Instalando Powershell en Kali Linux 2019.1

En este post contaremos como instalar powershell en un equipo con Kali Linux.

Nota: Los pasos indicados a continuación fueron realizadas en la maquina virtual de kali linux 2019.1. Puede que para versiones en el futuro, estos pasos sean mas simples.

Intro

Hace poco tiempo se lanzó la versión 2019.1 de kali linux. Puesto que hace tiempo venimos trabajando con diferentes herramientas de ataque, analisis y defensa basadas en powershell, decidimos que esta era una buena oportunidad y probar instalar powershell en la VM de kali.

La intención es (poco a poco) testear las herramientas existentes en powershell pero sobre kali. De esta forma poder ir validando cuales pueden usarse multiplataforma.

Primer intento

El primer intento fue seguir los pasos indicados en el sitio oficial de kali [1].

De acuerdo a la documentacion, siguiendo los siguientes comandos todo debería funcionar correctamente:

root@kali:apt update && apt -y install curl gnupg apt-transport-https
root@kali:curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
root@kali:echo "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-debian-stretch-prod stretch main" > /etc/apt/sources.list.d/powershell.list
root@kali:apt update
root@kali:apt -y install powershell

Todo funcionó de acuerdo a lo esperado salvo por el útimo paso:

The following packages have unmet dependencies:
PowerShell: Depends: libcurl3 but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

Intentado resolver…

Buscando un poco había otra gente que había tenido este mismo problema. En el post indicaban que se podía resolver downgradeando a libcurl3. [2]

Sin embargo al analizarlo esta solución no era viable, puesto que metasploit tiene dependencia de la versión actual de libcurl. Entoces hacer el downgrade desinstalaría metasploit:

root@kali:~# apt-get install libcurl3
Reading package lists... Done
Building dependency tree
Reading state information... Done

The following packages will be REMOVED:
  curl libcurl4 metasploit-framework
The following NEW packages will be installed:
  libcurl3
0 upgraded, 1 newly installed, 3 to remove and 0 not upgraded.
Need to get 260 kB of archives.
After this operation, 250 MB disk space will be freed.

Encontramos un reporte de este problema en el kali linux bugtracker para una versión previa de kali.[3]

Resolución

Finalmente luego de un poco mas de navegación y algunas pruebas pudimos llegar a una solución.
Lo primero que hay que hacer es bajar las siguientes dependencias y luego instalar los correspondientes paquetes (en este orden):

liburcu4: https://packages.debian.org/stretch/amd64/liburcu4/download
liblttng-ust-ctl2: https://packages.debian.org/stretch/amd64/liblttng-ust-ctl2/download
liblttng-ust0: https://packages.debian.org/stretch/amd64/liblttng-ust0/download
libicu57: https://packages.debian.org/stretch/amd64/libicu57/download
icu-devtools: https://packages.debian.org/stretch/amd64/icu-devtools/download

Para este ejemplo elegimos el mirror de debian de Chile. Bastaría con bajar los paquetes e instalarlos.

curl http://ftp.cl.debian.org/debian/pool/main/libu/liburcu/liburcu4_0.9.3-1_amd64.deb --output liburcu4_0.9.3-1_amd64.deb 
curl http://ftp.cl.debian.org/debian/pool/main/u/ust/liblttng-ust0_2.9.0-2+deb9u1_amd64.deb --output liblttng-ust0_2.9.0-2+deb9u1_amd64.deb
curl http://ftp.cl.debian.org/debian/pool/main/u/ust/liblttng-ust-ctl2_2.9.0-2+deb9u1_amd64.deb --output liblttng-ust-ctl2_2.9.0-2+deb9u1_amd64.deb
curl http://ftp.cl.debian.org/debian/pool/main/i/icu/libicu57_57.1-6+deb9u2_amd64.deb --output libicu57_57.1-6+deb9u2_amd64.deb
curl http://ftp.cl.debian.org/debian/pool/main/i/icu/icu-devtools_57.1-6+deb9u2_amd64.deb --output icu-devtools_57.1-6+deb9u2_amd64.deb
dpkg -i liburcu4_0.9.3-1_amd64.deb
dpkg -i liblttng-ust-ctl2_2.9.0-2+deb9u1_amd64.deb 
dpkg -i liblttng-ust0_2.9.0-2+deb9u1_amd64.deb
dpkg -i libicu57_57.1-6+deb9u2_amd64.deb
dpkg -i icu-devtools_57.1-6+deb9u2_amd64.deb

Si te interesa puedes expandir para ver la salida de la ejecución:

root@kali:~# curl http://ftp.cl.debian.org/debian/pool/main/i/icu/libicu57_57.1-6+deb9u2_amd64.deb --output libicu57_57.1-6+deb9u2_amd64.deb
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 7519k  100 7519k    0     0   169k      0  0:00:44  0:00:44 --:--:--  172k
root@kali:~# curl http://ftp.cl.debian.org/debian/pool/main/i/icu/icu-devtools_57.1-6+deb9u2_amd64.deb --output icu-devtools_57.1-6+deb9u2_amd64.deb
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  173k  100  173k    0     0   145k      0  0:00:01  0:00:01 --:--:--  145k
root@kali:~# curl http://ftp.cl.debian.org/debian/pool/main/u/ust/liblttng-ust0_2.9.0-2+deb9u1_amd64.deb --output liblttng-ust0_2.9.0-2+deb9u1_amd64.deb
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  170k  100  170k    0     0   197k      0 --:--:-- --:--:-- --:--:--  198k
root@kali:~# curl http://ftp.cl.debian.org/debian/pool/main/libu/liburcu/liburcu4_0.9.3-1_amd64.deb --output liburcu4_0.9.3-1_amd64.deb
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 61864  100 61864    0     0   206k      0 --:--:-- --:--:-- --:--:--  206k
root@kali:~# curl http://ftp.cl.debian.org/debian/pool/main/u/ust/liblttng-ust-ctl2_2.9.0-2+deb9u1_amd64.deb --output liblttng-ust-ctl2_2.9.0-2+deb9u1_amd64.deb
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 99424  100 99424    0     0   210k      0 --:--:-- --:--:-- --:--:--  212k


root@kali:~# dpkg -i liburcu4_0.9.3-1_amd64.deb
Selecting previously unselected package liburcu4:amd64.
(Reading database ... 422899 files and directories currently installed.)
Preparing to unpack liburcu4_0.9.3-1_amd64.deb ...
Unpacking liburcu4:amd64 (0.9.3-1) ...
Setting up liburcu4:amd64 (0.9.3-1) ...
Processing triggers for libc-bin (2.28-2) ...
root@kali:~# dpkg -i liblttng-ust-ctl2_2.9.0-2+deb9u1_amd64.deb 
Selecting previously unselected package liblttng-ust-ctl2:amd64.
(Reading database ... 422917 files and directories currently installed.)
Preparing to unpack liblttng-ust-ctl2_2.9.0-2+deb9u1_amd64.deb ...
Unpacking liblttng-ust-ctl2:amd64 (2.9.0-2+deb9u1) ...
Setting up liblttng-ust-ctl2:amd64 (2.9.0-2+deb9u1) ...
Processing triggers for libc-bin (2.28-2) ...
root@kali:~# dpkg -i liblttng-ust0_2.9.0-2+deb9u1_amd64.deb
Selecting previously unselected package liblttng-ust0:amd64.
(Reading database ... 422923 files and directories currently installed.)
Preparing to unpack liblttng-ust0_2.9.0-2+deb9u1_amd64.deb ...
Unpacking liblttng-ust0:amd64 (2.9.0-2+deb9u1) ...
Setting up liblttng-ust0:amd64 (2.9.0-2+deb9u1) ...
Processing triggers for libc-bin (2.28-2) ...
root@kali:~# dpkg -i libicu57_57.1-6+deb9u2_amd64.deb
Selecting previously unselected package libicu57:amd64.
(Reading database ... 422980 files and directories currently installed.)
Preparing to unpack libicu57_57.1-6+deb9u2_amd64.deb ...
Unpacking libicu57:amd64 (57.1-6+deb9u2) ...
Setting up libicu57:amd64 (57.1-6+deb9u2) ...
Processing triggers for libc-bin (2.28-2) ...
root@kali:~# dpkg -i icu-devtools_57.1-6+deb9u2_amd64.deb
(Reading database ... 423001 files and directories currently installed.)
Preparing to unpack icu-devtools_57.1-6+deb9u2_amd64.deb ...
Unpacking icu-devtools (57.1-6+deb9u2) over (57.1-6+deb9u2) ...
Setting up icu-devtools (57.1-6+deb9u2) ...
Processing triggers for man-db (2.8.5-2) ...

Ahora si con las dependencias resueltas podemos proceder a la instalación de powershell:

root@kali:~# apt-get install powershell
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libboost-program-options1.67.0 libboost-serialization1.67.0 libboost-test1.67.0 libboost-timer1.67.0
  libcgal13 libcrypt2 libfcgi-bin libfcgi0ldbl libicu-le-hb0 libicu60 liblwgeom-2.5-0 liblwgeom-dev
  libpyside1.2 libpython3.6 libpython3.6-dev libpython3.6-minimal libpython3.6-stdlib libqca2 libqca2-plugins
  libqgis-analysis2.18.25 libqgis-analysis2.18.28 libqgis-core2.18.25 libqgis-core2.18.28
  libqgis-customwidgets libqgis-gui2.18.25 libqgis-gui2.18.28 libqgis-networkanalysis2.18.25
  libqgis-networkanalysis2.18.28 libqgis-server2.18.25 libqgis-server2.18.28 libqgispython2.18.25
  libqgispython2.18.28 libqtwebkit4 libqwt6abi1 libradare2-3.1 libsfcgal1 libshiboken1.2v5 libspatialindex4v5
  libspatialindex5 python-cycler python-kiwisolver python-matplotlib python-matplotlib2-data python-nassl
  python-owslib python-pyproj python-pyside.qtcore python-pyside.qtgui python-pyside.qtnetwork
  python-pyside.qtwebkit python-pyspatialite python-qgis python-qgis-common python-qt4-sql python-shapely
  python-subprocess32 python3.6 python3.6-dev python3.6-minimal qt4-designer ruby-faraday
Use 'apt autoremove' to remove them.
The following NEW packages will be installed:
  powershell
0 upgraded, 1 newly installed, 0 to remove and 202 not upgraded.
Need to get 58.0 MB of archives.
After this operation, 157 MB of additional disk space will be used.
Get:1 https://packages.microsoft.com/repos/microsoft-debian-stretch-prod stretch/main amd64 powershell amd64 6.1.3-1.debian.9 [58.0 MB]
Fetched 58.0 MB in 12s (4,685 kB/s)                                                                            
Selecting previously unselected package powershell.
(Reading database ... 423001 files and directories currently installed.)
Preparing to unpack .../powershell_6.1.3-1.debian.9_amd64.deb ...
Unpacking powershell (6.1.3-1.debian.9) ...
Setting up powershell (6.1.3-1.debian.9) ...
Processing triggers for man-db (2.8.5-2) ...
root@kali:~#

Instalando Powershell (ahora si…)

Con todo instalado ya podemos iniciar la consola de powershell en nuestro kali:

root@kali:~# pwsh 
PowerShell 6.1.3
Copyright (c) Microsoft Corporation. All rights reserved.

https://aka.ms/pscore6-docs
Type 'help' to get help.

PS /root>

Esperamos que les sirva a aquellos (que como nosotros) nunca habían instalado powershell en kali.

Referencias:

[1] Installing PowerShell on Kali Linux https://www.kali.org/tutorials/installing-powershell-on-kali-linux/
[2] Instalando Powershell en Kali Linux: https://backtrackacademy.com/articulo/instalando-powershell-en-kali-linux
[3] 0004958: Powershell will not run without libcurl3: https://bugs.kali.org/view.php?id=4958