Booting Kali Over HTTP

Booting Kali Over HTTP

The basic premise involves using the Kali Live kernel and initrd for booting, while calling the Kali root filesystem through an HTTP URI. The initial boot process can take place over the network (via PXE) or a minimal Kali Linux USB/CD – while the remote root filesystem is a squashfs image served over HTTP via an Apache server.

In this example, the initial kernelboot via PXE and we will obtain the kernel, initrd, and squashfs filesystem we need for this exercise from a full Kali Linux release ISO from within the “live” directory. We copy the initrd and kernel into the TFTP root folder, while the squashfs file goes into the web root:

mkdir /mnt/iso
mount -o loop kali-linux-1.1.0a-amd64.iso /mnt/iso/
cp /mnt/iso/live/{initrd.img,vmlinuz} /tftpboot/
cp /mnt/iso/live/filesystem.squashfs /var/www/
apachectl start

In this example, we’ll obtain the kernel, initrd, and squashfs filesystem from a full Kali Linux Bootable ISO (in the “live” directory) and then proceed to boot the kernel and initrd over PXE. Once the Kali boot screen appears, we need to alter a few boot parameters as shown in the screen shot below:

As the squashfs filesystem loads to RAM, the filesystem itself can’t be larger than the amount of RAM available on the computer – meaning that for booting a standard Kali ISO as shown above, we’d need at least 4 GB of RAM. Of course, this can be remedied by making a smaller, custom Kali ISO images, perhaps with different toolsets and uses.

Source : offensive security