7MS #586: DIY Pentest Dropbox Tips – Part 8

Today, sadly, might be the last episode of DIY pentest dropbox tips for a while because I found (well, ChatGPT did actually) the missing link to 100% automate a Kali Linux install! Check episode #449 for more info on building your Kali preseed file, but essentially the last line in my file runs a kali.sh script to download/install all the pentest tools I want. The "missing link" part is I figured out how to get Kali to reboot and then run a script one time to complete all the post-install stuff. So at the bottom of my kali.sh is this:

sudo wget https://somesite/kali-docker.sh -O /opt/kali-docker.sh
sudo chmod +x /opt/kali-docker.sh
sudo touch /flag
sudo wget https://somesite/docker.service -O /etc/systemd/system/mydocker.service
sudo systemctl daemon-reload
sudo systemctl enable mydocker.service

The contents of docker.service are:

[Unit]
Description=Docker install

[Service]
Type=simple
ExecStart=/opt/kali-docker.sh

[Install]
WantedBy=multi-user.target

The beginning and end snippets of kali-docker.sh are:

#!/bin/bash

flag_file="/flag"

if [ -e "$flag_file" ]; then

# get bbot
sudo docker run -it blacklanternsecurity/bbot:stable --help

# Do a bunch of other install things...

<snip snip...and now paste the end of the file>

rm "$flag_file"

else
	echo "Script already ran before.  Exiting"
fi

So essentially the work flow is: kali.sh runs, downloads and installs kali-docker.sh, and also installs a service that runs kali-docker.sh on each reboot. But when kali-docker.sh runs, it checks for the presence of a file called /flag. If /flag exists, all the post-install commands will run. If it does not exist, those commands won't run. Simple, yet genius I think!