Arch Linux is probably the most flexible Linux distribution out there which gives you full control over all the aspects of your Operating System. This flexibility allows users to customize their distro to fit their needs as required. However, for a long time, Arch Linux was considered to be a distribution that only pro-Linux users used.
The installation itself was a difficult task. But with the release of Manjaro, RebornOS, EndeavourOS, and other Easy-to-Install Arch Linux Distros, even Intermediate users can now use Arch Linux without the horrors of the tedious hours of configurations.
In this module, we will learn how we can convert our regular Arch-based distros into hacking beasts.
Steps to turn an Arch-based distro into a hacking machine!
Here our main objective is to install various Pentest tools in our Arch-based distro. Thankfully for us, there are certain repositories available that are dedicated to security tools. All we need to do is to set up these repository mirrors on our system. For all our intents and purpose, we would use the BlackArch mirror repository as it is the most popular and well-maintained one.
Note that BlackArch also comes as an individual ISOs which is built on top of the Arch Linux ISO. Hpwever, we would focus on how to setup these repositories on top of our Vanilla Arch or Arch Based Distros.
1. Add the BlackArch user repository
It is probably the most famous Arch Based Hacking distro. The BlackArch Download Page walks us through the installation process in a very simple step-by-step manner. As for installation on top of an existing Arch setup, BlackArch has a shell script available which does all the hard work for us. Following the wiki, fetch the script with the curl command:
$ curl -O https://blackarch.org/strap.sh
You can check the integrity of the file by verifying the sha1sum via:
$ echo d062038042c5f141755ea39dbd615e6ff9e23121 strap.sh | sha1sum -c
strap.sh: OK
Now, we need to make the our starp.sh script executable:
$ chmod +x strap.sh
Finally, we need to run the script with sudo privileges:
$ sudo ./strap.sh
Make sure that multilib is enabled by uncommenting the following line in /etc/pacman.conf :
[multilib]
Include = /etc/pacman.d/mirrorlist
After that, run:
$ sudo pacman -Syu
At this point, you can install all the BlackArch tools. You can get a list of all available tools with :
$ sudo pacman -Sgg | grep blackarch | cut -d' ' -f2 | sort -u
Now, we have two options:
- Install the binaries with pacman
- Build from source using blackman
2A. Install The Binaries With Pacman
You can install all the tools with :
$ sudo pacman -S blackarch
Note: It may be necessary to overwrite certain packages when installing BlackArch tools. It primarily occurs due to conflicts in packages available under different sources. If you experience “failed to commit transaction” errors, use the –needed and –overwrite switches as follows :
$ sudo pacman -Syyu --needed blackarch --overwrite='*'
Here, –needed flag skips the already pre-installed files while the –overwrite switch bypasses file conflict checks and overwrites all conflicting files.
BlackArch divides it’s tools in several catagories. You can list all the categories with :
$ sudo pacman -Sg | grep blackarch
Now, you can download any one particular category of tools with :
$ sudo pacman -S blackarch-<category>
2B. Building From Source Using Blackman (Alternate method)
You can get the PKGBUILDS from the Official Github Repository. To build the entire repo, we can use the blackman tool. After running strap.sh as root, you can install blackman with:
$ sudo pacman -S blackman
You can list all the different category of tools with:
$ blackman -l
To list all the tools of a specific category, you can use:
$ blackman -p <category>
To download, compile and install a particular package, type in:
$ sudo blackman -i <package>
To download, compile and install all the packages of a particular group:
$ sudo blackman -g <group>
To download, compile and install all BlackArch tools, use:
$ sudo blackman -a
That’s it! This would fetch all that the BlackArch arsenal has to offer.
Conclusion
Other than BlackArch, there are also ArchStrike and many other distros but aren’t as well maintained as BlackArch which has 2000+ tools in its arsenal. This method even spares us the horror of installing BlackArch from the ISO image which follows the same procedures as standard Arch. We can even install both BlackArch and ArchStrike together on the same system and though it requires some tweaks, it gives you an army of Pentesting Tools.