Task 1: Local PE via GRUB

Step 1

• Start the Kali Linux machine and edit its GRUB to load /bin/bash shell.

1. Turn on the Kali VM and as soon as you see the blue GRUB menu, press “e”.
2. Navigate towards the bottom and there will be a command similar to: ro initrd=/install/gtk/initrd.gz quiet
3. Replace ‘ro’ with ‘rw’ and append splash init=/bin/bash

Step 2

• Boot the system by pressing Ctrl+x, check which user is logged in, and restart the VM.

1. After you finish editing the GRUB menu, boot the system by pressing Ctrl+x or F10.
2. After the system boots, run the whoami command to verify that you are the root.
3. From the VM menu bar, open the Machine tab and select Reset.

Task 2: Encrypt GRUB

Step 1

• Create a suitable hash for GRUB using grub-mkpasswd-pbkdf2 and save the hash value to /etc/grub.d/40_custom.
• Add the password hash to set a password for the root user.

1. Start a terminal session
2. From the terminal, run the following command and insert the desired password: grub-mkpasswd-pbkdf2
3. Open a second terminal, select File, and select New Window
4. Type nano /etc/grub.d/40_custom to open the file in edit mode
5. At the bottom of the file, add this:

set superusers=”root"
password_pbkdf2 [user] [paste hash from second terminal window] 

6. Paste the hash to the file like this (make sure to paste properly or an error will occur):
7. Press Ctrl+X, and then type Y for Yes to confirm changes.

Step 2

• Save the changes you made to 40_custom and apply them by executing: grub-mkconfig -o /boot/grub/grub.cfg

Step 3

• Reboot the system and check GRUB