Ultimate Pentesting PwnBox (2013) - Utilite Pro
We’re always on the lookout for and interesting ARM hardware for Kali Linux. Whether it’s a Galaxy Note or a USB stick sized SS808, we want to see Kali run on it. You can therefore imagine our excitement, when we first laid our eyes on the Utilite pro.
Utilite Pro is a quad core ARM cortex-A9 machine with up to 4 GB of RAM, up to 512 GB mSATA SSD, HDMI and DVI-D output, dual (2x) 1GB nics, a built in wireless card and 4 USB ports. And its fanless. With those type of specs, this little beauty was unlikely to skip our radars. We wanted Kali Linux on that baby, real bad.
We took this opportunity to create and publish the OffSec Kali Linux contributed ARM images, and thought we’d demonstrate the use of these scripts, and show you how to get Kali Linux on the Utilite Pro. From there, the options are endless.
The Utilite Pro came with Ubuntu preinstalled. The first thing we wanted to do, is update the machines uBoot bootloader image, to allow for support of 1.8V microSD cards:
[email protected]:~# apt-get install mtd-utils [email protected]:~# git clone https://gitlab.com/kalilinux/build-scripts/kali-uboot-images.git uboot [email protected]:~/uboot# ./cm-fx6-bootloader-update.sh CompuLab CM-FX6 (Utilite) boot loader update utility 1.1 (Nov 25 2013) >> Checking for utilities... >> ...Done >> Board CPU: mx6q >> Board DRAM: 2gb >> Looking for boot loader image file: cm-fx6-u-boot-mx6q-2gb >> ...Found >> Looking for SPI flash: mtd0 >> ...Found >> Current U-Boot version in SPI flash: U-Boot 2009.08-cm-fx6-0.87+tools (Oct 06 2013 - 13:46:27) >> New U-Boot version in file: (248K) >> Proceed with the update? 1) Yes 2) No #? Yes ** Do not power off or reset your computer!!! >> Erasing SPI flash... Erasing 4 Kibyte @ bf000 -- 100 % complete >> ...Done >> Writing boot loader to the SPI flash... ........... >> ...Done >> Checking boot loader in the SPI flash... . >> ...Done >> Boot loader update succeeded! [email protected]:~/uboot#
Once that was done, we whipped out our OffSec Trusted Contributed ARM image scripts, and let our Utilite image builder script loose. On a separate 32 bit Kali Linux machine, we set up all the pre-requisites to build our ARM image, and make sure we have at least 10GB of free space. We start with downloading and setting up the ARM cross compiler and the build scripts:
[email protected]:~# git clone https://gitlab.com/kalilinux/build-scripts/kali-arm.git Cloning into 'kali-arm-build-scripts'... remote: Counting objects: 95, done. remote: Compressing objects: 100% (57/57), done. remote: Total 95 (delta 62), reused 70 (delta 37) Unpacking objects: 100% (95/95), done. [email protected]:~# git clone https://gitlab.com/kalilinux/packages/gcc-arm-linux-gnueabihf-4-7.git Cloning into 'gcc-arm-linux-gnueabihf-4.7'... remote: Counting objects: 5839, done. remote: Compressing objects: 100% (3105/3105), done. remote: Total 5839 (delta 2559), reused 5837 (delta 2559) Receiving objects: 100% (5839/5839), 74.64 MiB | 3.38 MiB/s, done. Resolving deltas: 100% (2559/2559), done. [email protected]:~#
Once that’s done, we next run the build-deps scripts, which will install all the dependencies required for the build:
[email protected]:~# cd kali-arm-build-scripts/ [email protected]:~/kali-arm-build-scripts# ./build-deps.sh Reading package lists... Done Building dependency tree Reading state information... Done abootimg is already the newest version. ...
Now with everything in place, we kick off our Utilite image builder script, and go for a coffee, or six. The script requires a version parameter for the image, which is something we use to tag our ARM image versions. Once ready, you should get a *full* Kali Linux image which can then be dd’ed to a microSD card. Of course, you are encouraged to read the build script, and edit any installation parameters or packages to your needs:
[email protected]:~/kali-arm-build-scripts# ./utilite.sh 1.0 I: Retrieving Release I: Retrieving Release.gpg I: Checking Release signature I: Valid Release signature (key id 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6) I: Retrieving Packages I: Validating Packages I: Resolving dependencies of required packages... I: Resolving dependencies of base packages... ... ... ... Cloning into 'firmware'... remote: Counting objects: 874, done. remote: Compressing objects: 100% (685/685), done. remote: Total 874 (delta 181), reused 849 (delta 167) Receiving objects: 100% (874/874), 30.17 MiB | 4.84 MiB/s, done. Resolving deltas: 100% (181/181), done. del devmap : loop0p2 del devmap : loop0p1 Removing temporary build files Generating sha1sum for kali-1.0-utilite.img Compressing kali-1.0-utilite.img Generating sha1sum for kali-1.0-utilite.img.xz [email protected]:~/kali-arm-build-scripts#
Once the image is ready, you can find it in the utlite subdirectory created by the script:
[email protected]:~/kali-arm-build-scripts# ls -l utilite-1.0/ total 334720 -rw-r--r-- 1 root root 63 Dec 7 23:48 kali-1.0-utilite.img.sha1sum -rw-r--r-- 1 root root 342742176 Dec 7 23:52 kali-1.0-utilite.img.xz -rw-r--r-- 1 root root 66 Dec 7 23:53 kali-1.0-utilite.img.xz.sha1sum [email protected]:~/kali-arm-build-scripts#
Extract the compressed image file, and dd it to the microSD card (in our case, sdb). Once done, pop the microSD card into the Utilite, and boot it up!
[email protected]:~/kali-arm-build-scripts# cd utilite-1.0/ [email protected]:~/kali-arm-build-scripts/utilite-1.0# 7z x kali-1.0-utilite.img.xz 7-Zip  9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18 p7zip Version 9.20 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,4 CPUs) Processing archive: kali-1.0-utilite.img.xz Extracting kali-1.0-utilite.img Everything is Ok Size: 7340032000 Compressed: 342742176 [email protected]:~/kali-arm-build-scripts/utilite-1.0# dd if=kali-1.0-utilite.img of=/dev/sdb bs=1M
Once booted, you can log into the Utlite image with root / toor credentials:
[email protected]:~# uname -a Linux kali 3.0.35-cm-fx6-4 #1 SMP Sat Dec 7 23:47:48 EST 2013 armv7l GNU/Linux [email protected]:~# cat /proc/cpuinfo Processor : ARMv7 Processor rev 10 (v7l) processor : 0 BogoMIPS : 790.52 processor : 1 BogoMIPS : 790.52 processor : 2 BogoMIPS : 790.52 processor : 3 BogoMIPS : 790.52 Features : swp half thumb fastmult vfp edsp neon vfpv3 CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x2 CPU part : 0xc09 CPU revision : 10 Hardware : Compulab CM-FX6 Revision : 63012 Serial : 0b0991d4d81917c9 [email protected]:~# cat /proc/meminfo MemTotal: 2006440 kB MemFree: 1922864 kB ....