Installing a persistent Kali Linux Live (from Linux)

Background:

(((Scroll to / Control+F 'Process' for the required steps.)))

I have been trying for the last month or so to install a persistent security distro on a flash drive. My original issue was that I simply did not have a USB drive with enough space. My old keys broke, and those remaining were at about 4GB each, not enough to have any reasonable amount of space. Why are they so floppy flimsy‽ I cri. I cri.

Oh, thanks ^_^/.

After finally acquiring a flash drive with enough space (Thanks Wes!), I began the process of trying to install BackBox, but even though it would install and sometimes even load, it had no persistence. I then tried various ways of setting up persistence, such as using a casper file, making the bootable USB using various programs in both Windows and Linux (Lili, Rufus, Unetboot, Startup Disk Creator, dd, etc), and even manually creating a "persistence" ext4 partition. None of them was able to save files past a reboot.

It was suggested that I try Kali instead (Thanks Steve!), because most of the reason I used Backbox was size and I now have a 32GB flash drive. I was sceptical because I am used to Backbox and will need to learn a new OS--the last time I used Kali it was still BackTrack--but Kali has also been updated much more recently than Backbox and thus I assume may have more support for various issues.

Upon attempting the same as the above for Kali; I could not even get the operating system to load. I downloaded Kali two times (torrent), to see if the file was an issue. In the end I found a process that worked, and when I finally got it up and running, and triple checked the persistence and stability, J0hnny told me I should post about it, so I'm going to start a series on random stuff like this!
Anyway, the process that worked is below, but first here are some error messages and what I think they meant.

Things I Learned / Errors: 

The Startup Disk Creator program is only for Ubuntu isos and will throw an error:
An uncaught exception was raised: Invalid version string 'GNU/LINUX'

You need to disable Secure Boot in the BIOS or you will see:
Selected Boot Image Did Not Authenticate
I have not yet figure out why Backbox does not require this, but Kali does, you'd think they'd be the same. Here is a handy website for on-boot function keys in a nifty table. I am using an HP Spectre x360, so F10 for bios and F9 for the boot selection screen.

Process (AKA Get Dunked On, Struggle!):

 

http://docs.kali.org/downloading/kali-linux-live-usb-install followed immediately by http://docs.kali.org/downloading/kali-linux-live-usb-persistence
These contain the only commands I've found which seemed to have written Kali in a way where it would boot on my laptop and retain information after a reboot.
Here are my specific steps, followed again as I am writing this guide May 9th 2017.

1. (Optional) Remove all partitions from the drive.
2. Make sure you know your drive location [$ sudo fdisk -l] and that it is mounted.
3. $ sudo dd if=kali-linux-xfce-2017.1-amd64.iso of=/dev/sdb bs=512k
1. if is the input file, so make sure it points to the exact location of your iso.
2. My drive was in /dev/sdb, note that this does not point to sdb1 or any other specific partition. I believe (thanks to J0hnny) that is one of the reasons this worked over the other guides.
3. Definitely change this command, I'm using kali xfce for reasons that you likely are not. Tab completion is your friend, as always.
4. This actually installs Kali, so if you don't need persistence, you can stop here.
• You could even grab a coffee, reboot your system, or go to the bathroom right now!
4. su
1. type yo' root password!
5. end=7gb
6. read start _ < <(du -bcm kali-linux-xfce-2017.1-amd64.iso | tail -1); echo $start
1. Ctrl+shift+v if you don't remember how to paste into a terminal.
2. You should see a number as output.
7. parted /dev/sdb mkpart primary $start $end  
1. If the response includes '...the closest location we can manage...' and it doesn't seem suspect (where suspect is something like two equal numbers, which happened when I had incorrectly partitioned the drive: start over) then confirm.
2. If it says 'the resulting partition is not properly aligned for best performance', you can ignore that.
3. You'll likely see 'Information: You may need to update /etc/fstab'. For some reason I thought this meant I broke something, but it is fine.
4. When this is done you should have 3 partitions on /dev/sdb. If you have fewer or more (and I have messed this up in both directions): start over. You can check this with fdisk -l since you are probably still the superuser. If you aren't: do an su again for the next set of commands.
8. mkfs.ext3 -L persistence /dev/sdb3
9. e2label /dev/sdb3 persistence
10. mkdir -p /mnt/hostd
11. mount /dev/sdb3 /mnt/hostd 
12. echo "/ union" > /mnt/hostd/persistence.conf 
13. umount /dev/sdb3 
1. I actually received a 'not mounted' once, but everything still worked that time. You probably shouldn't see that, though :P.

Restart and you're good to go!

 

Now, go Hack the Planet 

 

Upcoming projects

Learning about passwords and rules in JTR (jumbo edition) and Hashcat. Already made great progress thanks to people in the Burbsec Slack channel!

Getting a chromebook for conferences (an amazing suggestion by the aforementioned Steve,) so I can have a dedicated machine. I'm tweaking this installation now and will end up permanently installing it on the machine. I am currently looking at this model: ASUS C100PA-DB01 Chromebook Flip. This means there will likely be a post on installing Kali to a chromebook in a few months.