├── README.md ├── conwifi ├── musb └── uusb /README.md: -------------------------------------------------------------------------------- 1 | # Kali WSL2 - Custom Kernel and `rtl8812au` driver installation 2 | 3 | :pushpin: This tutorial demonstrates how to build and use a custom kernel for WSL2 distros. 4 | 5 | ## Setup Kali WSL2 6 | 7 | * Disable password prompt when using `sudo` command : 8 | ``` 9 | echo "kevin ALL=(ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers.d/010_kevin-nopasswd > /dev/null 10 | ``` 11 | 12 | * Update the system : 13 | ``` 14 | sudo apt update && sudo apt upgrade 15 | ``` 16 | 17 | * Install useful packages : 18 | ``` 19 | sudo apt install bash-completion build-essential gcc g++ avr-libc avrdude default-jre default-jdk git clang make nano xz-utils usbip wget 20 | source .bashrc 21 | ``` 22 | 23 | * Install Kali packages : 24 | ``` 25 | sudo apt install kali-linux-large 26 | ``` 27 | 28 | * Setup remote access : 29 | ``` 30 | sudo apt install kali-win-kex 31 | kex --esm -s 32 | ``` 33 | 34 | ## Build and install a custom WSL2 kernel 35 | 36 | * Install required packages : 37 | ``` 38 | sudo apt install flex bison libssl-dev libelf-dev git dwarves bc 39 | ``` 40 | 41 | * Download official WSL2 kernel and prepare the installation : 42 | ``` 43 | wget https://github.com/microsoft/WSL2-Linux-Kernel/archive/refs/tags/linux-msft-wsl-$(uname -r | cut -d- -f 1).tar.gz 44 | tar -xvf linux-msft-wsl-$(uname -r | cut -d- -f 1).tar.gz 45 | cd WSL2-Linux-Kernel-linux-msft-wsl-$(uname -r | cut -d- -f 1) 46 | cat /proc/config.gz | gunzip > .config 47 | make prepare modules_prepare -j $(expr $(nproc) - 1) 48 | ``` 49 | 50 | * Open the kernel's configuration menu to add `cfg80211` wireless modules (802.11 protocols) : 51 | ``` 52 | make menuconfig -j $(expr $(nproc) - 1) 53 | ``` 54 | 55 | * Build and install modules : 56 | ``` 57 | make modules -j $(expr $(nproc) - 1) 58 | sudo make modules_install 59 | make -j $(expr $(nproc) - 1) 60 | sudo make install 61 | ``` 62 | Note : Kernel headers are going to be installed in the `/lib/modules/` directory. 63 | 64 | * Copy the built kernel image to `C:\Users\\` : 65 | ``` 66 | cp vmlinux /mnt/c/Users/Kevin/ 67 | ``` 68 | 69 | * Create a `.wslconfig` file to declare the new kernel : 70 | ``` 71 | nano /mnt/c/Users/Kevin/.wslconfig 72 | ``` 73 | 74 | * Paste the following content into this file : 75 | ``` 76 | [wsl2] 77 | kernel=C:\\Users\\Kevin\\vmlinux 78 | ``` 79 | 80 | * Switch to Powershell and shutdown running WSL2 distros : 81 | ``` 82 | wsl --shutdown 83 | ``` 84 | :triangular_flag_on_post: When a WSL2 distro will be rebooted, the default WSL2 kernel located in `C:\Windows\System32\lxss\tools\kernel` will be replaced by the newly built kernel. 85 | 86 | ## Compile and load a kernel module 87 | 88 | Note : This example illustrates how to build and load the `rtl8812au` module to the WSL2 kernel. 89 | 90 | * Clone the `aircrack-ng/rtl8812au` Github repository : 91 | ``` 92 | git clone https://github.com/aircrack-ng/rtl8812au 93 | cd rtl8812au 94 | ``` 95 | 96 | * Build the module with the new kernel headers : 97 | ``` 98 | sudo make 99 | ``` 100 | :white_check_mark: This commands generates a `.ko` file which correspond to the built module. 101 | :warning: The headers must be installed in the `/lib/modules/$(uname -r)/build` directory. 102 | You can check your WSL2 version by running `uname -r`. 103 | 104 | Test : Enable `cfg80211` and `88XXau.ko` modules : 105 | ``` 106 | sudo modprobe cfg80211 107 | sudo insmod 88XXau.ko 108 | lsmod 109 | ``` 110 | :warning: `cfg80211` module must be loaded before `88XXau.ko`. 111 | 112 | * Install the module : 113 | ``` 114 | sudo mkdir -p /lib/modules/$(uname -r)/kernel/drivers/net/wireless 115 | sudo make install 116 | ``` 117 | Note : Now, `sudo modprobe 88XXau` command will work. 118 | 119 | * Enable the module : 120 | ``` 121 | sudo modprobe 88XXau 122 | ``` 123 | 124 | ## Load modules at boot time 125 | 126 | * Add modules that need to be loaded at boot time to the `/etc/modules-load.d/` directory : 127 | ``` 128 | echo "cfg80211" | sudo tee -a /etc/modules-load.d/cfg80211.conf 129 | echo "88XXau" | sudo tee -a /etc/modules-load.d/88XXau.conf 130 | ``` 131 | :warning: Don't add `.ko` extension to the module name. 132 | 133 | ## Wi-Fi adapter connection using `rtl8812au` driver : 134 | 135 | * Attach a USB device using `usbip` : 136 | ``` 137 | sudo usbip list --remote= 138 | sudo usbip attach --remote= --busid= 139 | ip a 140 | ``` 141 | 142 | * Install `aircrack-ng` packages : 143 | ``` 144 | sudo apt install aircrack-ng pciutils 145 | ``` 146 | 147 | * Set the adapter in monitor mode : 148 | ``` 149 | sudo airmon-ng 150 | sudo ip link set wlan0 stop 151 | sudo airmon-ng start wlan0 152 | ``` 153 | 154 | * Search WEP networks with `airodump-ng` : 155 | ``` 156 | sudo airodump-ng wlan0 --encrypt WEP 157 | ``` 158 | 159 | * Test wireless packet injection : 160 | ``` 161 | sudo aireplay-ng -9 -e [SSID] -a [BSSID] --ignore-negative-one wlan0 162 | ``` 163 | 164 | * Capture IVs and decode WEP key : 165 | ``` 166 | sudo besside-ng -c 11 -b 82:A9:40:96:BE:48 wlan0 167 | ``` 168 | 169 | * Launch `aircrack-ng` to crack WEP key : 170 | ``` 171 | sudo aircrack-ng wep.cap 172 | ``` 173 | 174 | * Disable monitor mode on `wlan0` interface : 175 | ``` 176 | airmon-ng stop wlan0 177 | ``` 178 | 179 | * Detach USB device : 180 | ``` 181 | sudo usbip port 182 | sudo usbip detach --port= 183 | ``` 184 | 185 | ## Create `usbip` scripts 186 | 187 | ### Attach a USB device 188 | 189 | * Create and edit a file called `musb` : 190 | ``` 191 | nano musb 192 | ``` 193 | 194 | * Add the following content to this file : 195 | ``` 196 | #!/bin/bash 197 | 198 | if ! [ $(id -u) = 0 ]; then 199 | echo "The script need to be run as root." >&2 200 | exit 1 201 | fi 202 | 203 | echo "Enter the IP address of the foreign device :" 204 | read ip 205 | 206 | echo "" 207 | usbip list -r $ip 208 | 209 | echo "Enter the name of the shared USB device to import :" 210 | read usb 211 | 212 | echo "" 213 | usbip attach -r $ip -b $usb 214 | 215 | sleep 1 216 | usbip port 217 | ``` 218 | 219 | * Add execution permissions to the file : 220 | ``` 221 | chmod +x musb 222 | ``` 223 | 224 | * Run the script : 225 | ``` 226 | sudo ./musb 227 | ``` 228 | 229 | ### Detach a USB device 230 | 231 | * Create and edit a file called `musb` : 232 | ``` 233 | nano uusb 234 | ``` 235 | 236 | * Add the following content to this file : 237 | ``` 238 | #!/bin/bash 239 | 240 | if ! [ $(id -u) = 0 ]; then 241 | echo "The script need to be run as root." >&2 242 | exit 1 243 | fi 244 | 245 | usbip port 246 | 247 | echo "" 248 | echo "Enter the USB device to detach :" 249 | read usb 250 | 251 | echo "" 252 | usbip detach -p $usb 253 | 254 | sleep 1 255 | usbip port 256 | ``` 257 | 258 | * Add execution permissions to the file : 259 | ``` 260 | chmod +x uusb 261 | ``` 262 | 263 | * Run the script : 264 | ``` 265 | sudo ./uusb 266 | ``` 267 | 268 | ## References 269 | 270 | * [Microsoft Github Repository - WSL2-Linux-Kernel](https://github.com/microsoft/WSL2-Linux-Kernel) 271 | * [WSL2 `/lib/modules` Stack Exchange Discussion](https://unix.stackexchange.com/questions/594470/wsl-2-does-not-have-lib-modules) 272 | * [Github Gist - Custom WSL2 Kernel Build](https://gist.github.com/charlie-x/96a92aaaa04346bdf1fb4c3621f3e392) 273 | * [`RTL8812AU` Driver Installation On RPI](https://raspberrypi.stackexchange.com/questions/120134/install-drivers-for-rtl8812au-for-raspibian-kernel-5-4-79-v71-rpi-4) 274 | * [Basic `RTL8812AU` Drive Configuration](https://adam-toscher.medium.com/configure-your-new-wireless-ac-1fb65c6ada57) 275 | * [`aircrack-ng` Deauthentication Attack](https://hackernoon.com/forcing-a-device-to-disconnect-from-wifi-using-a-deauthentication-attack-f664b9940142) 276 | * [WEP Wi-Fi Network Cracking](https://www.aircrack-ng.org/doku.php?id=simple_wep_crack) 277 | * [Windows `aireplay-ng` Packet Injection](https://web.archive.org/web/20080921000952/http://airdump.net/aireplay-packet-injection-windows/) 278 | * [Wireless Capture On Windows](https://blog.packet-foo.com/2019/04/wireless-capture-on-windows/comment-page-1/) 279 | * [NPCAP Developer Guide](https://npcap.com/guide/npcap-devguide.html) 280 | * [USB-IP For Windows](https://github.com/kevin-doolaeghe/usbip-win) 281 | * [WSL2 Setup Guide](https://learn.microsoft.com/fr-fr/windows/wsl/install) 282 | * [Kali Tools Guide](https://www.kali.org/tools/) 283 | -------------------------------------------------------------------------------- /conwifi: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if ! [ $(id -u) = 0 ]; then 4 | echo "The script need to be run as root." >&2 5 | exit 1 6 | fi 7 | 8 | musb 9 | 10 | modprobe cfg80211 11 | modprobe 88XXau.ko 12 | 13 | ip a 14 | 15 | airmon-ng start wlan0 16 | -------------------------------------------------------------------------------- /musb: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if ! [ $(id -u) = 0 ]; then 4 | echo "The script need to be run as root." >&2 5 | exit 1 6 | fi 7 | 8 | echo "Enter the IP address of the foreign device :" 9 | read ip 10 | 11 | echo "" 12 | usbip list -r $ip 13 | 14 | echo "Enter the name of the shared USB device to import :" 15 | read usb 16 | 17 | echo "" 18 | usbip attach -r $ip -b $usb 19 | 20 | sleep 1 21 | usbip port 22 | -------------------------------------------------------------------------------- /uusb: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if ! [ $(id -u) = 0 ]; then 4 | echo "The script need to be run as root." >&2 5 | exit 1 6 | fi 7 | 8 | usbip port 9 | 10 | echo "" 11 | echo "Enter the USB device to detach :" 12 | read usb 13 | 14 | echo "" 15 | usbip detach -p $usb 16 | 17 | sleep 1 18 | usbip port 19 | --------------------------------------------------------------------------------