はじめに
2024年6月5日、Kali Linux 2024.2 Release (t64, GNOME 46 & Community Packages)の通りにKaliの新しいリリースが公開されています。
今回のリリースでは、2038年問題の対応として、2つの32ビットARMアーキテクチャ(armhfとarmel)のサポートが行われました。なお、Kaliユーザーの大半はamd64を使用しているため、大きな影響はないと思われます。また、デスクトップの変更や新しいツールも追加されています。詳細については、上記公式のブログ記事をご参照ください。
本記事では、今回のアップデート内容の一部について記載しています。
アップデート方法
公式ドキュメントのUpdating Kaliを踏まえて、Kaliのアップデート方法を以下に記載します。
前提として、/etc/apt/sources.listが適切に設定されていることを確認した上で以下のコマンドを実行します。
$ sudo apt update
$ sudo apt full-upgrade -y
上記コマンド実行後、OS再起動を行います。
OS再起動後、/etc/os-releaseファイルを参照してディストリビューションのバージョンが更新されたことを確認します。
$ grep VERSION /etc/os-release
VERSION_ID="2024.2"
VERSION="2024.2"
VERSION_CODENAME=kali-rolling
t64の移行
以下のコマンドを実行すると、t64のサフィックスが付いた多数のパッケージの追加が確認できます。
$ dpkg -l | grep t64
出力例
ii libafflib0t64:amd64 3.7.20-2 amd64 Advanced Forensics Format Library
ii libaio1t64:amd64 0.3.113-8+kali1 amd64 Linux kernel AIO access library - shared library
ii libapr1t64:amd64 1.7.2-3.2 amd64 Apache Portable Runtime Library
ii libaprutil1t64:amd64 1.6.3-2 amd64 Apache Portable Runtime Utility Library
ii libapt-pkg6.0t64:amd64 2.9.2+kali1+b1 amd64 package management runtime library
ii libarchive13t64:amd64 3.7.2-2 amd64 Multi-format archive and compression library (shared library)
ii libarpack2t64:amd64 3.9.1-1.1+b1 amd64 Fortran77 subroutines to solve large scale eigenvalue problems
ii libasound2t64:amd64 1.2.11-1+b1 amd64 shared library for ALSA applications
ii libatk-bridge2.0-0t64:amd64 2.52.0-1 amd64 AT-SPI 2 toolkit bridge - shared library
ii libatk1.0-0t64:amd64 2.52.0-1 amd64 ATK accessibility toolkit
ii libatrildocument3t64 1.26.2-3 amd64 MATE document rendering library
ii libatrilview3t64 1.26.2-3 amd64 MATE document viewing library
ii libatspi2.0-0t64:amd64 2.52.0-1 amd64 Assistive Technology Service Provider Interface - shared library
ii libbson-1.0-0t64 1.27.1-1 amd64 Library to parse and generate BSON documents - runtime files
ii libburn4t64:amd64 1.5.6-1.1 amd64 library to provide CD/DVD/BD writing functions
ii libcdio-cdda2t64:amd64 10.2+2.0.2-1 amd64 library to read and control digital audio CDs
ii libcdio-paranoia2t64:amd64 10.2+2.0.2-1 amd64 library to read digital audio CDs with error correction
ii libcdio19t64:amd64 2.1.0-4.2 amd64 library to read and control CD-ROM
ii libcfitsio10t64:amd64 4.3.1-1.1+b1 amd64 shared library for I/O with FITS format data files
ii libclamav11t64:amd64 1.0.6+dfsg-1 amd64 anti-virus utility for Unix - library
ii libclang-cpp15t64 1:15.0.7-14+b1 amd64 C++ interface to the Clang library
ii libclang-cpp16t64 1:16.0.6-27 amd64 C++ interface to the Clang library
ii libclang-cpp17t64 1:17.0.6-12 amd64 C++ interface to the Clang library
ii libclang1-15t64 1:15.0.7-14+b1 amd64 C interface to the Clang library
ii libclang1-16t64 1:16.0.6-27 amd64 C interface to the Clang library
ii libclang1-17t64 1:17.0.6-12 amd64 C interface to the Clang library
ii libcli1.10t64:amd64 1.10.7-1.1 amd64 emulates a cisco style telnet command-line interface
ii libcrypto++8t64:amd64 8.9.0-1.1 amd64 General purpose cryptographic library - shared library
ii libcups2t64:amd64 2.4.7-1.2+b1 amd64 Common UNIX Printing System(tm) - Core library
ii libcurl3t64-gnutls:amd64 8.7.1-5 amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
ii libcurl4t64:amd64 8.7.1-5 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
ii libdb5.3t64:amd64 5.3.28+dfsg2-7 amd64 Berkeley v5.3 Database Libraries [runtime]
ii libdebuginfod1t64:amd64 0.191-1+b1 amd64 library to interact with debuginfod (development files)
ii libdirectfb-1.7-7t64:amd64 1.7.7-13 amd64 direct frame buffer graphics (shared libraries)
ii libdv4t64:amd64 1.0.0-17.1 amd64 software library for DV format digital video (runtime lib)
ii libdvdread8t64:amd64 6.1.3-1.1 amd64 library for reading DVDs
ii libdw1t64:amd64 0.191-1+b1 amd64 library that provides access to the DWARF debug information
ii libefiboot1t64:amd64 38-3.1 amd64 Library to manage UEFI variables
ii libefivar1t64:amd64 38-3.1 amd64 Library to manage UEFI variables
ii libelf1t64:amd64 0.191-1+b1 amd64 library to read and write ELF files
ii libev4t64:amd64 1:4.33-2.1 amd64 high-performance event loop library modelled after libevent
ii libevent-2.1-7t64:amd64 2.1.12-stable-10 amd64 Asynchronous event notification library
ii libevent-core-2.1-7t64:amd64 2.1.12-stable-10 amd64 Asynchronous event notification library (core)
ii libevent-openssl-2.1-7t64:amd64 2.1.12-stable-10 amd64 Asynchronous event notification library (openssl)
ii libevent-pthreads-2.1-7t64:amd64 2.1.12-stable-10 amd64 Asynchronous event notification library (pthreads)
ii libext2fs2t64:amd64 1.47.1-1 amd64 ext2/ext3/ext4 file system libraries
ii libfcgi0t64:amd64 2.4.2-2.1 amd64 shared library of FastCGI
ii libflac12t64:amd64 1.4.3+ds-2.1 amd64 Free Lossless Audio Codec - runtime C library
ii libfreerdp-client2-2t64:amd64 2.11.5+dfsg1-1 amd64 Free Remote Desktop Protocol library (client library)
ii libfreerdp2-2t64:amd64 2.11.5+dfsg1-1 amd64 Free Remote Desktop Protocol library (core library)
ii libfuse2t64:amd64 2.9.9-8.1 amd64 Filesystem in Userspace (library)
ii libfyba0t64:amd64 4.1.1-11 amd64 FYBA library to read and write Norwegian geodata standard format SOSI
ii libgail18t64:amd64 2.24.33-4 amd64 GNOME Accessibility Implementation Library -- shared libraries
ii libgdal34t64:amd64 3.8.5+dfsg-1+b1 amd64 Geospatial Data Abstraction Library
ii libgdbm-compat4t64:amd64 1.23-5.1+b1 amd64 GNU dbm database routines (legacy support runtime version)
ii libgdbm6t64:amd64 1.23-5.1+b1 amd64 GNU dbm database routines (runtime version)
ii libgeoip1t64:amd64 1.6.12-11.1 amd64 non-DNS IP-to-country resolver library
ii libgeos-c1t64:amd64 3.12.1-3 amd64 Geometry engine for Geographic Information Systems - C Library
ii libgeos3.12.1t64:amd64 3.12.1-3 amd64 Geometry engine for Geographic Information Systems - C++ Library
ii libglib2.0-0t64:amd64 2.80.2-1 amd64 GLib library of C routines
ii libglibmm-2.4-1t64:amd64 2.66.7-1 amd64 C++ wrapper for the GLib toolkit (shared libraries)
ii libgnutls-dane0t64:amd64 3.8.5-2 amd64 GNU TLS library - DANE security support
ii libgnutls30t64:amd64 3.8.5-2 amd64 GNU TLS library - main runtime library
ii libgpgme11t64:amd64 1.18.0-4.1+b1 amd64 GPGME - GnuPG Made Easy (library)
ii libgphoto2-6t64:amd64 2.5.31-2.1+b1 amd64 gphoto2 digital camera library
ii libgphoto2-port12t64:amd64 2.5.31-2.1+b1 amd64 gphoto2 digital camera port library
ii libgtk-3-0t64:amd64 3.24.41-4 amd64 GTK graphical user interface library
ii libgtk2.0-0t64:amd64 2.24.33-4 amd64 GTK graphical user interface library - old version
ii libgtkmm-3.0-1t64:amd64 3.24.9-1 amd64 C++ wrappers for GTK+ (shared libraries)
ii libgts-0.7-5t64:amd64 0.7.6+darcs121130-5.2 amd64 library to deal with 3D computational surface meshes
ii libguestfs0t64:amd64 1:1.52.0-6 amd64 guest disk image management system - shared library
ii libgvm22t64:amd64 22.9.1-1 amd64 remote network security auditor - shared libraries
ii libgxps2t64:amd64 0.3.2-4+b1 amd64 handling and rendering XPS documents (library)
ii libhashkit2t64:amd64 1.1.4-1.1+b1 amd64 libmemcached hashing functions and algorithms
ii libhdf5-103-1t64:amd64 1.10.10+repack-3.3 amd64 HDF5 C runtime files - serial version
ii libhdf5-hl-100t64:amd64 1.10.10+repack-3.3 amd64 HDF5 High Level runtime files - serial version
ii libhfsp0t64 1.0.4-17.1 amd64 Shared library to access HFS+ formatted volumes
ii libhogweed6t64:amd64 3.9.1-2.2 amd64 low level cryptographic library (public-key cryptos)
ii libhwy1t64:amd64 1.0.7-8.1 amd64 Efficient and performance-portable SIMD wrapper (runtime files)
ii libical3t64:amd64 3.0.18-1 amd64 iCalendar library implementation in C (runtime)
ii libieee1284-3t64:amd64 0.2.11-14.1 amd64 cross-platform library for parallel port access
ii libimath-3-1-29t64:amd64 3.1.9-3.1+b1 amd64 Utility libraries from ASF used by OpenEXR - runtime
ii libisofs6t64:amd64 1.5.6.pl01-1.1 amd64 library to create ISO 9660 images
ii libiw30t64:amd64 30~pre9-17 amd64 Wireless tools - library
ii libjxr0t64:amd64 1.2~git20170615.f752187-5.2 amd64 JPEG-XR lib - libraries
ii libkmlbase1t64:amd64 1.3.0-12 amd64 Library to manipulate KML 2.2 OGC standard files - libkmlbase
ii libkmldom1t64:amd64 1.3.0-12 amd64 Library to manipulate KML 2.2 OGC standard files - libkmldom
ii libkmlengine1t64:amd64 1.3.0-12 amd64 Library to manipulate KML 2.2 OGC standard files - libkmlengine
ii libldm-1.0-0t64:amd64 0.2.5-1.1+b1 amd64 library for managing Microsoft Windows dynamic disks
ii libllvm15t64:amd64 1:15.0.7-14+b1 amd64 Modular compiler and toolchain technologies, runtime library
ii libllvm16t64:amd64 1:16.0.6-27 amd64 Modular compiler and toolchain technologies, runtime library
ii libllvm17t64:amd64 1:17.0.6-12 amd64 Modular compiler and toolchain technologies, runtime library
ii libmagic1t64:amd64 1:5.45-3 amd64 Recognize the type of data in a file using "magic" numbers - library
ii libmagickcore-6.q16-7t64:amd64 8:6.9.12.98+dfsg1-5.2 amd64 low-level image manipulation library -- quantum depth Q16
ii libmagickwand-6.q16-7t64:amd64 8:6.9.12.98+dfsg1-5.2 amd64 image manipulation library -- quantum depth Q16
ii libmbedcrypto7t64:amd64 2.28.8-1 amd64 lightweight crypto and SSL/TLS library - crypto library
ii libmemcached11t64:amd64 1.1.4-1.1+b1 amd64 C and C++ client library to the memcached server
ii libminizip1t64:amd64 1:1.3.dfsg-3.1 amd64 compression library - minizip library
ii libmjpegutils-2.1-0t64:amd64 1:2.1.0+debian-8.1 amd64 MJPEG capture/editing/replay and MPEG encoding toolset (library)
ii libmongoc-1.0-0t64 1.27.1-1 amd64 MongoDB C client library - runtime files
ii libmpeg2encpp-2.1-0t64:amd64 1:2.1.0+debian-8.1 amd64 MJPEG capture/editing/replay and MPEG encoding toolset (library)
ii libmpg123-0t64:amd64 1.32.6-3 amd64 MPEG layer 1/2/3 audio decoder (shared library)
ii libmplex2-2.1-0t64:amd64 1:2.1.0+debian-8.1 amd64 MJPEG capture/editing/replay and MPEG encoding toolset (library)
ii libmspack0t64:amd64 0.11-1.1 amd64 library for Microsoft compression formats (shared library)
ii libmtdev1t64:amd64 1.1.6-1.2 amd64 Multitouch Protocol Translation Library - shared library
ii libmtp9t64:amd64 1.1.21-3.1 amd64 Media Transfer Protocol (MTP) library
ii libneon27t64:amd64 0.33.0-1.1+b1 amd64 HTTP and WebDAV client library
ii libneon27t64-gnutls:amd64 0.33.0-1.1+b1 amd64 HTTP and WebDAV client library (GnuTLS enabled)
ii libnetcdf19t64:amd64 1:4.9.2-6 amd64 Interface for scientific data access to large binary data
ii libnetpbm11t64:amd64 2:11.06.01-2 amd64 Graphics conversion tools shared libraries
ii libnettle8t64:amd64 3.9.1-2.2 amd64 low level cryptographic library (symmetric and one-way cryptos)
ii libnids1.21t64:amd64 1.26-2.1+b1 amd64 IP defragmentation TCP segment reassembly library
ii libnorm1t64:amd64 1.5.9+dfsg-3.1 amd64 NACK-Oriented Reliable Multicast (NORM) library
ii libnpth0t64:amd64 1.6-3.1 amd64 replacement for GNU Pth using system threads
ii libntfs-3g89t64:amd64 1:2022.10.3-2 amd64 read/write NTFS driver for FUSE (runtime library)
ii libnvme1t64 1.9-1 amd64 NVMe management library (library)
ii libopenmpt0t64:amd64 0.7.7-1 amd64 module music library based on OpenMPT -- shared library
ii liborc-0.4-0t64:amd64 1:0.4.38-1 amd64 Library of Optimized Inner Loops Runtime Compiler
ii libout123-0t64:amd64 1.32.6-3 amd64 MPEG layer 1/2/3 audio decoder (libout123 shared library)
ii libparted-fs-resize0t64:amd64 3.6-4 amd64 disk partition manipulator - shared FS resizing library
ii libparted2t64:amd64 3.6-4 amd64 disk partition manipulator - shared library
ii libpcap0.8t64:amd64 1.10.4-5 amd64 system interface for user-level packet capture
ii libperl5.38t64:amd64 5.38.2-4 amd64 shared Perl library
ii libpgm-5.3-0t64:amd64 5.3.128~dfsg-2.1 amd64 OpenPGM shared library
ii libpipewire-0.3-0t64:amd64 1.0.6-1+b1 amd64 libraries for the PipeWire multimedia server
ii libpkcs11-helper1t64:amd64 1.29.0-2.1+b1 amd64 library that simplifies the interaction with PKCS#11
ii libpng16-16t64:amd64 1.6.43-5 amd64 PNG library - runtime (version 1.6)
ii libpocl2t64:amd64 5.0-4 amd64 Portable Computing Language library
ii libpoppler-glib8t64:amd64 24.02.0-4 amd64 PDF rendering library (GLib-based shared library)
ii libprotobuf32t64:amd64 3.21.12-8.2 amd64 protocol buffers C++ library
ii libpskc0t64:amd64 2.6.11-3 amd64 OATH Toolkit Libpskc library
ii libpsl5t64:amd64 0.21.2-1.1 amd64 Library for Public Suffix List (shared libraries)
ii libpython3.11t64:amd64 3.11.9-1 amd64 Shared Python runtime library (version 3.11)
ii libpython3.12t64:amd64 3.12.3-1 amd64 Shared Python runtime library (version 3.12)
ii libqt5core5t64:amd64 5.15.10+dfsg-7.2+b1 amd64 Qt 5 core module
ii libqt5dbus5t64:amd64 5.15.10+dfsg-7.2+b1 amd64 Qt 5 D-Bus module
ii libqt5gui5t64:amd64 5.15.10+dfsg-7.2+b1 amd64 Qt 5 GUI module
ii libqt5network5t64:amd64 5.15.10+dfsg-7.2+b1 amd64 Qt 5 network module
ii libqt5sql5t64:amd64 5.15.10+dfsg-7.2+b1 amd64 Qt 5 SQL module
ii libqt5widgets5t64:amd64 5.15.10+dfsg-7.2+b1 amd64 Qt 5 widgets module
ii libqt6core6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 core module
ii libqt6dbus6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 D-Bus module
ii libqt6gui6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 GUI module
ii libqt6network6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 network module
ii libqt6opengl6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 OpenGL module
ii libqt6openglwidgets6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 OpenGL widgets module
ii libqt6printsupport6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 print support module
ii libqt6sql6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 SQL module
ii libqt6test6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 test module
ii libqt6widgets6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 widgets module
ii libqt6xml6t64:amd64 6.4.2+dfsg-21.1+b1 amd64 Qt 6 XML module
ii libradare2-5.0.0t64:amd64 5.9.0+dfsg-2 amd64 libraries from the radare2 suite
ii libraw23t64:amd64 0.21.2-2.1 amd64 raw image decoder library
ii librdmacm1t64:amd64 50.0-2+b1 amd64 Library for managing RDMA connections
ii libreadline8t64:amd64 8.2-4 amd64 GNU readline and history libraries, run-time libraries
ii libreiserfscore0t64 1:3.6.27-7.1+b2 amd64 ReiserFS core library
ii libruby3.1t64:amd64 3.1.2-8.3 amd64 Libraries necessary to run Ruby 3.1
ii libsmi2t64:amd64 0.4.8+dfsg2-17 amd64 library to access SMI MIB information
ii libsnmp40t64:amd64 5.9.4+dfsg-1.1+b1 amd64 SNMP (Simple Network Management Protocol) library
ii libsource-highlight4t64:amd64 3.1.9-4.3 amd64 source highlighting library
ii libspandsp2t64:amd64 0.0.6+dfsg-2.1 amd64 Telephony signal processing library
ii libspatialite8t64:amd64 5.1.0-3+b1 amd64 Geospatial extension for SQLite - libraries
ii libsphinxbase3t64:amd64 0.8+5prealpha+1-17 amd64 Speech recognition tool - shared library
ii libssh2-1t64:amd64 1.11.0-5 amd64 SSH2 client-side library
ii libssl3t64:amd64 3.2.1-3 amd64 Secure Sockets Layer toolkit - shared libraries
ii libstoken1t64:amd64 0.92-1.1+b1 amd64 Software Token for cryptographic authentication - shared library
ii libsyn123-0t64:amd64 1.32.6-3 amd64 MPEG layer 1/2/3 audio decoder (libsyn123 shared library)
ii libtevent0t64:amd64 0.16.1-2 amd64 talloc-based event loop library - shared library
ii libtirpc3t64:amd64 1.3.4+ds-1.3 amd64 transport-independent RPC library
ii libts0t64:amd64 1.22-1.1 amd64 touch screen library
ii libtsk19t64:amd64 4.12.1+dfsg-0kali6 amd64 library for forensics analysis on volume and filesystem data
ii libtss2-esys-3.0.2-0t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtss2-mu-4.0.1-0t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtss2-sys1t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtss2-tcti-cmd0t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtss2-tcti-device0t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtss2-tcti-libtpms0t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtss2-tcti-mssim0t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtss2-tcti-spi-helper0t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtss2-tcti-swtpm0t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtss2-tctildr0t64:amd64 4.0.1-7.2 amd64 TPM2 Software stack library - TSS and TCTI libraries
ii libtumbler-1-0t64:amd64 4.18.1-1.1+b1 amd64 library for tumbler, a D-Bus thumbnailing service
ii liburcu8t64:amd64 0.14.0-3.1 amd64 userspace RCU (read-copy-update) library
ii libusbredirparser1t64:amd64 0.14.0-1 amd64 Parser for the usbredir protocol (runtime)
ii libuv1t64:amd64 1.48.0-4 amd64 asynchronous event notification library - runtime library
ii libv4l-0t64:amd64 1.26.1-4+b1 amd64 Collection of video4linux support libraries
ii libv4lconvert0t64:amd64 1.26.1-4+b1 amd64 Video4linux frame format conversion library
ii libvdeplug2t64:amd64 4.0.1-5.1 amd64 Virtual Distributed Ethernet - Plug library
ii libwebsockets19t64:amd64 4.3.3-1.1 amd64 lightweight C websockets library
ii libwinpr2-2t64:amd64 2.11.5+dfsg1-1 amd64 Windows Portable Runtime library
ii libwireshark17t64:amd64 4.2.5-1 amd64 network packet dissection library -- shared library
ii libwiretap14t64:amd64 4.2.5-1 amd64 network packet capture library -- shared library
ii libwsutil15t64:amd64 4.2.5-1 amd64 network packet dissection utilities library -- shared library
ii libwxbase3.2-1t64:amd64 3.2.4+dfsg-5 amd64 wxBase library (runtime) - non-GUI support classes of wxWidgets toolkit
ii libwxgtk-gl3.2-1t64:amd64 3.2.4+dfsg-5 amd64 wxWidgets Cross-platform C++ GUI toolkit (GTK 3 gl library runtime)
ii libwxgtk3.2-1t64:amd64 3.2.4+dfsg-5 amd64 wxWidgets Cross-platform C++ GUI toolkit (GTK 3 runtime)
ii libxerces-c3.2t64:amd64 3.2.4+debian-1.3 amd64 validating XML parser library for C++
ii libxmlsec1t64:amd64 1.2.39-5+b1 amd64 XML security library
ii libxmlsec1t64-openssl:amd64 1.2.39-5+b1 amd64 Openssl engine for the XML security library
ii libxt6t64:amd64 1:1.2.1-1.2 amd64 X11 toolkit intrinsics library
ii libzbar0t64:amd64 0.23.93-4+b1 amd64 QR code / bar code scanner and decoder (library)
ii libzip4t64:amd64 1.7.3-1.1+b1 amd64 library for reading, creating, and modifying zip archives (runtime)
ii libzvbi0t64:amd64 0.2.42-2 amd64 Vertical Blanking Interval decoder (VBI) - runtime files
ii libzzip-0-13t64:amd64 0.13.72+dfsg.1-1.2+b1 amd64 library providing read access on ZIP-archives - library
Xfceデスクトップの変更
Xfceデスクトップでは、Kali-UndercoverとHiDPIのアップデートが行われました。
これらのアップデートによって安定性が向上し、いくつかのマイナーなバグ修正や最新のデスクトップの改善に対するサポートが強化されています。
Kali-Undercoveは、Kali LinuxのテーマをWindows 10のようなテーマに変更するスクリプトのセットです。Kali Linux 2019.4でリリースされています。
このツールは、公共な場でKali Linuxを使用しているときに不必要な注目を防ぐという目的で作られています。今まで試したことがなかったため、試してみました。
以下のコマンドを実行することで、簡単にWindows 10のようなテーマに変更できます。
$ kali-undercover
トラブルシューティング
元に戻す方法は、再度kali-undercoverコマンドを実行するだけですが、筆者の環境ではタスクバーの表示がWindowsのままで正常に戻らないという事象が発生しました。
対応として、以下の様なことを試しても改善しませんでした。
- Xfceセッションの再起動(
xfce4-session-logout --logout) - デスクトップ環境からログアウトして再起動
- 設定ファイルのリセット(
~/.config/xfce4)
結果的にパネル設定の再読み込み(pkill xfconfd)及びXfceパネルの再起動(xfce4-panel --restart)などを試みて解決しましたが、デスクトップ右上のVPNのIPアドレスが表示されないというトラブルも発生しました。VPNのIPアドレスは、xfce4-genmon-plugin1と呼ばれるxfce4の拡張機能で実現されています。
VPNのIPアドレスは、設定マネージャーを起動して「パネル」の「アイテム」にジェネリックモニターを追加することによって、表示されています。しかし、元々デフォルトで設定されていたスクリプトが分からなくなりました。
対応として、xfce4-genmon-pluginを再インストールして解決しました。
$ sudo apt remove --purge xfce4-genmon-plugin
$ sudo apt install xfce4-genmon-plugin
事象解決後、どの様なスクリプトが設定されたか確認したところ、以下の様なスクリプトが設定されていました。
-
/usr/share/kali-themes/xfce4-panel-genmon-vpnip.sh
#!/bin/sh interface="$(ip tuntap show | cut -d : -f1 | head -n 1)" ip="$(ip a s "${interface}" 2>/dev/null \ | grep -o -P '(?<=inet )[0-9]{1,3}(\.[0-9]{1,3}){3}')" if [ "${ip}" != "" ]; then printf "<icon>network-vpn-symbolic</icon>" printf "<txt>${ip}</txt>" if command -v xclip; then printf "<iconclick>sh -c 'printf ${ip} | xclip -selection clipboard'</iconclick>" printf "<txtclick>sh -c 'printf ${ip} | xclip -selection clipboard'</txtclick>" printf "<tool>VPN IP (click to copy)</tool>" else printf "<tool>VPN IP (install xclip to copy to clipboard)</tool>" fi else printf "<txt></txt>" fi
kali-undercoverコマンドの実行はご注意ください。
参考までにフォーラムの以下スレッドで過去に同様の事象が発生していました。
New Tools
CTFなどで使えそうなツールについて紹介します。
autorecon
AutoReconは、サービスの自動列挙を実行するマルチスレッドネットワーク偵察ツールです。CTFやその他の侵入テスト環境 (OSCPなど)で使用するための時間節約ツールとして設計されています。
以下に実行例を記載します。
- パッケージのインストール
$ sudo apt install autorecon
THMの環境で試してみた結果は以下の通りです。
$ sudo autorecon <Ip address>
出力例
[[*] Scanning target 10.10.190.192
[*] [10.10.190.192/all-tcp-ports] Discovered open port tcp/22 on 10.10.190.192
[*] [10.10.190.192/all-tcp-ports] Discovered open port tcp/80 on 10.10.190.192
[*] [10.10.190.192/all-tcp-ports] Discovered open port tcp/443 on 10.10.190.192
[*] [10.10.190.192/tcp/80/http/vhost-enum] The target was not a hostname, nor was a hostname provided as an option. Skipping virtual host enumeration.
[*] [10.10.190.192/tcp/443/http/vhost-enum] The target was not a hostname, nor was a hostname provided as an option. Skipping virtual host enumeration.
[*] [10.10.190.192/tcp/1443/http/vhost-enum] The target was not a hostname, nor was a hostname provided as an option. Skipping virtual host enumeration.
[*] [10.10.190.192/tcp/8000/http/vhost-enum] The target was not a hostname, nor was a hostname provided as an option. Skipping virtual host enumeration.
[*] [10.10.190.192/tcp/80/http/known-security] [tcp/80/http/known-security] There did not appear to be a .well-known/security.txt file in the webroot (/).
[*] [10.10.190.192/tcp/80/http/curl-robots] [tcp/80/http/curl-robots] There did not appear to be a robots.txt file in the webroot (/).
[*] [10.10.190.192/tcp/443/http/curl-robots] [tcp/443/http/curl-robots] There did not appear to be a robots.txt file in the webroot (/).
[*] [10.10.190.192/tcp/8000/http/known-security] [tcp/8000/http/known-security] There did not appear to be a .well-known/security.txt file in the webroot (/).
[*] [10.10.190.192/tcp/8000/http/curl-robots] [tcp/8000/http/curl-robots] There did not appear to be a robots.txt file in the webroot (/).
[*] [10.10.190.192/tcp/443/http/known-security] [tcp/443/http/known-security] There did not appear to be a .well-known/security.txt file in the webroot (/).
[*] [10.10.190.192/tcp/1443/http/known-security] [tcp/1443/http/known-security] There did not appear to be a .well-known/security.txt file in the webroot (/).
[*] [10.10.190.192/tcp/1443/http/curl-robots] [tcp/1443/http/curl-robots] There did not appear to be a robots.txt file in the webroot (/).
[*] 18:54:04 - There are 16 scans still running against 10.10.190.192
[*] 18:55:04 - There are 15 scans still running against 10.10.190.192
[*] [10.10.190.192/all-tcp-ports] Discovered open port tcp/1338 on 10.10.190.192
[*] 18:56:04 - There are 13 scans still running against 10.10.190.192
[*] [10.10.190.192/top-100-udp-ports] Discovered open port udp/69 on 10.10.190.192
[*] 18:57:04 - There are 11 scans still running against 10.10.190.192
[*] 18:58:04 - There are 11 scans still running against 10.10.190.192
[*] [10.10.190.192/all-tcp-ports] Discovered open port tcp/8000 on 10.10.190.192
[*] 18:59:04 - There are 11 scans still running against 10.10.190.192
[*] 19:00:04 - There are 11 scans still running against 10.10.190.192
[*] [10.10.190.192/all-tcp-ports] Discovered open port tcp/9007 on 10.10.190.192
[*] 19:01:04 - There are 10 scans still running against 10.10.190.192
[*] 19:02:04 - There are 10 scans still running against 10.10.190.192
[*] 19:03:04 - There are 10 scans still running against 10.10.190.192
[*] [10.10.190.192/all-tcp-ports] Discovered open port tcp/1443 on 10.10.190.192
[*] 19:04:04 - There are 9 scans still running against 10.10.190.192
[*] [10.10.190.192/all-tcp-ports] Discovered open port tcp/1883 on 10.10.190.192
[*] 19:05:04 - There are 9 scans still running against 10.10.190.192
[*] 19:06:04 - There are 9 scans still running against 10.10.190.192
[*] 19:07:05 - There are 9 scans still running against 10.10.190.192
[*] [10.10.190.192/tcp/9007/http/vhost-enum] The target was not a hostname, nor was a hostname provided as an option. Skipping virtual host enumeration.
[*] [10.10.190.192/tcp/9007/http/known-security] [tcp/9007/http/known-security] There did not appear to be a .well-known/security.txt file in the webroot (/).
[*] [10.10.190.192/tcp/9007/http/curl-robots] [tcp/9007/http/curl-robots] There did not appear to be a robots.txt file in the webroot (/).
[*] 19:08:05 - There are 12 scans still running against 10.10.190.192
[*] 19:09:05 - There are 11 scans still running against 10.10.190.192
[*] 19:10:05 - There are 11 scans still running against 10.10.190.192
[*] 19:11:05 - There are 11 scans still running against 10.10.190.192
[*] 19:12:05 - There are 11 scans still running against 10.10.190.192
[*] 19:13:05 - There are 11 scans still running against 10.10.190.192
[*] 19:14:05 - There are 11 scans still running against 10.10.190.192
[*] 19:15:05 - There are 11 scans still running against 10.10.190.192
[*] 19:16:05 - There are 11 scans still running against 10.10.190.192
[*] 19:17:05 - There are 11 scans still running against 10.10.190.192
[*] 19:18:05 - There are 11 scans still running against 10.10.190.192
[*] 19:19:05 - There are 11 scans still running against 10.10.190.192
[*] 19:20:05 - There are 11 scans still running against 10.10.190.192
[*] 19:21:05 - There are 11 scans still running against 10.10.190.192
[*] 19:22:05 - There are 11 scans still running against 10.10.190.192
[*] 19:23:05 - There are 11 scans still running against 10.10.190.192
[*] 19:24:05 - There are 11 scans still running against 10.10.190.192
[*] 19:25:05 - There are 11 scans still running against 10.10.190.192
[*] 19:26:05 - There are 11 scans still running against 10.10.190.192
[*] 19:27:05 - There are 11 scans still running against 10.10.190.192
[*] 19:28:05 - There are 9 scans still running against 10.10.190.192
[*] 19:29:05 - There are 8 scans still running against 10.10.190.192
[*] 19:30:05 - There are 8 scans still running against 10.10.190.192
[*] 19:31:05 - There are 8 scans still running against 10.10.190.192
[*] 19:32:05 - There are 8 scans still running against 10.10.190.192
[*] 19:33:05 - There are 8 scans still running against 10.10.190.192
[*] 19:34:05 - There are 8 scans still running against 10.10.190.192
[*] 19:35:05 - There are 8 scans still running against 10.10.190.192
[*] 19:36:05 - There are 8 scans still running against 10.10.190.192
[*] 19:37:05 - There are 8 scans still running against 10.10.190.192
[*] 19:38:05 - There are 8 scans still running against 10.10.190.192
[*] 19:39:05 - There are 8 scans still running against 10.10.190.192
[*] 19:40:06 - There are 8 scans still running against 10.10.190.192
[*] 19:41:06 - There are 8 scans still running against 10.10.190.192
[*] 19:42:06 - There are 8 scans still running against 10.10.190.192
[*] 19:43:06 - There are 8 scans still running against 10.10.190.192
[*] 19:44:06 - There are 8 scans still running against 10.10.190.192
[*] 19:45:06 - There are 8 scans still running against 10.10.190.192
[*] 19:46:06 - There are 8 scans still running against 10.10.190.192
[*] 19:47:06 - There are 8 scans still running against 10.10.190.192
[*] 19:48:06 - There are 8 scans still running against 10.10.190.192
[*] 19:49:06 - There are 5 scans still running against 10.10.190.192
[*] 19:50:06 - There are 5 scans still running against 10.10.190.192
[*] 19:51:06 - There are 5 scans still running against 10.10.190.192
[*] 19:52:06 - There are 5 scans still running against 10.10.190.192
[*] 19:53:06 - There are 5 scans still running against 10.10.190.192
[*] 19:54:06 - There are 5 scans still running against 10.10.190.192
[*] 19:55:06 - There are 5 scans still running against 10.10.190.192
実行中のプロセスの動きです。
$ ps aux | grep 'USER\|autorecon' | grep -v grep
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 3265 0.0 0.0 15976 7152 pts/2 S+ 18:53 0:00 sudo autorecon 10.10.190.192
root 3282 0.0 0.0 15976 2452 pts/5 Ss 18:53 0:00 sudo autorecon 10.10.190.192
root 3283 0.5 0.2 2657708 39144 pts/5 Sl+ 18:53 0:00 /usr/bin/python3 /usr/bin/autorecon 10.10.190.192
$ pstree -p 3283
出力例
autorecon(3283) ─┬─ sh(3286) ─── nmap(3290) ─┬─ {nmap}(3293)
│ ├─ {nmap}(3296)
│ ├─ {nmap}(3299)
│ ├─ {nmap}(3302)
│ ├─ {nmap}(3306)
│ ├─ {nmap}(3309)
│ ├─ {nmap}(3311)
│ ├─ {nmap}(3315)
│ ├─ {nmap}(3319)
│ ├─ {nmap}(3322)
│ └─ {nmap}(3325)
├─ sh(3289) ─── nmap(3292) ─┬─ {nmap}(3294)
│ ├─ {nmap}(3297)
│ ├─ {nmap}(3300)
│ ├─ {nmap}(3303)
│ ├─ {nmap}(3305)
│ ├─ {nmap}(3308)
│ ├─ {nmap}(3312)
│ ├─ {nmap}(3316)
│ ├─ {nmap}(3317)
│ ├─ {nmap}(3321)
│ └─ {nmap}(3324)
├─ sh(3694) ─── feroxbuster(3696) ─┬─ {feroxbuster}(3777)
│ ├─ {feroxbuster}(3778)
│ ├─ {feroxbuster}(3779)
│ ├─ {feroxbuster}(3780)
│ ├─ {feroxbuster}(3781)
│ ├─ {feroxbuster}(3782)
│ ├─ {feroxbuster}(3783)
│ ├─ {feroxbuster}(3784)
│ ├─ {feroxbuster}(3785)
│ ├─ {feroxbuster}(3786)
│ ├─ {feroxbuster}(3787)
│ ├─ {feroxbuster}(3788)
│ ├─ {feroxbuster}(3789)
│ └─ {feroxbuster}(3810)
├─ sh(3706) ─┬─ nikto.pl(3709)
│ └─ tee(3711)
├─ sh(3708) ─── nmap(3712) ─┬─ {nmap}(3746)
│ ├─ {nmap}(3747)
│ ├─ {nmap}(3748)
│ ├─ {nmap}(3749)
│ ├─ {nmap}(3750)
│ ├─ {nmap}(3751)
│ ├─ {nmap}(3752)
│ ├─ {nmap}(3753)
│ ├─ {nmap}(3754)
│ ├─ {nmap}(3755)
│ └─ {nmap}(3756)
├─ sh(3719) ─── feroxbuster(3721) ─┬─ {feroxbuster}(3790)
│ ├─ {feroxbuster}(3791)
│ ├─ {feroxbuster}(3792)
│ ├─ {feroxbuster}(3793)
│ ├─ {feroxbuster}(3794)
│ ├─ {feroxbuster}(3795)
│ ├─ {feroxbuster}(3796)
│ ├─ {feroxbuster}(3797)
│ ├─ {feroxbuster}(3798)
│ ├─ {feroxbuster}(3799)
│ ├─ {feroxbuster}(3800)
│ ├─ {feroxbuster}(3801)
│ ├─ {feroxbuster}(3802)
│ └─ {feroxbuster}(3816)
├─ sh(3731) ─┬─ nikto.pl(3737)
│ └─ tee(3740)
├─ sh(3757) ─── nmap(3758) ─┬─ {nmap}(3761)
│ ├─ {nmap}(3762)
│ ├─ {nmap}(3763)
│ ├─ {nmap}(3764)
│ ├─ {nmap}(3765)
│ ├─ {nmap}(3766)
│ ├─ {nmap}(3767)
│ ├─ {nmap}(3770)
│ ├─ {nmap}(3771)
│ ├─ {nmap}(3772)
│ └─ {nmap}(3773)
├─ sh(3760) ─── sslscan(3768)
├─ sh(3806) ─── feroxbuster(3808) ─┬─ {feroxbuster}(3853)
│ ├─ {feroxbuster}(3854)
│ ├─ {feroxbuster}(3855)
│ ├─ {feroxbuster}(3856)
│ ├─ {feroxbuster}(3857)
│ ├─ {feroxbuster}(3858)
│ ├─ {feroxbuster}(3859)
│ ├─ {feroxbuster}(3860)
│ ├─ {feroxbuster}(3861)
│ ├─ {feroxbuster}(3862)
│ ├─ {feroxbuster}(3863)
│ ├─ {feroxbuster}(3864)
│ ├─ {feroxbuster}(3871)
│ └─ {feroxbuster}(3872)
├─ sh(3820) ─┬─ nikto.pl(3821)
│ └─ tee(3822)
├─ sh(3824) ─── nmap(3825) ─┬─ {nmap}(3839)
│ ├─ {nmap}(3840)
│ ├─ {nmap}(3841)
│ ├─ {nmap}(3842)
│ ├─ {nmap}(3843)
│ ├─ {nmap}(3844)
│ ├─ {nmap}(3845)
│ ├─ {nmap}(3846)
│ ├─ {nmap}(3847)
│ ├─ {nmap}(3848)
│ └─ {nmap}(3849)
├─ sh(3827) ─── sslscan(3829)
├─ sh(3836) ─── feroxbuster(3837) ─┬─ {feroxbuster}(3888)
│ ├─ {feroxbuster}(3889)
│ ├─ {feroxbuster}(3890)
│ ├─ {feroxbuster}(3891)
│ ├─ {feroxbuster}(3892)
│ ├─ {feroxbuster}(3893)
│ ├─ {feroxbuster}(3894)
│ ├─ {feroxbuster}(3895)
│ ├─ {feroxbuster}(3896)
│ ├─ {feroxbuster}(3897)
│ ├─ {feroxbuster}(3898)
│ ├─ {feroxbuster}(3899)
│ ├─ {feroxbuster}(3900)
│ └─ {feroxbuster}(3919)
├─ sh(3880) ─┬─ nikto.pl(3882)
│ └─ tee(3883)
├─ sh(3884) ─── nmap(3885) ─┬─ {nmap}(3906)
│ ├─ {nmap}(3907)
│ ├─ {nmap}(3908)
│ ├─ {nmap}(3909)
│ ├─ {nmap}(3910)
│ ├─ {nmap}(3911)
│ ├─ {nmap}(3912)
│ ├─ {nmap}(3913)
│ ├─ {nmap}(3914)
│ ├─ {nmap}(3915)
│ └─ {nmap}(3916)
├─ {autorecon}(3288)
├─ {autorecon}(3291)
├─ {autorecon}(3695)
├─ {autorecon}(3707)
├─ {autorecon}(3710)
├─ {autorecon}(3720)
├─ {autorecon}(3735)
├─ {autorecon}(3759)
├─ {autorecon}(3769)
├─ {autorecon}(3807)
├─ {autorecon}(3823)
├─ {autorecon}(3826)
├─ {autorecon}(3828)
├─ {autorecon}(3838)
├─ {autorecon}(3881)
└─ {autorecon}(3886)
UDPスキャンはroot権限が必要です。
[!] [10.10.190.192/top-100-udp-ports] UDP scan requires AutoRecon be run with root privileges.
pspy
pspyは、ルート権限を必要とせずにプロセスをスヌープするように設計されたコマンドラインツールです。他のユーザーや cronジョブなどが実行中に実行するコマンドを表示できます。
以下に実行例を記載します。
- パッケージのインストール
$ sudo apt install pspy
以下のコマンドを実行すると、プロセスを標準出力できます。
$ pspy
pspy - version: 1.2.1 - Commit SHA: kali
██▓███ ██████ ██▓███ ▓██ ██▓
▓██░ ██▒▒██ ▒ ▓██░ ██▒▒██ ██▒
▓██░ ██▓▒░ ▓██▄ ▓██░ ██▓▒ ▒██ ██░
▒██▄█▓▒ ▒ ▒ ██▒▒██▄█▓▒ ▒ ░ ▐██▓░
▒██▒ ░ ░▒██████▒▒▒██▒ ░ ░ ░ ██▒▓░
▒▓▒░ ░ ░▒ ▒▓▒ ▒ ░▒▓▒░ ░ ░ ██▒▒▒
░▒ ░ ░ ░▒ ░ ░░▒ ░ ▓██ ░▒░
░░ ░ ░ ░ ░░ ▒ ▒ ░░
░ ░ ░
░ ░
Config: Printing events (colored=true): processes=true | file-system-events=false ||| Scanning for processes every 100ms and on inotify events ||| Watching directories: [/usr /tmp /etc /home /var /opt] (recursive) | [] (non-recursive)
Draining file system events due to startup...
done
2024/06/09 20:17:21 CMD: UID=1000 PID=44595 | pspy
2024/06/09 20:17:21 CMD: UID=0 PID=44514 |
2024/06/09 20:17:21 CMD: UID=0 PID=43384 |
2024/06/09 20:17:21 CMD: UID=0 PID=43211 |
2024/06/09 20:17:21 CMD: UID=0 PID=43096 |
2024/06/09 20:17:21 CMD: UID=1000 PID=41239 | bash
おわりに
今回も魅力的なツールがたくさん追加されていました。
kali-undercoverの挙動については予想外だったため、新しいことを試す場合は気を付けたいと思います。
-
スクリプト/プログラムが定期的に実行されるこその出力結果をパネルに表示する ↩