Our last blog post on the Kali Linux site discussed implementing some cool scenarios with Kali Linux such as remote unattended installations, creating custom Kali Linux ISOs, and getting Kali working on funky ARM hardware.
We received several emails from people asking for more information on how to implement these scenarios, so we thought we’d make a few blog posts with more detailed examples. Today, we will look into preforming customized, unattended PXE network installations of Kali Linux and creating remote “Penetration Testing Kali Agents”.
One of the little-known features of Kali Linux is that it supports unattended installations over a network. This feature allows for easy deployment of custom Kali Linux instances that do not require any manual intervention during the installation process.
Before dealing with unattended installs, you will first want to follow the instructions for a Kali Linux Network PXE Install to get all of the major components ready. Once your PXE server is all configured, you’re ready to move on and get ready to automate your installations.
Before you start the installation, place a preseed.cfg file on a web server that will be available to the machine you are trying to install. You can use the preseed file shown below as a starting point. In our example, the web server serving the preseed file is located on the same network as the machine being installed, with the IP address: 192.168.101.54.
The sample preseed file above will install a limited subset of tools, specifically openssh-server, openvas, metasploit, and nano. You can feel free to change this as needed, adding or removing whatever tools you like. Take particular note of the last section of the preseed file, which allows you to run post installation scripts. In our case, we run an additional post install script, postseed.sh, which is located on the same web root directory as the preseed.cfg file. The postseed.sh script enters an SSH key into the image and makes sure that all our desired services will start at boot time.
To avoid having to enter the boot parameters for the preseed install on every boot, you can simply edit the /tftpboot/debian-installer/amd64/boot-screens/txt.cfg file to look like the following. Do not forget to update the URL of the preseed file:
Boot up the target computer and initiate a PXE boot; the Kali Linux boot prompt should appear before you. Choosing the “Unattended Install” option should start and finish the entire Kali installation without any intervention required.