BlackArch is one of the penetration testing Linux distributions that manages to have more than 2000+ hacking tools for pentesters to use. It is compatible with existing Arch Linux installations, and the full pack can be installed with “pacman -S blackarch” if installed correctly.
When you start BlackArch, you will see too many hacking tools as soon as you open the application menu. It uses the lightweight window manager so that makes BlackArch lightweight, with no desktop environments like GNOME, KDE, LXDE, XFCE, etc.
Compared to Kali Linux and Parrot Security OS, it is the biggest distribution that is distributed world-wide, because the file size for the latest ISO is 16GB compared to Kali Linux, which is around 3-4GB. The reason that it’s too big is that the ISO has too many hacking tools and full packs. To download this ISO on 2Mbps connection, you should wait 19-20 hours. However, on 100Mbps connection, you can get it in 35-40 minutes if it is straight.
Now, let’s take a look at BlackArch Linux running on VirtualBox VM on the new PC, Dell Optiplex 7060.
Our look at BlackArch
We have created a VirtualBox Virtual Machine with the following settings:
We have assigned an OS as Arch Linux 64-bit, the RAM as 2 GB, and a 32 GB hard disk connected using the SATA controller and the CD-ROM connected to the IDE controller with the disk of blackarch-linux-live-2019.09.01-x86_64.iso that is about 15.23 GiB (16 GB on Linux).
The virtual machine has booted. We are then presented with this:
Let’s explain the options one by one to Hardware Information (HDT), excluding MemTest86+.
Boot BlackArch Linux
This option allows you to boot to BlackArch Linux to perform pentesting, including reverse-engineering, WiFi attacks, SQL injection, etc. However, it doesn’t allow you to have non-free drivers loaded on boot. The second option, which is non-free, allows you to use non-free drivers loaded on boot, for example, a Realtek RTL8192CU (RTL8188CUS) driver is not shipped with default installation disk, so the non-free disk has to be used to allow it to work and so you can connect to your WiFi network.
Let’s go to the first option, because VirtualBox’s Intel PRO/1000 MT (external site, CNet.com) driver is free. When we waited more, we saw messages starting with the double colons :: that involves about start up. After it, we saw systemd messages in the regular MS-DOS console size. Thereafter, frame buffer has changed the resolution to 800×600.
Console fonts have later changed to a cool font, which looks like this:
After several seconds, it went to the LXDE's Display Manager which is also cool, because there is a cool background which says Hack the planet.
However, it seems that the background is stretched, so it’s only made for 16:9 aspect ratio. When we had a look at the desktop menu to see what it looks like, we are presented with this:
Let’s go to the default window manager, which is fluxbox. We went with the username root and the password blackarch. At the moment we logged in, we saw another background and the FluxBox taskbar which tells you the date and the time.
It’s a background with the hex editor text and the snippets of code text. Let’s explore the menu. When we open the BlackArch menu, we are greeted with categories of tools, which look like this:
Each of the hacking tools are categorized in the main BlackArch menu, like backdoor, which stores all backdoor tools and generators, cracker, which stores all password and hash crackers, dos, which includes all Denial of Service (DoS) tools, keylogger, which stores all the keylogging tools, etc.
Some of the categories are too huge, like networking, because when we open it, you can see that it didn’t fit the screen resolution, requiring you to specify a higher resolution.
You have to open the console to open the tools specified in the categories, or it will open and close right away. Some tools might have a main menu like MetaSploit Framework.
Let’s take a look at terminals. When we open this menu, we see terminal entries with colors like red, green, etc. They all open a console for you to initiate attacks and manage your installation, like usual.
In the browsers menu, there are two entries, Firefox, and Chromium. Firefox opens, but Chromium does not. When we open the console and try to start Chromium, we see this error message and halts.
It also provides a link to this bug report presented by . When we start with no sandbox, we are greeted with this:
You can use Chromium as usual, but there is a banner that says that you are using --no-sandbox, which later turns out that security and stability will suffer. We can see what version of Chromium is currently installed by opening About Chromium.
OK. We close Chromium and the terminal, and open the network menu, which includes the powerful Wicd WiFi manager. It has two entries, one for GUI, and one for curses (terminal).
GUI version of Wicd Network Manager 
Terminal version of Wicd Network Manager
Let’s exit the FluxBox window manager, and go to Awesome WM. You’ll be presented with this screen once you go to it.
It has the same menu entries as before, but there is awesome menu entry that lets you read its manual page, edit config (LUA), restart the WM, and quit to login screen. When we open the BlackArch menu and try to go to the long menu entry such as dos, you’ll see that it does not fit vertically, and there is no way to make it fit except changing resolutions.
Also, it seems to hang for a bit when you go to another category, but when it finished, it will go back responsive. Let’s open a terminal window with this window manager.
This window manager can’t have window borders, so it makes it a tiling window manager by this proof picture.
You can switch to all sorts of tiles, such as spiral, magnifier, tile, fair tiles, fullscreen, etc. Let’s go to another window manager, called i3.
When we open the terminal with Super (Windows) + Enter, we see the full-screen terminal below on a gallery, but when we open the second one, it makes it side by side.
However, if we open the third terminal, and move it down, it will look like this, which makes it a tiling window manager just like Awesome WM.
Let’s open the application menu. Of course, BlackArch Linux has some tools with cuss words in the executable file name. We have moved the cursor so it points to words starting with a, which includes the aircrack-ng tools. You can move the cursor using ↑ and ↓ arrow keys. Of course, when you run airgeddon using this menu, it won’t run.
Airgeddon works with non-wifi cards, but there are limited choices, so let’s exit the script after it has finished updating. Let’s exit the window manager with Super (Windows) + Shift + e, and it will ask you if you want to lock the system, shutdown, restart, logout, etc. We have logged out by pressing the e key. Let’s try openbox. When we logged in, we saw only a background.
We can open a menu by right-clicking the background. The menu will look like this:
And when we open the terminal in this window manager, you will see the awesome window that looks like this:
When we open the big menu entry which includes pentesting tools, instead of suffering from the menu height problem, it adds the More... menu entry which fixes all problems.
We can’t open anything, because Openbox also reports that it can’t open the urxvtl program unlike all other window managers, so the bug report will come soon. There is chntpw! Let’s try installing it using pacman. Unfortunately, you had to run the update before you can actually install packages.
Let’s run pacman -Sy to make it run like apt update. It gets a nice progress bar, but it will not tell you the size of the database and will not tell you the URL to be fetched, unlike apt update. The sizes that we can make out as of writing are:
core: 132 KiB
extra: 1642.5 KiB
community: 4.9 MiB
multilib: 169.7 KiB
blackarch: 2.9 MiB (has a signature)Yet when we tried to install it, it ends up with this error.
So it suggests that urxvtl is not popular, and might be obsolete. The developers should be informed about this via a bug report. When we went to more menu entries, we saw system with the log out button. Let’s try spectrwm.
We can open the terminal using Alt (Meta) + Shift + Enter keybindings.
Multiple open terminal windows makes spectrwm a tiling window manager, just like i3 and awesome, because it tiles them automatically.
Let’s open the dmenu, and we’ll see the application list on the top taskbar that you can move using ← and → arrow keys and launch using an Enter key. Unfortunately, it won’t tell you why it can’t launch, unlike Openbox. A pentester has to open a terminal to launch specific tools. We can exit it using Alt (Meta) + Shift + q key combination. Let’s go back to Openbox and install BlackArch to the HDD using these instructions given.
We won’t use online things, because that would require us to download ~14GB again, so let’s use a Live-ISO method, unless you want to download everything again, requiring you to wait for too many hours. We are greeted with the two options asking us if we want verbose or quiet. Let’s select verbose.
It will ask you to set your locale. Let’s select en_US.UTF8.
Same with keymaps which is set to us by default. It will ask us for a host name. Then, it will ask us to select a target hard drive for installation.
Let’s select sda for installation. It will then ask us if we would like a dual-boot setup. Since we don’t have any OS in that drive, let’s say no. Then, it will ask us if we want to partition a drive using cfdisk, and that if we want to use an in-memory zeroed disk sector. We say yes to both. It will then ask us for a partition table.
Let’s use dos for MBR, and we can make partitions graphically. We have made a full partition minus one GB for swap. This is the result:
It will then ask us if we want everything on the disk encrypted. This is a test machine, so let’s say no. You decide. It will then ask us to specify a boot partition. Let’s select the first partition.
All the way down to swap partition, and this is the result:
It will then ask us to verify that the partition table is correct. We say yes. It will then ask us if we want to format partitions. We simply say yes, because it’s new. The operation begins
However, we didn’t have enough disk space (32 GB), because it uses around 46 GB, so let’s make a new one with 64 GB, and retry the process. We re-synchronize the pacman database first, and then start the installer again.
As it progresses, we have noticed that the disk is going 100% on the host, making Windows 10 unresponsive until we’ve cancelled the process with Ctrl+C, but the script won’t say “Install Failed”, instead it goes on as it has transferred 46 GB to the installation drive. You’ll get many errors, depending on when did you interrupt the transfer. Anyways, don’t interrupt it, and it’s best to try to install it on the host rather on the VM.
It will then ask us for root password, user creation, and timezone. It will then prepare GRUB to the hard disk, and finish everything up. The script will exit with no restart, so you have to manually restart it to the hard disk.
That’s it for today. We hope that you liked this pentesting distro, and that we’ve summarized that this distro is too big because it contains multiple categories of huge amount of tools, but they open using the non-existent urxvt program, urxvtl. The installation script is not noob-friendly.
Post a Comment
Thanks for your response :D