📄
REMnux Documentation
  • REMnux: A Linux Toolkit for Malware Analysis
  • Install the Distro
    • Get the Virtual Appliance
    • Install from Scratch
    • Add to an Existing System
    • Run REMnux as a Container
    • Keep the Distro Up to Date
  • Discover the Tools
    • Examine Static Properties
      • General
      • PE Files
      • ELF Files
      • .NET
      • Deobfuscation
    • Statically Analyze Code
      • General
      • Unpacking
      • PE Files
      • Python
      • Scripts
      • Java
      • .NET
      • Flash
      • Android
    • Dynamically Reverse-Engineer Code
      • General
      • Shellcode
      • Scripts
      • ELF Files
    • Perform Memory Forensics
    • Explore Network Interactions
      • Monitoring
      • Connecting
      • Services
    • Investigate System Interactions
    • Analyze Documents
      • General
      • PDF
      • Microsoft Office
      • Email Messages
    • Gather and Analyze Data
    • View or Edit Files
    • General Utilities
  • Run Tools in Containers
    • Docker Images of Malware Analysis Tools
  • Behind the Scenes
    • People
    • Technologies
      • SaltStack Management
      • REMnux Installer
      • State Files Without the REMnux Installer
      • Debian Packages
      • Website and Docs
    • License
  • Tips and More
    • REMnux Configuration Tips
    • REMnux Tool Tips
    • Malware Analysis Training
    • REMnux Website
  • Get Involved
    • Ask and Answer Questions
    • Write About the Tools
    • Add or Update Tools
      • Contribute a Salt State File
      • Contribute a Debian Package
      • Contribute a Dockerfile
    • Implement Enhancements
Powered by GitBook
On this page
  • State File Groupings for REMnux Distro Installation
  • Manually Installing SaltStack
  • Retrieving REMnux State Files
  • Invoking SaltStack to Install State File Groupings
  1. Behind the Scenes
  2. Technologies

State Files Without the REMnux Installer

PreviousREMnux InstallerNextDebian Packages

Last updated 3 years ago

The best way to install, upgrade, or update your REMnux system is usually to use the . However, sometimes you might want to invoke the underlying Salt state files directly, perhaps when experimenting with REMnux or when getting around some deficiency of the REMnux installer.

State File Groupings for REMnux Distro Installation

The Salt state files for the REMnux distro are grouped into "bundles," so it's easier to trigger the installation or upgrade without directly referring to every individual tool's SaltStack state file:

  • installs the state files for without changing its look and feel. This corresponds to the --mode=addon parameter to the REMnux installer.

  • installs the state files for in a local lab. This applies the same state files as addon.sls, but also invokes the "theme" state file to adjust the system's configuration for the full REMnux experience. This corresponds to the --mode=dedicated parameter to the REMnux installer, and is the default if --mode isn't specified.

  • installs the state files for setting up a dedicated REMnux system in a cloud environment. This applies the same state files as dedicated.sls, except it doesn't disable the SSH daemon, which many people use for remote access. This corresponds to the --mode=cloud parameter to the REMnux installer

Manually Installing SaltStack

If you decide to interact with REMnux' Salt state files without the REMnux installer, first make sure a recent version of SaltStack is installed by executing the following commands, assuming you're using Ubuntu 20.04 (Focal) as the base OS:

sudo -s
wget -O - https://repo.saltproject.io/py3/ubuntu/20.04/amd64/latest/salt-archive-keyring.gpg | apt-key add -
echo "deb [arch=amd64] https://repo.saltproject.io/py3/ubuntu/20.04/amd64/latest focal main" | tee /etc/apt/sources.list.d/saltstack.list
apt update -y
apt install -y salt-minion git 
systemctl disable salt-minion
systemctl stop salt-minion

Retrieving REMnux State Files

sudo git clone https://github.com/REMnux/salt-states.git /srv/salt

Invoking SaltStack to Install State File Groupings

You can invoke SaltStack's salt-call utility to install the desired state file grouping. For example, for "dedicated" you'd use the command:

sudo salt-call -l debug --local state.sls remnux.dedicated

The parameter -l debug to the salt-call command provides verbose debug-level output of the operation. You can skip this parameter if you don't want that level of detail.

By the way, if the name of your current user isn't remnux, you'll need to specify the following parameter to the salt-call command:

pillar='{"remnux_user": "YOUR_USERNAME"}'

Replace YOUR_USERNAME with your username. This is equivalent to the --user=YOUR_USERNAME optional parameter to the REMnux installer. The REMnux installer automatically invokes salt-call by specifying the name of the currently-logged in user, but you'll need to specify this yourself if running salt-call directly.

You can retrieve REMnux' Salt state files, by downloading the desired state file archive from or clone the repo like this:

REMnux installer
addon.sls
adding REMnux to an existing system
dedicated.sls
setting up a dedicated REMnux system
cloud.sls
the "releases" area of the REMnux/salt-states repository