-
Notifications
You must be signed in to change notification settings - Fork 2
/
kali-custom-builder
executable file
·182 lines (139 loc) · 5.94 KB
/
kali-custom-builder
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
#!/bin/bash
BASE=/usr/local/src/kali-builder
# Replace this with a direct URL after registration at https://software.intel.com/en-us/articles/opencl-drivers#cpu-section to install intel-ocl-icd (and accept license)
INTEL_OPENCL_URL=""
# Replace this with the appropriate download url from https://www.veracrypt.fr/ to install veracrypt (and accept the license)
VERACRYPT_URL=""
# Must be root
if [ ! \( \( "${USER}" = "root" \) -o \( -n "${EUID}" -a ${EUID} = 0 \) \) ]
then
echo "root privs required. re-run with sudo."
exit 1
fi
# Fetch the repo so we have a place to work from
cd ${BASE}
REPO="live-build-config"
echo "validating/preparing repository"
if [ ! -r "${BASE}/${REPO}/.git/config" ]
then
# git clone git://git.kali.org/${REPO}.git
git clone https://gitlab.com/kalilinux/build-scripts/${REPO}.git
cd ${BASE}/${REPO}/
# System upgrades first
apt update
apt upgrade
FILE=$(curl --silent https://http.kali.org/pool/main/k/kali-archive-keyring/ | grep all\.deb | sed 's/.*href=//g;' | cut -f2 -d\" | tail -1)
wget https://http.kali.org/pool/main/k/kali-archive-keyring/${FILE} && dpkg -i ${FILE}
FILE=$(curl --silent https://http.kali.org/kali/pool/main/l/live-build/ | grep kali1_all\.deb | sed 's/.*href=//g;' | cut -f2 -d\" | tail -1)
wget https://http.kali.org/kali/pool/main/l/live-build/${FILE} && dpkg -i ${FILE}
apt install -y git live-build cdebootstrap debootstrap curl alien
cd /usr/share/debootstrap/scripts/
( echo "default_mirror http://http.kali.org/kali"; sed -e "s/debian-archive-keyring.gpg/kali-archive-keyring.gpg/g" sid ) > kali
ln -s kali kali-rolling
cd ${BASE}/${REPO}/
# Build the repo
LN=$(grep --line-number -A1 'ERROR:.*debootstrap' ${BASE}/${REPO}/build.sh | grep exit | awk '{print $1}' | sed 's/[^0-9]//g')
sed -i.bak "${LN}s/exit/#exit/" ${BASE}/${REPO}/build.sh
LN=$(grep --line-number -A1 'ERROR:.*live-build' ${BASE}/${REPO}/build.sh | grep exit | awk '{print $1}' | sed 's/[^0-9]//g')
sed -i.bak "${LN}s/exit/#exit/" ${BASE}/${REPO}/build.sh
fi
if [ "$1" = "purge" ]
then
echo "purging existing build data (customizations are not disturbed)"
cd ${BASE}/${REPO}
lb clean --purge
fi
echo "checking custom packages"
if [ -z "$(grep alien ${BASE}/${REPO}/kali-config/variant-lxde/package-lists/kali.list.chroot)" ]
then
for pkg in kali-desktop-lxde kali-tools-forensics kali-tools-gpu kali-tools-passwords alien aptitude joe princeprocessor nvidia-cuda-toolkit nvidia-driver nvidia-kernel-dkms nvidia-opencl-common nvidia-opencl-icd ocl-icd-libopencl1 beignet-opencl-icd dislocker libdislocker0.7
do
echo $pkg >> ${BASE}/${REPO}/kali-config/variant-lxde/package-lists/kali.list.chroot
done
fi
cbootscr="${BASE}/${REPO}/kali-config/common/hooks/live/zzz-default-boot.binary"
echo "adjusting default boot option"
if [ ! -r "${cbootscr}" ]
then
cat > "${cbootscr}" <<EOF
#!/bin/sh
if [ ! -d isolinux ]; then
cd binary
fi
CFG=isolinux/live.cfg
# fix the default option
LABEL="label live-persistence"
sed -i.bak '/menu default/d' ${CFG}
sed -i.bak "s/${LABEL}/${LABEL}\n menu default/i" ${CFG}
# Fix the timeout for automatic booting, in 10ths of a second
sed -i.bak 's/timeout 0/timeout 100/;' isolinux/isolinux.cfg
# Remove the bell:
sed -i.bak 's/\x07//' isolinux/menu.cfg
#done!
EOF
chmod +x "${cbootscr}"
fi
[[ -n "${VERACRYPT_URL}" ]] && echo "checking for veracrypt"
if [ ! -r ${BASE}/${REPO}/kali-config/common/includes.chroot/usr/bin/veracrypt -a -n "${VERACRYPT_URL}" ]
then
###
# Fetch and manually install the veracrypt tools:
FILE=$(curl --silent "${VERACRYPT_URL}" | grep 'veracrypt.*setup.tar.bz2"' | grep -vE 'legacy|freebsd' | cut -f2 -d\" | sed 's/+/%2B/g;')
wget --referer="https://www.veracrypt.fr/" "${FILE}"
TAR=${FILE##*/}
FILE="${TAR%setup*}setup"
tar -xvf "${TAR}" "${FILE}-console-x64" # extracts: veracrypt-1.23-setup-console-x64
./${FILE}-console-x64 --noexec --tar xvf # extracts: veracrypt_install_console_x64.sh
PACKAGE_START=$(grep '^PACKAGE_START' veracrypt_install_console_x64.sh | cut -f2 -d=)
if ! tail -n +$PACKAGE_START "veracrypt_install_console_x64.sh" > veracrypt.tar.gz
then
echo "Error: Extraction of veracrypt.tar.gz failed"
exit 1
fi
# Place the veracrypt files into the chroot filesystem for later inclusion
tar -xvf veracrypt.tar.gz -C ${BASE}/${REPO}/kali-config/common/includes.chroot
rm -f veracrypt.tar.gz veracrypt_install_console_x64.sh veracrypt-*-setup-console-x64
###
fi
[[ -n "${INTEL_OPENCL_URL}" ]] && echo "checking for intel ocl cpu drivers"
if [ ! -r ${BASE}/${REPO}/kali-config/common/includes.chroot/etc/OpenCL/vendors/intel64.icd -a -n "${INTEL_OPENCL_URL}" ]
then
# Download intel ocl-cpu drivers from its respective page:
# If this URL expires, a new one requires registration, we can't manually do it
# https://software.intel.com/en-us/articles/opencl-drivers#cpu-section
wget --referer="https://registrationcenter.intel.com/" "${INTEL_OPENCL_URL}"
TAR=${INTEL_OPENCL_URL##*/}
RPMS=$(tar -tf "${TAR}" | grep '\.rpm$' | grep -v pset)
for i in ${RPMS}
do
file=$(basename "$i")
tar -xvf "${TAR}" "$i" -O > "${file}"
alien -t "${file}"
rm -f "${file}"
tfile="${file%-*}.tgz"
tar -xvf "${tfile}" -C kali-live-build-config/kali-config/common/includes.chroot
rm -f "${tfile}"
done
rm -f ${TAR}
cd ${BASE}/${REPO}/etc/OpenCL/vendors/
ln -s $(find ../../../opt/intel/ -iname 'intel64.icd')
fi
# This completes the modifications to the standard build system.
echo "Completed customizations"
# Build it
cd ${BASE}/${REPO}
ISO="${BASE}/${REPO}/images/kali-linux-lxde-rolling-amd64.iso"
if [ ! -r "${ISO}" ]
then
echo "Compile it with the following command:"
echo ""
echo "cd ${REPO}; sudo ./build.sh --variant lxde --verbose"
else
# mayhap remaining from a prior build (remind about purge)
echo "ISO found (remove with purge command)"
fi
# if it exists after compilation, show it:
[[ -r "${ISO}" ]] && ls -alF "${ISO}"
# install it
[[ -r "${ISO}" ]] && echo -e "Now, run:\nkali-burn-image \"${ISO}\""
# done