Tuesday, January 17, 2017

Installing Kali Linux on a Checkpoint 750 SMB Gaia Emebedded Firewall


This blog has moved to Spikefish Solutions Blog


Hi all! Its been a little while since I posted something. I've had a little side project I've been working and I just got everything setup. I have a different write up describing how to install a Debian (ehem stable) chroot on a SD card in a Checkpoint SMB 750 running Gaia Emebedded. Well, I found an easier way to do this. Basically install your favorite Debian based OS (Debian or. um.. how about Kali Rolling!? ok ok I'm pretty sure Ubuntu would work also) on a VM and install the debootstrap package (apt-get install debootstrap).

BTW i'm assuming you have a SD card and that its formatted for a Linux file system on in. Oh right...sorry I forgot the 750 doesn't have a file system util; we'll cover how to address that also.

First lets assume you've installed Kali somewhere.. maybe a VM, booted up and logged in. Take a look at /etc/apt-sources.list. I see this.

deb http://http.kali.org/kali kali-rolling main non-free contrib

The important part is the URL and the kali-rolling. This is where to get the files and which version.

The following command will grab everything and put it in ~/kail-chroot, extract it, but not complete the install (--foreign). Also note its downloading the arm binaries.

debootstrap --arch armhf --foreign kali-rolling kali-chroot http://http.kali.org/kali

After a few mins and a lot of stuff on the screen about packages you'll have a folder called ~/kail-chroot.

# formating SD card. Skip to #finish installing kali if you already have a linux file system on the sd card.

Now.. first thing we need to do is reformat that pesky sd car if you haven't already.

Grab, hopefully, all the files needed to run mke2fs from kali-choot

tar -zcvf mke2fs.tgz kali-chroot/sbin/ kali-chroot/bin/ kali-chroot/lib/ kali-chroot/etc/ kali-chroot/root/

copy mke2fs.tgz to your firewall and put it in /storage using scp or whatever. We're just using this as a temp holding area so that we can run mke2fs

On the firewall run the following.

cd /storage
tar -zxvf mke2fs.tgz
mkdir storage/kali-chroot/dev
cp /dev/sda* /storage/kali-chroot/dev/
umount /dev/sda1
chroot /storage/kali-chroot

At this point you should see

I have no name!@FW750:/#

Thats ok, fdisk -l /dev/sda should show some info about the sd card most likely a msdos filesystem. If the umount give filesystem busy or something like that open the webui on your firewall and "Logs and Monitoring" -> Options -> "Eject SD card safely" and the umount should work.. or it will already be unmounted.

Now you can format the sd card with ext3 or ext4. I went with ext3 for basically no good reason (or because i thought this was an 1100 that doesn't support ext4 take, take your pick).

Assuming everything is umounted run the following to format with ext3 (or change to ext4).

mke2fs -t ext3 /dev/sda1
mount /dev/sda1 /mnt/sd

lots of stuff later and you have a ext3 (or 4) filesystem! This is good because it can repair itself (angy look for no fsck) and its a real linux filesystem.

You can now delete /storage/kali-chroot if you want.

# finish installing kali!

ok back on your kali install VM or where ever you installed it.

Make a new tar file that will include the full kali we downloaded earlier.

tar -zcvf kali-choot.tgz kali-chroot/

upload kali-chroot.tgz to /mnt/sd/

Back to the firewall.. and uncompress everything.

cd /mnt/sd
tar -zxvf kali-choot.tgz

Login to the chroot

chroot /mnt/sd/kali-chroot bash -l

if you see something like this.. its game on!

[Expert@FW]# chroot /mnt/sd/kali-chroot bash -l

Now finish the installer!

[Expert@FW]# ./debootstrap/debootstrap --second-stage

lots of stuff will fly by.. unpacking, installing, etc.

That,s basically it! Now you have a kali install on your firewall. I should point out its a very minimal install. Also there maybe utilities that come with kali that won't work for a lot of reasons (no memory being a big one). 
I left out a final step. You need to mount proc and sysfs!
If you're inside the jail run this.
mount -t proc proc /proc
mount -t sysfs sysfs /sys
If you outside of the jail
mount -t proc proc /mnt/sd/kali-chroot/proc
mount -t sysfs sysfs /mnt/sd/kali-chroot/sys
Also be sure to add the following to the startup script. This way this gets mounted on start of the firewall (assuming you want to, which i do)

# mount sda1 because mounting happens after startup script.
mount /dev/sda1 /mnt/sd
mount -t proc proc /mnt/sd/kali-chroot/proc
mount -t sysfs sysfs /mnt/sd/kali-chroot/sys

Now i'm sure you're thinking.. what is this point of this? I'll get to that real soon My G^2.  

No comments:

Post a Comment

Danger Will Robinson!