Install Kali Linux on Raspberry Pi 3 & 4

From Embedded Lab Vienna for IoT & Security
Jump to: navigation, search

Summary

This is a detailed step-by-step guide on how to set up Kali Linux on your Raspberry Pi 3 or 4. You can use this device for mobile pentesting. The basis of this guide comes from the following Null Byte Wonderland tutorial.

Requirements

  • Hardware: Raspberry Pi 3 or 4
  • Operating system on Raspberry: Kali Linux (you need a special version, see "Image file").
  • Power supply: Micro USB charger, or an external USB power bank if you decide to do mobile pentesting
  • microSDHC card: Minimum 16 GB (32 GB recommended by me) with card adapter (you need to flash it on your machine). This is your "hard drive".
  • Flashing software: gparted (Linux), Win32 Disk Imager (Windows), ... or you can use a different tool if you have something that you like better.
  • Image file: Raspberry Pi Foundation (direct download). It is hosted at Offensive Security. You can also flash a different Kali version if you prefer or build your own, but check first if it is compatbile with your device.
  • [optional] Wireless USB Adapter: If you plan on using a virtualized version of Kali Linux, you need to have this, because virtualized Kali Linux does not support using the NIC in monitor mode. If you are using the above mentioned Raspberry Foundation image file, which is not virtualized, you do not need to use a Wireless USB adapter.
  • [optional] Manual input devices: USB mouse or keyboard, Bluetooth mouse and keyboard, ... it justs needs to work with USB connectors.
  • [optional] External monitor: For initial setup, you need to use one. You can connect the Raspberry to your computer using HDMI. If you do not have an HDMI port on your monitor you will need to use a suitable adapter.
  • [optional] Adapter for micro SD card: If your computer does not have a SD card reader, you will need to use an adapter to be able to flash the Kali OS to the microSD card.
  • [optional] Raspberry Pi Model 3 or 4 protective case. I did not use one. But (un)plugging adapters can be kind of nerve wracking, as they can be hard to pull out. Also, if you carry the device around in your pocket for mobile pentesting, you could easily damage the device simply by bumping into someone or something. So decide on your own if you want to use a protective case depending on your use case.

Description

Step 1

Put your micro SD card into the adapter. Plug the adapter in to your computer.

microSDHC card with adapter

Step 2

Flash image file to micro SD card. Screenshot taken from Windows machine.

Win32 Disk Imager

Step 3

Connect wireless USB adapter if needed. The used Panda Wireless PAU05 has a working chipset and is available in Elvis Lab Panda 300 Mbps Wireless N USB Adapter PAU05. Be aware that the adapter only works for 2.4 Ghz and for up to 802.11n.

Panda Wireless USB Adapter (PAU05) [only for 2.4Ghz]

Step 4

Connect all parts you need (keyboard, mouse, monitor, power, ...). Plug in power last. Do not remove the SD card while the device is running. You could damage it and corrupt the data, making it unusable. For initial setup an external monitor is needed because of the autologin screen. Connect screen using HDMI cable or suitable adapter. You can later set up the Raspberry to run fully headless [see Step 5]. Full setup

Step 5

The device should boot itself automatically after everything is plugged in. If the red light is blinking, there is a problem with power supply. If the Raspberry does not boot automatically, the green light is not blinking, or the red light is blinking use the following link for troubleshooting.

If your device is running (red LED constant and green LED blinking) but you still get no signal on your monitor, it could be a problem with the configuration. In this case the Raspberry must be switched off, the microSD card removed and inserted back into the adapter, and transferred back to the PC. There you have to manually change the content of the config.txt file. This can be quite time consuming, as each change can only be tested by transferring the microSD card back to the Raspberry and turning it on.

If quality and usability are not important (if you are going to use it headless it doesn't matter), you can just uncomment "hdmi_safe=1" which will boot Kali in safe mode, where only absolutely neccessary services are started. If you want to use the Raspberry at home and need better resolution, you can try to uncomment "config_hdmi_boost=4" or just try around until you find the settings that work your you. Sadly, there is no "one size fits all" here, so good luck.

If it boots successfully, you should see the following

Raspberry Kali Booting Login

User credentials for this image file are kali:kali but it can be subject to change. Earlier versions have also used root:toor so please check before downloading.

Step 6

Do the initial setup using the following commands

 sudo apt update
 sudo apt upgrade -y
 sudo apt dist-upgrade -y

Also change the default password using

 sudo passwd kali

Change default keyboard and timezone [optional]

 nano /etc/default/keyboard
   [change "us" to "de"]
 
 sudo reboot
 sudo timedatectl set-timezone Europe/Vienna

If you want to carry your Raspberry with you for mobile pentesting, you need to make it headless. Do this:

  • enable automatic login (disable login screen)
  • enable remote access (use openssh-server)

To disable the login screen, change the lightDM configuration file (this is the display manager used by Raspberry Kali)

 sudo nano /etc/lightdm/lightdm.conf
 
 [SeatDefaults]
 autologin-user=<username>
 autologin-user-timeout=0

Step 7

Install SSH and set up remote access from your computer or smart phone terminal.

Run the following on the Raspberry

 sudo apt install openssh-server -y

If you want to connect remotely, you need to be able to use a terminal with SSH. For Windows, you can use the Cygwin Terminal. On NIX systems you can just use the terminal. If you use a smart phone with Android, I recommend using the Termux app. You do not need to be sudo to install and connect. SSH into Raspberry Kali using Termux app on Android smart phone

Step 8

Enjoy and use common sense while pentesting. If you want to try WPA/WPA2 PSK cracking, take a look at Aircrack-ng: How to crack WPA/WPA2 passwords. And there is always room for some PixieDust. If you want to add some more ways to make good use of Raspberry Kali, please feel free to do so.

References