
|
|
||||||
|
echo "Purging the shit out of systemd"
|
||||||
|
sed -i "s/WantedBy=multi-user.target//g" /lib/systemd/system/redis-server.service || true
|
||||||
|
sed -i "s/WantedBy=multi-user.target//g" /lib/systemd/system/smbd.service || true
|
||||||
|
sed -i "s/WantedBy=multi-user.target//g" /lib/systemd/system/nmbd.service || true
|
||||||
|
sed -i "s/WantedBy=multi-user.target//g" /lib/systemd/system/snmp.service || true
|
||||||
|
sed -i "s/WantedBy=multi-user.target//g" /lib/systemd/system/openvas-scanner.service || true
|
||||||
|
sed -i "s/WantedBy=multi-user.target//g" /lib/systemd/system/openvas-manager.service || true
|
||||||
|
sed -i "s/WantedBy=multi-user.target//g" /lib/systemd/system/redsocks.service || true
|
||||||
|
|
||||||
|
#create user
|
||||||
|
#chroot $ROOTDIR bash useradd -m -p $(mkpasswd -m sha-512 parrot) -s /bin/bash parrot
|
||||||
|
|
||||||
|
echo "I: creating parrot user"
|
||||||
|
echo 'adduser --disabled-password --gecos "" parrot' > $ROOTDIR/create-user.sh
|
||||||
|
echo 'echo "parrot:toor" | chpasswd' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot audio' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot cdrom' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot dip' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot video' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot plugdev' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot netdev' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot powerdev' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot scanner' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot bluetooth' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot sudo' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot fuse' >> $ROOTDIR/create-user.sh
|
||||||
|
echo 'adduser parrot dialout' >> $ROOTDIR/create-user.sh
|
||||||
|
chmod +x $ROOTDIR/create-user.sh
|
||||||
|
chroot $ROOTDIR /create-user.sh
|
||||||
|
rm $ROOTDIR/create-user.sh
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#configure networking
|
||||||
|
echo "I: configuring networking"
|
||||||
|
chroot $ROOTDIR apt-get update
|
||||||
|
chroot $ROOTDIR apt-get -y install resolvconf
|
||||||
|
chroot $ROOTDIR systemctl enable resolvconf
|
||||||
|
chroot $ROOTDIR systemctl start resolvconf
|
||||||
|
chroot $ROOTDIR rm /etc/resolv.conf
|
||||||
|
echo -e "
|
||||||
|
# ParrotDNS/OpenNIC
|
||||||
|
nameserver 139.99.96.146
|
||||||
|
nameserver 37.59.40.15
|
||||||
|
nameserver 185.121.177.177
|
||||||
|
|
||||||
|
# Round Robin
|
||||||
|
options rotate" > $ROOTDIR/etc/resolvconf/resolv.conf.d/tail
|
||||||
|
ln -s /etc/resolvconf/run/resolv.conf $ROOTDIR/etc/resolv.conf
|
||||||
|
|
||||||
|
# Create a swapfile.
|
||||||
|
#echo "I: creating swapfile"
|
||||||
|
#dd if=/dev/zero of=$ROOTDIR/var/swapfile bs=1M count=128
|
||||||
|
#chroot $ROOTDIR mkswap /var/swapfile
|
||||||
|
#echo /var/swapfile none swap sw 0 0 >> $ROOTDIR/etc/fstab
|
||||||
|
|
||||||
|
# Done.
|
||||||
|
echo "I: ultimating build"
|
||||||
|
rm $ROOTDIR/usr/sbin/policy-rc.d
|
||||||
|
echo "cleaning the system with bleachbit"
|
||||||
|
chroot $ROOTDIR bleachbit -c system.localizations apt.autoclean apt.autoremove apt.package_lists deepscan.backup deepscan.ds_store deepscan.thumbs_db deepscan.tmp system.cache system.rotated_logs thumbnails.cache &> /dev/null && echo "done"
|
||||||
|
rm $ROOTDIR/etc/apt/apt.conf.d/50apt-cacher-ng
|
||||||
|
rm $ROOTDIR/root/.bash_history
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
# Never use pdiffs. Current implementation is very slow on low-powered devices.
|
||||||
|
Acquire::PDiffs "0";
|
1
modules/parrot-build/raspberry/etc/apt/sources.list
Normal file
1
modules/parrot-build/raspberry/etc/apt/sources.list
Normal file
|
@ -0,0 +1 @@
|
||||||
|
deb http://deb.parrotsec.org/parrot parrot main contrib non-free
|
1
modules/parrot-build/raspberry/etc/default/rng-tools
Normal file
1
modules/parrot-build/raspberry/etc/default/rng-tools
Normal file
|
@ -0,0 +1 @@
|
||||||
|
HRNGDEVICE=/dev/hwrng
|
4
modules/parrot-build/raspberry/etc/fstab
Normal file
4
modules/parrot-build/raspberry/etc/fstab
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
/dev/mmcblk0p1 /boot vfat defaults 0 0
|
||||||
|
/dev/mmcblk0p2 / ext4 noatime,nodiratime,relatime,discard 0 0
|
||||||
|
proc /proc proc defaults 0 0
|
||||||
|
tmpfs /tmp tmpfs defaults,size=100M 0 0
|
5
modules/parrot-build/raspberry/etc/modules
Normal file
5
modules/parrot-build/raspberry/etc/modules
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
vchiq
|
||||||
|
snd_bcm2835
|
||||||
|
bcm2708-rng
|
||||||
|
btrfs
|
||||||
|
xfs
|
7
modules/parrot-build/raspberry/etc/network/interfaces
Normal file
7
modules/parrot-build/raspberry/etc/network/interfaces
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
auto lo
|
||||||
|
iface lo inet loopback
|
||||||
|
|
||||||
|
auto eth0
|
||||||
|
allow-hotplug eth0
|
||||||
|
iface eth0 inet dhcp
|
||||||
|
iface eth0 inet6 auto
|
|
@ -0,0 +1,24 @@
|
||||||
|
[Unit]
|
||||||
|
Description=OpenSSH Server Key Generation
|
||||||
|
|
||||||
|
# Do not run if keys already exist
|
||||||
|
ConditionPathExistsGlob=!/etc/ssh/ssh_host_*_key
|
||||||
|
|
||||||
|
# This service requires rng-tools to feed the random number generator,
|
||||||
|
# otherwise we may generate predictable keys without noticing it.
|
||||||
|
Requires=rng-tools.service
|
||||||
|
After=rng-tools.service
|
||||||
|
|
||||||
|
# sshd needs this service to be run and finished before starting
|
||||||
|
PartOf=ssh.service ssh.socket
|
||||||
|
Before=ssh.service ssh.socket
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
# sshd needs this service to be run and finished before starting
|
||||||
|
WantedBy=ssh.service ssh.socket
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
EnvironmentFile=-/etc/sysconfig/sshd
|
||||||
|
ExecStart=/usr/bin/ssh-keygen -A
|
||||||
|
Type=oneshot
|
||||||
|
RemainAfterExit=yes
|
BIN
modules/parrot-build/raspberry/parrotsec.gpg
Normal file
BIN
modules/parrot-build/raspberry/parrotsec.gpg
Normal file
Binary file not shown.
BIN
modules/parrot-build/templates/common/archives/parrot.key
Normal file
BIN
modules/parrot-build/templates/common/archives/parrot.key
Normal file
Binary file not shown.
|
@ -0,0 +1,5 @@
|
||||||
|
## stable repository
|
||||||
|
deb https://deb.parrot.sh/parrot rolling main contrib non-free
|
||||||
|
deb https://deb.parrot.sh/parrot rolling-security main contrib non-free
|
||||||
|
#deb-src https://deb.parrot.sh/parrot rolling main contrib non-free
|
||||||
|
#deb-src https://deb.parrot.sh/parrot rolling-security main contrib non-free
|
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,94 @@
|
||||||
|
set default=0
|
||||||
|
|
||||||
|
loadfont $prefix/dejavu-bold-16.pf2
|
||||||
|
loadfont $prefix/dejavu-bold-14.pf2
|
||||||
|
loadfont $prefix/unicode.pf2
|
||||||
|
set gfxmode=auto
|
||||||
|
insmod all_video
|
||||||
|
insmod gfxterm
|
||||||
|
insmod png
|
||||||
|
|
||||||
|
set color_normal=cyan/black
|
||||||
|
set color_highlight=white/blue
|
||||||
|
|
||||||
|
if [ -e /isolinux/splash.png ]; then
|
||||||
|
# binary_syslinux modifies the theme file to point to the correct
|
||||||
|
# background picture
|
||||||
|
set theme=/boot/grub/live-theme/theme.txt
|
||||||
|
elif [ -e /boot/grub/splash.png ]; then
|
||||||
|
set theme=/boot/grub/live-theme/theme.txt
|
||||||
|
else
|
||||||
|
set menu_color_normal=cyan/blue
|
||||||
|
set menu_color_highlight=white/blue
|
||||||
|
fi
|
||||||
|
|
||||||
|
terminal_output gfxterm
|
||||||
|
|
||||||
|
insmod play
|
||||||
|
play 960 440 1 0 4 440 1
|
||||||
|
|
||||||
|
# Live boot
|
||||||
|
menuentry "Live" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Text" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE systemd.unit=multi-user.target
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "RAM mode" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE toram
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Forensics mode" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE noswap noautomount
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
menuentry "Persistence" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE persistence
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
menuentry "Encrypted persistence" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE persistent=cryptsetup persistence-encryption=luks persistence
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Failsafe (nomodeset)" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE nomodeset
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Failsafe (disable nvdia/amd gpu)" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE nouveau.modeset=0 nvidia.modeset=0 radeon.modeset=0
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Failsafe (strong errors prevention)" {
|
||||||
|
linux KERNEL_LIVE APPEND_LIVE config memtest noapic noapm nodma nomce nolapic nomodeset nosplash vga=normal
|
||||||
|
initrd INITRD_LIVE
|
||||||
|
}
|
||||||
|
|
||||||
|
# Installer
|
||||||
|
menuentry "Installer" {
|
||||||
|
linux /install/vmlinuz vga=normal quiet
|
||||||
|
initrd /install/initrd.gz
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "GTK Installer" {
|
||||||
|
linux /install//gtk/vmlinuz video=vesa:ywrap,mtrr vga=768 quiet
|
||||||
|
initrd /install/gtk/initrd.gz
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
submenu 'Advanced options...' {
|
||||||
|
|
||||||
|
# More installer entries (if any)
|
||||||
|
LINUX_ADVANCED_INSTALL
|
||||||
|
|
||||||
|
# Memtest (if any)
|
||||||
|
MEMTEST
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,63 @@
|
||||||
|
desktop-image: "../splash.png"
|
||||||
|
title-color: "#00BEFE"
|
||||||
|
title-font: "DejaVu Sans Bold 16"
|
||||||
|
title-text: ""
|
||||||
|
message-font: "Unifont Regular 16"
|
||||||
|
terminal-font: "Unifont Regular 16"
|
||||||
|
|
||||||
|
#help bar at the bottom
|
||||||
|
+ label {
|
||||||
|
top = 100%-50
|
||||||
|
left = 0
|
||||||
|
width = 100%
|
||||||
|
height = 20
|
||||||
|
text = "@KEYMAP_SHORT@"
|
||||||
|
align = "center"
|
||||||
|
color = "#00BEFE"
|
||||||
|
font = "DejaVu Sans Bold 14"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Title in the middle box
|
||||||
|
+ label {
|
||||||
|
top = 20%
|
||||||
|
left = 0
|
||||||
|
width = 100%
|
||||||
|
height = 35
|
||||||
|
align = "center"
|
||||||
|
color = "#00BEFE"
|
||||||
|
text = "Parrot Project"
|
||||||
|
font = "DejaVu Sans Bold 16"
|
||||||
|
}
|
||||||
|
|
||||||
|
#boot menu
|
||||||
|
+ boot_menu {
|
||||||
|
left = 13%
|
||||||
|
width = 74%
|
||||||
|
top = 20%+35
|
||||||
|
height = 230
|
||||||
|
item_color = "#a8a8a8"
|
||||||
|
item_font = "DejaVu Sans Bold 14"
|
||||||
|
selected_item_color= "#00BEFE"
|
||||||
|
selected_item_font = "DejaVu Sans Bold 14"
|
||||||
|
item_height = 16
|
||||||
|
item_padding = 0
|
||||||
|
item_spacing = 4
|
||||||
|
icon_width = 0
|
||||||
|
icon_heigh = 0
|
||||||
|
item_icon_space = 0
|
||||||
|
}
|
||||||
|
|
||||||
|
#progress bar
|
||||||
|
+ progress_bar {
|
||||||
|
id = "__timeout__"
|
||||||
|
left = 13%
|
||||||
|
top = 100%-80
|
||||||
|
height = 16
|
||||||
|
width = 74%
|
||||||
|
font = "DejaVu Sans Bold 14"
|
||||||
|
text_color = "#000000"
|
||||||
|
fg_color = "#00BEFE"
|
||||||
|
bg_color = "#a8a8a8"
|
||||||
|
border_color = "#00BEFE"
|
||||||
|
text = "@TIMEOUT_NOTIFICATION_LONG@"
|
||||||
|
}
|
Binary file not shown.
After Width: | Height: | Size: 38 KiB |
Binary file not shown.
After Width: | Height: | Size: 39 KiB |
Binary file not shown.
After Width: | Height: | Size: 40 KiB |
104
modules/parrot-build/templates/common/hooks/normal/parrot-hooks.hook.chroot
Executable file
104
modules/parrot-build/templates/common/hooks/normal/parrot-hooks.hook.chroot
Executable file
|
@ -0,0 +1,104 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
export PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/usr/share/games:/usr/local/sbin:/usr/sbin:/sbin:~/.local/bin:/snap/bin:$PATH
|
||||||
|
|
||||||
|
# Handle systems where /lib is not merged in /usr/lib
|
||||||
|
if [ ! -h /lib ]; then
|
||||||
|
mv /usr/lib/live/config/* /lib/live/config/
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Installing flatpak repositories (if needed)"
|
||||||
|
flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo || true
|
||||||
|
flatpak remote-add --if-not-exists winepak https://dl.winepak.org/repo/winepak.flatpakrepo || true
|
||||||
|
|
||||||
|
|
||||||
|
echo "Removing useless stuff"
|
||||||
|
apt update
|
||||||
|
apt-get purge -y qt4-designer qttools5-dev-tools texlive-latex-extra-doc texlive-pstricks-doc texlive-pictures-doc texlive-latex-recommended-doc texlive-latex-base-doc texlive-fonts-recommended-doc texlive-pstricks-doc python-mpltoolkits.basemap-data leafpad xpra ferret minicom xpdf gvim llvm-7-dev python-scipy python-all python-all-dev || true
|
||||||
|
|
||||||
|
echo "Manually enabling pulseaudio"
|
||||||
|
systemctl --user enable pulseaudio.service || true
|
||||||
|
|
||||||
|
echo "Manually enabling live-config"
|
||||||
|
systemctl enable live-config || true
|
||||||
|
|
||||||
|
echo "Doing some magic on networking stuff"
|
||||||
|
systemctl enable NetworkManager || true
|
||||||
|
systemctl enable resolvconf || true
|
||||||
|
#rm /etc/resolv.conf || true
|
||||||
|
#ln -s etc/resolvconf/run/resolv.conf etc/resolv.conf || true
|
||||||
|
mkdir -p /etc/systemd/network /etc/udev/rules.d
|
||||||
|
ln -sf /dev/null "/etc/systemd/network/90-mac-for-usb.link"
|
||||||
|
ln -sf /dev/null "/etc/systemd/network/99-default.link"
|
||||||
|
echo > "/etc/udev/rules.d/73-special-net-names.rules"
|
||||||
|
|
||||||
|
echo "Manually disabling inetd"
|
||||||
|
systemctl disable inetd || true
|
||||||
|
|
||||||
|
echo "Manually disabling mariadb"
|
||||||
|
systemctl disable mariadb || true
|
||||||
|
|
||||||
|
echo "Manually disabling postgresql"
|
||||||
|
systemctl disable postgresql || true
|
||||||
|
|
||||||
|
echo "Manualy disabling redis-server"
|
||||||
|
systemctl disable redis-server || true
|
||||||
|
|
||||||
|
echo "Manually disabling nginx"
|
||||||
|
systemctl disable nginx || true
|
||||||
|
|
||||||
|
echo "Manually disabling cups"
|
||||||
|
systemctl disable cups cups-browsed || true
|
||||||
|
|
||||||
|
echo "Manually disabling avahi"
|
||||||
|
systemctl disable avahi-daemon || true
|
||||||
|
|
||||||
|
echo "Manually disabling hostapd"
|
||||||
|
systemctl disable hostapd || true
|
||||||
|
|
||||||
|
echo "Manually disaling phpsessionclean"
|
||||||
|
sudo systemctl disable phpsessionclean.timer || true
|
||||||
|
|
||||||
|
echo "Manually disabling apt-daily systemd timers"
|
||||||
|
sudo systemctl disable apt-daily-upgrade.timer || true
|
||||||
|
sudo systemctl disable apt-daily.time || true
|
||||||
|
|
||||||
|
echo "cleaning the system with bleachbit"
|
||||||
|
bleachbit -c system.localizations apt.autoclean apt.clean apt.autoremove apt.package_lists deepscan.backup deepscan.ds_store deepscan.thumbs_db deepscan.tmp system.cache system.rotated_logs thumbnails.cache &> /dev/null && echo "done"
|
||||||
|
|
||||||
|
|
||||||
|
parrot-mirror-selector default
|
||||||
|
|
||||||
|
echo "adding additional modules to initramfs"
|
||||||
|
apt -y install initramfs-tools || true
|
||||||
|
echo "nls_ascii" >> /etc/initramfs-tools/modules
|
||||||
|
echo "ext4" >> /etc/initramfs-tools/modules
|
||||||
|
echo "btrfs" >> /etc/initramfs-tools/modules
|
||||||
|
echo "xfs" >> /etc/initramfs-tools/modules
|
||||||
|
#echo "zfs" >> /etc/initramfs-tools/modules
|
||||||
|
|
||||||
|
echo "Enabling cryptsetup initramfs support"
|
||||||
|
if [ -e /etc/cryptsetup-initramfs/conf-hook ]; then
|
||||||
|
if grep -q '^#CRYPTSETUP=' /etc/cryptsetup-initramfs/conf-hook; then
|
||||||
|
sed -i -e 's/^#CRYPTSETUP=.*/CRYPTSETUP=y/' /etc/cryptsetup-initramfs/conf-hook
|
||||||
|
else
|
||||||
|
echo "CRYPTSETUP=y" >>/etc/cryptsetup-initramfs/conf-hook
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
update-initramfs -c -u -k all || true
|
||||||
|
|
||||||
|
firecfg --clean || true
|
||||||
|
firecfg --add-users root || true
|
||||||
|
firecfg --add-users user || true
|
||||||
|
firecfg || true
|
||||||
|
|
||||||
|
# Hold kernel packages in live image.
|
||||||
|
for pkg in $(dpkg-query -f'${binary:Package}\n' -l 'linux-image-*' 'linux-headers-*' 'linux-kbuild-*' | grep ii | awk '{print $2}'); do
|
||||||
|
apt-mark hold $pkg
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -x "$(which updatedb 2>/dev/null)" ]; then
|
||||||
|
updatedb
|
||||||
|
fi
|
|
@ -0,0 +1 @@
|
||||||
|
../sleep.hook.chroot
|
|
@ -0,0 +1 @@
|
||||||
|
normal/parrot-hooks.hook.chroot
|
6
modules/parrot-build/templates/common/hooks/sleep.hook.chroot
Executable file
6
modules/parrot-build/templates/common/hooks/sleep.hook.chroot
Executable file
|
@ -0,0 +1,6 @@
|
||||||
|
#!/bin/sh
|
||||||
|
sleep 60
|
||||||
|
while pgrep -f update-parrot-menu >/dev/null; do
|
||||||
|
echo "Sleeping 60 seconds as update-parrot-menu is still running..."
|
||||||
|
sleep 60
|
||||||
|
done
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,126 @@
|
||||||
|
set default=0
|
||||||
|
|
||||||
|
loadfont $prefix/dejavu-bold-16.pf2
|
||||||
|
loadfont $prefix/dejavu-bold-14.pf2
|
||||||
|
loadfont $prefix/unicode.pf2
|
||||||
|
set gfxmode=auto
|
||||||
|
insmod all_video
|
||||||
|
insmod gfxterm
|
||||||
|
insmod png
|
||||||
|
|
||||||
|
set color_normal=cyan/black
|
||||||
|
set color_highlight=white/blue
|
||||||
|
|
||||||
|
if [ -e /isolinux/quiet splash components.png ]; then
|
||||||
|
# binary_syslinux modifies the theme file to point to the correct
|
||||||
|
# background picture
|
||||||
|
set theme=/boot/grub/live-theme/theme.txt
|
||||||
|
elif [ -e /boot/grub/quiet splash components.png ]; then
|
||||||
|
set theme=/boot/grub/live-theme/theme.txt
|
||||||
|
else
|
||||||
|
set menu_color_normal=cyan/blue
|
||||||
|
set menu_color_highlight=white/blue
|
||||||
|
fi
|
||||||
|
|
||||||
|
terminal_output gfxterm
|
||||||
|
|
||||||
|
insmod play
|
||||||
|
play 960 440 1 0 4 440 1
|
||||||
|
|
||||||
|
# Live boot
|
||||||
|
menuentry "Live" {
|
||||||
|
linux /live/vmlinuz boot=live hostname=parrot quiet splash components noautomount
|
||||||
|
initrd /live/initrd.img
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Text" {
|
||||||
|
linux /live/vmlinuz boot=live hostname=parrot quiet splash components noautomount systemd.unit=multi-user.target
|
||||||
|
initrd /live/initrd.img
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "RAM mode" {
|
||||||
|
linux /live/vmlinuz boot=live hostname=parrot quiet splash components noautomount toram
|
||||||
|
initrd /live/initrd.img
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Forensics mode" {
|
||||||
|
linux /live/vmlinuz boot=live hostname=parrot quiet splash components noautomount noswap noautomount
|
||||||
|
initrd /live/initrd.img
|
||||||
|
}
|
||||||
|
menuentry "Persistence" {
|
||||||
|
linux /live/vmlinuz boot=live hostname=parrot quiet splash components noautomount persistence
|
||||||
|
initrd /live/initrd.img
|
||||||
|
}
|
||||||
|
menuentry "Encrypted persistence" {
|
||||||
|
linux /live/vmlinuz boot=live hostname=parrot quiet splash components noautomount persistent=cryptsetup persistence-encryption=luks persistence
|
||||||
|
initrd /live/initrd.img
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Failsafe (nomodeset)" {
|
||||||
|
linux /live/vmlinuz boot=live hostname=parrot quiet splash components noautomount nomodeset
|
||||||
|
initrd /live/initrd.img
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Failsafe (disable nvdia/amd gpu)" {
|
||||||
|
linux /live/vmlinuz boot=live hostname=parrot quiet splash components noautomount nouveau.modeset=0 nvidia.modeset=0 radeon.modeset=0
|
||||||
|
initrd /live/initrd.img
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "Failsafe (strong errors prevention)" {
|
||||||
|
linux /live/vmlinuz boot=live hostname=parrot quiet splash components noautomount config memtest noapic noapm nodma nomce nolapic nomodeset noquiet splash components vga=normal
|
||||||
|
initrd /live/initrd.img
|
||||||
|
}
|
||||||
|
|
||||||
|
# Installer (if any)
|
||||||
|
menuentry "Installer" {
|
||||||
|
linux /install/vmlinuz vga=normal quiet
|
||||||
|
initrd /install/initrd.gz
|
||||||
|
}
|
||||||
|
|
||||||
|
menuentry "GTK Installer" {
|
||||||
|
linux /install/gtk/vmlinuz video=vesa:ywrap,mtrr vga=768 quiet
|
||||||
|
initrd /install/gtk/initrd.gz
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
submenu 'Advanced options...' {
|
||||||
|
|
||||||
|
# More installer entries (if any)
|
||||||
|
menuentry "Install in graphical mode" {
|
||||||
|
linux /install/gtk/vmlinuz video=vesa:ywrap,mtrr vga=788 quiet
|
||||||
|
initrd /install/gtk/initrd.gz
|
||||||
|
}
|
||||||
|
menuentry "Install in text mode" {
|
||||||
|
linux /install/vmlinuz vga=normal quiet
|
||||||
|
initrd /install/initrd.gz
|
||||||
|
}
|
||||||
|
menuentry "Expert install in graphical mode" {
|
||||||
|
linux /install/gtk/vmlinuz priority=low video=vesa:ywrap,mtrr vga=788 quiet
|
||||||
|
initrd /install/gtk/initrd.gz
|
||||||
|
}
|
||||||
|
menuentry "Expert install in text mode" {
|
||||||
|
linux /install/vmlinuz priority=low vga=normal quiet
|
||||||
|
initrd /install/initrd.gz
|
||||||
|
}
|
||||||
|
menuentry "Automatic install in graphical mode" {
|
||||||
|
linux /install/gtk/vmlinuz auto=true priority=critical video=vesa:ywrap,mtrr vga=788 quiet
|
||||||
|
initrd /install/gtk/initrd.gz
|
||||||
|
}
|
||||||
|
menuentry "Automatic install in text mode" {
|
||||||
|
linux /install/vmlinuz auto=true priority=critical vga=normal quiet
|
||||||
|
initrd /install/initrd.gz
|
||||||
|
}
|
||||||
|
menuentry "Rescue system in graphical mode" {
|
||||||
|
linux /install/gtk/vmlinuz rescue/enable=true video=vesa:ywrap,mtrr vga=788
|
||||||
|
initrd /install/gtk/initrd.gz
|
||||||
|
}
|
||||||
|
menuentry "Rescue system in text mode" {
|
||||||
|
linux /install/vmlinuz rescue/enable=true vga=normal
|
||||||
|
initrd /install/initrd.gz
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# Memtest (if any)
|
||||||
|
|
||||||
|
|
||||||
|
}
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue