📄
REMnux Documentation
  • REMnux: A Linux Toolkit for Malware Analysis
  • Install the Distro
    • Get the Virtual Appliance
    • Install from Scratch
    • Add to an Existing System
    • Run REMnux as a Container
    • Keep the Distro Up to Date
  • Discover the Tools
    • Examine Static Properties
      • General
      • PE Files
      • ELF Files
      • .NET
      • Deobfuscation
    • Statically Analyze Code
      • General
      • Unpacking
      • PE Files
      • Python
      • Scripts
      • Java
      • .NET
      • Flash
      • Android
    • Dynamically Reverse-Engineer Code
      • General
      • Shellcode
      • Scripts
      • ELF Files
    • Perform Memory Forensics
    • Explore Network Interactions
      • Monitoring
      • Connecting
      • Services
    • Investigate System Interactions
    • Analyze Documents
      • General
      • PDF
      • Microsoft Office
      • Email Messages
    • Gather and Analyze Data
    • View or Edit Files
    • General Utilities
  • Run Tools in Containers
    • Docker Images of Malware Analysis Tools
  • Behind the Scenes
    • People
    • Technologies
      • SaltStack Management
      • REMnux Installer
      • State Files Without the REMnux Installer
      • Debian Packages
      • Website and Docs
    • License
  • Tips and More
    • REMnux Configuration Tips
    • REMnux Tool Tips
    • Malware Analysis Training
    • REMnux Website
  • Get Involved
    • Ask and Answer Questions
    • Write About the Tools
    • Add or Update Tools
      • Contribute a Salt State File
      • Contribute a Debian Package
      • Contribute a Dockerfile
    • Implement Enhancements
Powered by GitBook
On this page
  • Step 1: Get the REMnux Installer
  • Step 3: Run the REMnux Installer
  • Step 4: Reboot the REMnux System
  • Step 5: Take a Snapshot of the Virtual Machine
  1. Install the Distro

Add to an Existing System

You can add REMnux to an existing system based on Ubuntu 20.04 by following instructions below. This configuration doesn't modify your system's look and feel, so you won't have the experience of the full REMnux environment. To the full experience, consider using the REMnux virtual appliance.

REMnux is based on an x86/amd64 version of Ubuntu, and won't run on an ARM processor such as Apple M1.

Step 1: Get the REMnux Installer

After logging into your existing system based on Ubuntu 20.04, download the REMnux installer:

wget https://REMnux.org/remnux-cli

Validate that the SHA-256 hash of the downloaded file to make sure it matches this expected value:

c8c6d6830cfeb48c9ada2b49c76523c8637d95dc41d00aac345282fb47021f8e

To generate the hash of your file, run:

sha256sum remnux-cli

Set up the REMnux installer by running these commands:

mv remnux-cli remnux
chmod +x remnux
sudo mv remnux /usr/local/bin

Before proceeding, make sure your system doesn't have an active Ubuntu unattended upgrade in progress. One way to do this is check whether the "unattended-upgrade" process is active (ps aux | grep unattended-upgrade.) If the upgrade is active, let it finish or disable it, then reboot the system before installing REMnux.

Step 3: Run the REMnux Installer

You're now ready to install the REMnux distro. To kick off the installation, run:

sudo remnux install --mode=addon

The addon mode will avoid modifications that can modify the look and feel of your existing system. As a result, you won't get the experience of the standard REMnux environment..

The installation will take about an hour, depending on your resources and internet connection.

If the REMnux installer produces an error, diagnose the issue by reviewing the saltstack.log file under /var/cache/remnux/cli in the subdirectory that matches the REMnux state-files version you're installing. Search for the log file for result: false messages and look at the surrounding 5 lines or the 8 lines above each message to see the state file that caused the issue. (grep -i -C 5 'result: false' or grep -i -B 8 'result: false').

Step 4: Reboot the REMnux System

Once the REMnux installation finishes, reboot your new REMnux system by typing:

sudo reboot

Login to your system to start benefiting from the tools that the REMnux distro includes.

To keep your REMnux environment up-to-date run the REMnux installer periodically as described in the Keep the Distro Up to Date section.

Step 5: Take a Snapshot of the Virtual Machine

If you installed REMnux inside a virtual machine, consider taking a snapshot of the VM, so you can return it to a known good state if the need arises.

PreviousInstall from ScratchNextRun REMnux as a Container

Last updated 4 months ago