Episode 5x24

Charles · January 8, 2010

I just finished up my multiboot disk, got most of the problems worked out due to this thread.

Thanks to the guys at Hak5 for doing a great episode.

I think the only one I had a problem with was KNOPPIX and Trinity Rescue Kit. (both had to be in the root of the drive)

I didn't create a usb disk with trinity on it, but just copied the trk3 directory into the root of the thumb drive. The thumb drive's volume label is "MULTIPASS."

Installed applications:

BackTrack 4 Pre

Clonezilla

DBAN

Gparted

Hiren's BootCD 10.1

Knoppix 6.2 DVD

Kon-Boot

Memtest86

Memtest86+

Mini Windows XP (part of Hiren's Boot CD)

OphCrack

Super Grub Disk

Trinity Rescue Kit

Ubuntu 9.10

Ultimate Boot CD

Avira Rescue CD

Kaspersky Rescue Disk

Directory tree:

.
|-- AviraRescueCD.iso
|-- HBCD
|   |-- Active.uha
|   |-- Astra.uha
|   |-- BiosBoot.uha
|   |-- DiskCmdr.uha
|   |-- Diskptch.uha
|   |-- DosBurn.uha
|   |-- DskMangr.uha
|   |-- ESTest.uha
|   |-- EasyRecv.uha
|   |-- FastLynx.uha
|   |-- Ghost.uha
|   |-- HDAT2.uha
|   |-- HDDReg.uha
|   |-- HWiNFO.uha
|   |-- HddErase.uha
|   |-- HddTools.uha
|   |-- Killdisk.uha
|   |-- Med_Tool.uha
|   |-- Mini98.uha
|   |-- MpxPlay.uha
|   |-- NTFS4DOS.uha
|   |-- Network.uha
|   |-- NtPwd.uha
|   |-- PCI32.uha
|   |-- PCcheck.uha
|   |-- PartCmdr.uha
|   |-- PartMngr.uha
|   |-- QuickVie.uha
|   |-- ReHive.uha
|   |-- RegView.uha
|   |-- SavePart.uha
|   |-- SystemAn.uha
|   |-- TestDisk.uha
|   |-- Tools.uha
|   |-- VC.uha
|   |-- Victoria.uha
|   |-- Warn.bat
|   |-- WinTools
|   |   |-- 7Zip.bat
|   |   |-- AngryIPScanner.bat
|   |   |-- AsteriskLogger.bat
|   |   |-- AutoRuns.bat
|   |   |-- Autorun.csv
|   |   |-- Autorun.exe
|   |   |-- CCleaner.bat
|   |   |-- CPUz.bat
|   |   |-- CPorts.bat
|   |   |-- ComboFix.exe
|   |   |-- ContentAdvisorPasswordRemover.bat
|   |   |-- CoolWebSearch_Remover.bat
|   |   |-- DTemp.bat
|   |   |-- DefragNT.bat
|   |   |-- DependencyWalker.bat
|   |   |-- DialAFix.bat
|   |   |-- DisableAutorun.bat
|   |   |-- DisableCompressOldFiles.bat
|   |   |-- DiskMan4.bat
|   |   |-- DoubleDriver.bat
|   |   |-- DriveImageXML.bat
|   |   |-- DriverBackup.bat
|   |   |-- DrvImgXp.bat
|   |   |-- DskSpeed.bat
|   |   |-- EASEUSPartitionMaster.bat
|   |   |-- ERDComputerManagement.bat
|   |   |-- ERDExplorer.bat
|   |   |-- ERDSystemRestore.bat
|   |   |-- EditHosts.bat
|   |   |-- EzPCFix.bat
|   |   |-- FastCopy.bat
|   |   |-- FileDisk.bat
|   |   |-- GPU-Z.bat
|   |   |-- GetDataFAT.bat
|   |   |-- GetDataNTFS.bat
|   |   |-- Ghost32.bat
|   |   |-- GhostExp.bat
|   |   |-- Grub4DosInstaller.bat
|   |   |-- HBCDCustomize.exe
|   |   |-- HDDScan.bat
|   |   |-- HDTune.bat
|   |   |-- HijackThis.exe
|   |   |-- HxD.bat
|   |   |-- IBProcMan.exe
|   |   |-- InfraRecorder.bat
|   |   |-- JkDefrag.bat
|   |   |-- KasperskyVirusRemoval.bat
|   |   |-- KillBox.exe
|   |   |-- MailPassView.bat
|   |   |-- Malwarebytes.bat
|   |   |-- MbrFix.bat
|   |   |-- MbrWizard.bat
|   |   |-- MemTest.bat
|   |   |-- MessenPass.bat
|   |   |-- MonitorTester.bat
|   |   |-- NewSID.bat
|   |   |-- NtRegOpt.bat
|   |   |-- OpenedFilesView.bat
|   |   |-- Opera.bat
|   |   |-- PCI32.bat
|   |   |-- PCWizard.bat
|   |   |-- PageDfrg.bat
|   |   |-- PartSaving.bat
|   |   |-- PartitionFindAndMount.bat
|   |   |-- PasswordRenew.bat
|   |   |-- PhotoRec.bat
|   |   |-- ProceXP.exe
|   |   |-- ProcessActivityView.bat
|   |   |-- ProcessExplorer.bat
|   |   |-- ProduKey.bat
|   |   |-- Recuva.bat
|   |   |-- RegEditPE.bat
|   |   |-- RegRestoreWizard.bat
|   |   |-- RegScanner.bat
|   |   |-- RegistryBackup.bat
|   |   |-- RemoveRestrictionsTool.bat
|   |   |-- RemoveWGA.bat
|   |   |-- Restoration.bat
|   |   |-- RootkitRevealer.bat
|   |   |-- SM.bat
|   |   |-- ShExView.bat
|   |   |-- Shredder.bat
|   |   |-- SilentRunners.bat
|   |   |-- SmartDriverBackup.bat
|   |   |-- SmitFraudFix.bat
|   |   |-- SnapShot.bat
|   |   |-- SpaceMonger.bat
|   |   |-- Splitter.exe
|   |   |-- SpybotSD.bat
|   |   |-- SpywareBlaster.bat
|   |   |-- StartupCPL.bat
|   |   |-- StartupMonitor.exe
|   |   |-- Streams.bat
|   |   |-- SuperAntiSpyware.bat
|   |   |-- TCPView.bat
|   |   |-- TestDisk.bat
|   |   |-- TrueCrypt.bat
|   |   |-- TweakUI.bat
|   |   |-- USBFormat.bat
|   |   |-- UltimateWindowsTweaker.bat
|   |   |-- Undelete.bat
|   |   |-- UnknownDevices.bat
|   |   |-- Unlocker.bat
|   |   |-- UnstoppableCopier.bat
|   |   |-- UsbDeView.bat
|   |   |-- VideoMemoryStressTest.bat
|   |   |-- VirtualFloppyDrive.bat
|   |   |-- VolkovCommander.bat
|   |   |-- WinDirStat.bat
|   |   |-- WinKeyFinder.bat
|   |   |-- WindowsGate.bat
|   |   |-- Winsock2Fix9x.bat
|   |   |-- WirelessKeyView.bat
|   |   |-- XP-Key-Reader.bat
|   |   |-- XpTCPIPWinsockRepair.bat
|   |   |-- files
|   |   |   |-- 7Zip.uha
|   |   |   |-- Autoruns.uha
|   |   |   |-- CCleaner.uha
|   |   |   |-- CpuZ.uha
|   |   |   |-- Cygwin1.uha
|   |   |   |-- DDriver.uha
|   |   |   |-- DependencyWalker.uha
|   |   |   |-- DialAFix.uha
|   |   |   |-- DriveImageXML.uha
|   |   |   |-- DrvImgXp.uha
|   |   |   |-- EPM.uha
|   |   |   |-- ERD.uha
|   |   |   |-- EzPCFix.uha
|   |   |   |-- FastCopy.uha
|   |   |   |-- FileDisk.uha
|   |   |   |-- Files.uha
|   |   |   |-- GPU-Z.uha
|   |   |   |-- GetDataB.uha
|   |   |   |-- Ghost32.uha
|   |   |   |-- HDDScan.uha
|   |   |   |-- HDTune.uha
|   |   |   |-- HxD.uha
|   |   |   |-- InfraRecorder.uha
|   |   |   |-- JkDefrag.uha
|   |   |   |-- KasperskyVirusRemoval.uha
|   |   |   |-- Malwarebytes.uha
|   |   |   |-- MbrFix.uha
|   |   |   |-- NTREGOPT.uha
|   |   |   |-- NirSoft.uha
|   |   |   |-- Opera.uha
|   |   |   |-- PCwizard.uha
|   |   |   |-- PartFind.uha
|   |   |   |-- PasswordRenew.uha
|   |   |   |-- Recuva.uha
|   |   |   |-- RegEditPE.uha
|   |   |   |-- Restoration.uha
|   |   |   |-- RootkitRevealer.uha
|   |   |   |-- SRunners.uha
|   |   |   |-- SmartDriverBackup.uha
|   |   |   |-- SmitfraudFix.uha
|   |   |   |-- SpybotSD.uha
|   |   |   |-- SpywareBlaster.uha
|   |   |   |-- SuperAntiSpyware.uha
|   |   |   |-- TrueCrypt.uha
|   |   |   |-- TweakUI.uha
|   |   |   |-- USBGrub.uha
|   |   |   |-- UltimateWindowsTweaker.uha
|   |   |   |-- Undelete.uha
|   |   |   |-- Unlocker.uha
|   |   |   |-- VFD.uha
|   |   |   |-- VideoMemoryStressTest.uha
|   |   |   |-- WinKeyFinder.uha
|   |   |   |-- WindirSt.uha
|   |   |   |-- WindowsGate.uha
|   |   |   |-- coolweb.uha
|   |   |   |-- mkisofs.uha
|   |   |   |-- sm.uha
|   |   |   `-- xp-AntiSpy.uha
|   |   |-- siw.exe
|   |   |-- snapshot.exe
|   |   `-- xp-AntiSpy.bat
|   |-- XP
|   |-- XP.BIN
|   |-- XP.CA_
|   |-- XP.DAT
|   |-- XPLOADER.BIN
|   |-- adds.uha
|   |-- atis.uha
|   |-- boot.gz
|   |-- chntpw.uha
|   |-- copyr.uha
|   |-- dcc.uha
|   |-- dosnav.uha
|   |-- fm.uha
|   |-- fw.uha
|   |-- ghstwalk.uha
|   |-- grldr
|   |-- isolinux.bin
|   |-- isolinux.cfg
|   |-- keyboard.bat
|   |-- memdisk
|   |-- memtest.gz
|   |-- menu.c32
|   |-- menu.lst
|   |-- mix.uha
|   |-- nortUTIL.uha
|   |-- nssi.uha
|   |-- ntfs.uha
|   |-- pRESIZER.uha
|   |-- pmount.uha
|   |-- pqdi.uha
|   |-- pqpm.uha
|   |-- ts.uha
|   `-- uharc.exe
|-- KNOPPIX
|   |-- KNOPPIX
|   |-- LICENSE.txt
|   |-- README_Security.txt
|   |-- SOURCES.txt
|   |-- background.jpg
|   |-- index_de.html
|   |-- index_en.html
|   |-- index_fr.html
|   |-- index_it.html
|   |-- knoppix-cheatcodes.txt
|   |-- knoppix-logo-medium.png
|   |-- knoppix-logo-small.png
|   |-- knoppix.lst
|   |-- linux
|   |-- minirt.gz
|   |-- modules
|   |   |-- aufs.ko
|   |   `-- cloop.ko
|   `-- sha1sums
|-- bootbt4
|   |-- bootsplash
|   |-- grub
|   |   |-- bt4.lst
|   |   |-- bt4.xpm.gz
|   |   |-- bt4boot.xpm.gz
|   |   `-- stage2_eltorito
|   |-- initrd.gz
|   |-- initrd800.gz
|   |-- initrdfr.gz
|   |-- memtest86+.bin
|   `-- vmlinuz
|-- casper
|   |-- filesystem.manifest
|   |-- filesystem.manifest-desktop
|   `-- filesystem.squashfs
|-- clonezilla
|   |-- isolinux
|   |   |-- boot.cat
|   |   |-- chain.c32
|   |   |-- drblwp.png
|   |   |-- isolinux.bin
|   |   |-- isolinux.cfg
|   |   |-- memdisk
|   |   |-- menu.c32
|   |   |-- ocswp.png
|   |   `-- vesamenu.c32
|   `-- live
|       |-- eb.zli
|       |-- filesystem.squashfs
|       |-- freedos.img
|       |-- gpxe.lkn
|       |-- initrd1.img
|       |-- memtest
|       |-- packages.txt
|       |-- parameters.txt
|       `-- vmlinuz1
|-- dban
|   |-- dban.ima
|   `-- memdisk
|-- fingerprint.xpm.gz
|-- gparted
|   |-- Gsplash.png
|   |-- boot.cat
|   |-- chain.c32
|   |-- exithelp.cfg
|   |-- filesystem.squashfs
|   |-- gparted.lst
|   |-- initrd1.img
|   |-- isolinux.bin
|   |-- isolinux.cfg
|   |-- live.cfg
|   |-- memdisk
|   |-- memtest
|   |-- menu.c32
|   |-- menu.cfg
|   |-- packages.txt
|   |-- parameters.txt
|   |-- prompt.cfg
|   |-- splash.png
|   |-- stdmenu.cfg
|   |-- vesamenu.c32
|   `-- vmlinuz1
|-- grldr
|-- kav_rescue_2008.iso
|-- konboot
|   `-- FD0-konboot-v1.1-2in1.img
|-- mem86+
|   `-- BOOT
|       |-- BOOT.CAT
|       `-- MEMTEST.IMG
|-- memtest86
|   |-- BOOT.CAT
|   |-- BOOT.TXT
|   |-- ISOLINUX.BIN
|   |-- ISOLINUX.CFG
|   |-- MEMTEST
|   |-- MEMTEST.34
|   `-- MEMTEST.SMP
|-- menu.lst
|-- sgd.iso
|-- tables
|   |-- bzImage
|   |-- ophcrack.lst
|   |-- rootfs.gz
|   |-- vista_free
|   |   |-- md5sum.txt
|   |   |-- postdict
|   |   |-- table0.bin
|   |   |-- table0.index
|   |   |-- table0.start
|   |   |-- table1.bin
|   |   |-- table1.index
|   |   |-- table1.start
|   |   |-- table2.bin
|   |   |-- table2.index
|   |   |-- table2.start
|   |   |-- table3.bin
|   |   |-- table3.index
|   |   |-- table3.start
|   |   |-- vista_free.md5
|   |   |-- vista_free.sfv
|   |   `-- worddict
|   |-- xp_free_fast
|   |   |-- README-5k.TXT
|   |   |-- table0.bin
|   |   |-- table0.index
|   |   |-- table0.start
|   |   |-- table1.bin
|   |   |-- table1.index
|   |   |-- table1.start
|   |   |-- table2.bin
|   |   |-- table2.index
|   |   |-- table2.start
|   |   |-- table3.bin
|   |   |-- table3.index
|   |   |-- table3.start
|   |   |-- xp_free_fast.md5
|   |   `-- xp_free_fast.sfv
|   `-- xp_free_small
|       |-- md5sum.txt
|       |-- table0.bin
|       |-- table0.index
|       |-- table0.start
|       |-- table1.bin
|       |-- table1.index
|       |-- table1.start
|       |-- table2.bin
|       |-- table2.index
|       |-- table2.start
|       |-- table3.bin
|       |-- table3.index
|       `-- table3.start
|-- trk3
|   |-- AUTORUN.INF
|   |-- boot.cat
|   |-- bootlogo.jpg
|   |-- captive
|   |-- clamdb
|   |   |-- daily.cvd
|   |   `-- main.cvd
|   |-- disableautorun.exe
|   |-- initrd.trk
|   |-- isolinux.bin
|   |-- isolinux.cfg
|   |-- kernel.trk
|   |-- memdisk
|   |-- memtest.x86
|   |-- mkpxelinux
|   |-- pxelinux.0
|   |-- pxelinux.cfg
|   |-- syslinux
|   |-- syslinux.cfg
|   |-- syslinux.exe
|   |-- trinity.ico
|   |-- trk.lst
|   |-- trk.xpm.gz
|   |-- trkramfs
|   |-- trspack-1_0.exe
|   |-- trsrun-1_0-nq.exe
|   |-- trsrun-1_0.exe
|   `-- vesamenu.c32
|-- ubcd411.iso
`-- ubuntu910.iso

25 directories, 409 files

menu.lst:

splashimage /fingerprint.xpm.gz
foreground ffffff
background 0639a1
timeout 120

### Back|Track 4 Pre ###
title BackTrack 4
configfile /bootbt4/grub/bt4.lst

### Clonezilla ###
title Clonezilla
root (hd0,0)
kernel /clonezilla/live/vmlinuz1 boot=live union=aufs vga=789 ip=frommedia live-media-path=/clonezilla/live bootfrom=/dev/hda toram=filesystem.squashfs noprompt ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_keymap="" ocs_live_batch="no" ocs_lang=""
initrd /clonezilla/live/initrd1.img
boot

### Darik's Boot and Nuke 1.07 ###
title Darik's Boot and Nuke
kernel /dban/memdisk
initrd /dban/dban.ima


### Gparted ###
title Gparted
configfile /gparted/gparted.lst

### Hiren's Boot CD ###
title Hiren's BootCD
find --set-root /HBCD/boot.gz
map --mem /HBCD/boot.gz (fd0)
map --hook
chainloader (fd0)+1
rootnoverify (fd0)
map --floppies=1
boot

### Knoppix 6.2 DVD ###
title Knoppix 6.2
configfile /KNOPPIX/knoppix.lst

### Kon-Boot ###
title Kon-Boot
map --mem /konboot/FD0-konboot-v1.1-2in1.img (fd0)
map --hook
chainloader (fd0)+1
map (hd1) (hd0)
map --hook
rootnoverify (fd0)

### Memtest86 3.5 ###
title Memtest86
kernel /memtest86/memtest

### Memtest 86+ 4.00 ###
title Memtest86+
map --mem /mem86+/boot/memtest.img (fd0)
map --hook
chainloader (fd0)+1
rootnoverify (fd0)

### Mini Windows XP ###
title Mini Windows XP
find --set-root /HBCD/XPLOADER.BIN
chainloader /HBCD/XPLOADER.BIN

### OphCrack XP/Vista/7 ###
title OphCrack
configfile /tables/ophcrack.lst

### Super Grub Disk ###
title Super Grub Disk
map --mem /sgd.iso (hd32)
map --hook
chainloader (hd32)

### Trinity Rescue Kit ###
title Trinity Rescue Kit
configfile /trk3/trk.lst

### Ubuntu 9.10 x86 LiveCD ###
title Ubuntu 9.10
find --set-root /ubuntu910.iso
map /ubuntu910.iso (0xff)
map --hook
root (0xff)
kernel /casper/vmlinuz file=/cdrom/preseed/ubuntu.seed boot=casper iso-scan/filename=/ubuntu910.iso quiet splash locale=en.UTF-8 --
initrd /casper/initrd.lz
boot

### Ultimate Boot CD 4.1.1 ###
title Ultimate Boot CD
find --set-root /ubcd411.iso
map /ubcd411.iso (hd32)
map --hook
root (hd32)
chainloader (hd32)

### Avira Rescue CD ###
title Avira Rescue CD
map /AviraRescueCD.iso (hd32)
map --hook
chainloader (hd32)

### Kaspersky Rescue Disk 8.8.1.36 ###
title Kasperky Rescue Disk
map /kav_rescue_2008.iso (hd32)
map --hook
chainloader (hd32)

title
kernel
initrd

# --- Reboot ---
title Reboot the System
reboot

# --- Shutdown ---
title Shut Down the System
halt

bt4.lst:

# By default, boot the first entry.
default 0

# Boot automatically after 30 secs.
timeout 30

#splashimage=/bootbt4/grub/bt4boot.xpm.gz


title Start BackTrack FrameBuffer (1024x768)
kernel /bootbt4/vmlinuz BOOT=casper boot=casper nopersistent rw quiet vga=0x317
initrd /bootbt4/initrd.gz

title Start BackTrack FrameBuffer (800x600)
kernel /bootbt4/vmlinuz BOOT=casper boot=casper nopersistent rw quiet vga=0x314
initrd /bootbt4/initrd800.gz

title Start BackTrack Forensics (no swap)
kernel /bootbt4/vmlinuz BOOT=casper boot=casper nopersistent rw vga=0x317
initrd /bootbt4/initrdfr.gz

title Start BackTrack in Safe Graphical Mode
kernel /bootbt4/vmlinuz BOOT=casper boot=casper xforcevesa rw quiet 
initrd /bootbt4/initrd.gz

title Start Persistent Live CD
kernel /bootbt4/vmlinuz BOOT=casper boot=casper persistent rw quiet 
initrd /bootbt4/initrd.gz

title Start BackTrack in Text Mode
kernel /bootbt4/vmlinuz BOOT=casper boot=casper nopersistent textonly rw quiet
initrd /bootbt4/initrd.gz

title Start BackTrack Graphical Mode from RAM
kernel /bootbt4/vmlinuz BOOT=casper boot=casper toram nopersistent rw quiet 
initrd /bootbt4/initrd.gz

title Memory Test
kernel /bootbt4/memtest86+.bin

title Boot the First Hard Disk
root (hd1)
chainloader +1

title
kernel
initrd

title Return to Main Menu
configfile /menu.lst

gparted.lst:

timeout 300
prompt 0
noescape 1


title GParted Live (Default settings)
kernel /gparted/vmlinuz1 live-media-path=/gparted bootfrom=/dev/sd boot=live union=aufs noswap vga=788 ip=frommedia
initrd=/gparted/initrd1.img

title GParted Live without framebuffer
kernel /gparted/vmlinuz1 live-media-path=/gparted bootfrom=/dev/sd boot=live union=aufs noswap ip=frommedia vga=normal
initrd=/gparted/initrd1.img 

title GParted Live failsafe mode
root (hd0,0)
kernel /gparted/vmlinuz1 live-media-path=/gparted bootfrom=/dev/sd boot=live union=aufs noswap acpi=off irqpoll noapic noapm nodma nomce nolapic nosmp ip=frommedia vga=normal
initrd=/gparted/initrd1.img

title
kernel
initrd

title Return to Main Menu
configfile /menu.lst

knoppix.lst:

title Adriane
kernel /KNOPPIX/linux ramdisk_size=100000 lang=en vt.default_utf8=0 apm=power-off vga=0x311 nomce quiet loglevel=0 nolapic_timer adriane
initrd=/KNOPPIX/minirt.gz

title Knoppix (Default)
kernel /KNOPPIX/linux APPEND ramdisk_size=100000 lang=en vt.default_utf8=0 apm=power-off vga=791 nomce quiet loglevel=0 nolapic_timer
initrd=/KNOPPIX/minirt.gz

title Knoppix (800x600)
kernel /KNOPPIX/linux APPEND ramdisk_size=100000 lang=en vt.default_utf8=0 apm=power-off vga=788 xmodule=fbdev nomce quiet loglevel=0 nolapic_timer
initrd=/KNOPPIX/minirt.gz

title Knoppix (1024x768)
kernel /KNOPPIX/linux APPEND ramdisk_size=100000 lang=en vt.default_utf8=0 apm=power-off vga=791 xmodule=fbdev nomce quiet loglevel=0 nolapic_timer
initrd=/KNOPPIX/minirt.gz

title Knoppix (1280x1024)
kernel /KNOPPIX/linux APPEND ramdisk_size=100000 lang=en vt.default_utf8=0 apm=power-off vga=794 xmodule=fbdev nomce quiet loglevel=0 nolapic_timer
initrd=/KNOPPIX/minirt.gz

title
kernel
initrd

title Return to Main Menu
configfile /menu.lst

trk.lst

#splashimage /trk3/trk.xpm.gz

title Run Trinity Rescue Kit 3.3 (default)
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 vollabel=MULTIPASS
initrd /trk3/initrd.trk 

title Run TRK 3.3 as bootserver to boot other TRK clients
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 trkbootnet vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 from RAM (best &gt;= 512mb, 256mb min)
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 trkinmem vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 with bigger screenfont
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 normalfont vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 in simple VGA mode (debugging of kernel output)
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=1 pci=conf1 splash=off vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Virusscan all drives (non interactive)
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 virusscan vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Try more pcmcia and usb nics (when not detected)
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 pcmcia vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Try more SCSI drivers (when disks not detected)
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 scsidrv vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 with a secure shell server enabled
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 sshd vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Execute local scripts on harddrive of PC
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 locscr vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Fileshare all drives, secured with user
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 smbsec vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Fileshare all drives as guest, no security
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 smbguest vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Single user mode
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 runlevel 1 vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Acpi=off, noapic  PCI=bios (Alternate boot 1)
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose acpi=off noapic pci=bios vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Acpi=off, noapic PCI=any (Alternate boot 2)
kernel /boot/boot.trk/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose acpi=off noapic vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - PCI=conf2 (Alternate boot 3)
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf2 vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - Verbose startup for debugging after initial bootphase
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 debugging vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - SSH server and run from RAM
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 sshd trkinmem vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 - SSH server, run from RAM, act as a secure fileserver
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 sshd trkinmem smbsec vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run TRK 3.3 with proxyserver support enabled
kernel /trk3/kernel.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose pci=conf1 proxy vollabel=MULTIPASS
initrd /trk3/initrd.trk

title Run Memory tester: Memtest86+ v1.65
kernel /trk3/memtest.x86

title Return to Main Menu
configfile /menu.lst

VMwareDude · January 9, 2010

hey guys, great episode btw. Now i just started on all this and have my 8gb cruzer formatted FAT32, when i go to run Grub installer (choose hd6 as that is what my usb comes up as and click install) i get the following message.
grubinst: write: Bad file descriptor
Now i now its stupid to get stuck on this step, im pretty sure i can do everything else but i have no clue where to go from this problem, thanks

I hit the same issue with a SanDisk 32 GB Flash Drive and solved the issue by reformatting and selecting a smaller block size (smallest available from Windows 7). Reran grubinst_gui.exe and everything worked.

phen1x13 · January 22, 2010

This is my menu.lst

I/ Backtrack

-Unzip ur iso file using 7zip and copy the 2 boot folder

- This part is VERY IMPORTANT: make sure you go to boot/grub/menu.lst and change the original menu.lst

** as you will see below, i changed the name of my boot from boot to bootBT4

II/ Ubuntu9-10

- You need the iso file in your MultiPass root

- make another copy of the iso file (on your desktop and unzip it), then copy the casper file

III/Overall

- MAKE SURE THAT THE NAME & EXTENSIONS OF THE FILES (ISO, IMG and so on) IN YOUR MULTIPASS IS THE SAME AS THE ONES IN YOUR MENU

- If you have any question just let me know and i'll try the best that i can to help.

The code is as follow:

splashimage /MultiPass001.xpm.gz

color white/black green/black
timeout 120


title Boot The First Hard Disk
rootnoverify (hd1)
chainloader +1


title BackTrack 4: Penetration testing toolkit
configfile /bootBT4/grub/BT4menu.lst
savedefault


title Ubuntu 9-10 LiveCD
find --set-root /Ubuntu-910.iso
map /Ubuntu-910.iso (0xff)
map --hook
root (0xff)
kernel /casper/vmlinuz file=/cdroom/preseed/ubuntu.seed boot=casper iso-scan/filename=/Ubuntu-910.iso quiet splash locale=en.UTF-8 persistent --
initrd /casper/initrd.lz


title Windows XP/2000/2003 Setup- First and Second parts
root (hd0,0)
configfile /winsetup.lst
savedefault
//Directory is excluded in tree still testing this, please refer to notes at the bottom of the tree output//


title Kon-Boot-test: Bypass Logon for Windows and Linux - Login name is root.
map --mem /konboot-v1.1.img (fd0)
map --hook
chainloader (fd0)+1
map (hd1) (hd0)
map --hook
rootnoverify (fd0)


title Memtest86: Advanced Memory Diagnostic Tool.
map (hd0,0)/memtest86+-4.00.iso (hd32)
map --hook
chainloader (hd32)
boot
//Mem-test is called directly from an ISO on the root here.//


title NTpasswd: Password Recovery on Vista/XP.
kernel /NTpasswd/vmlinuz rw vga=1 initrd=/NTpasswd/initrd.cgz /ntpasswd/scsi.cgz
initrd /NTpasswd/initrd.cgz


title System Rescue CD: repair unbootable or otherwise. damaged computer systems
root (hd0,0)
kernel /rescuecd initrd=initram.igz video=ofonly vga=0 scandelay=5
initrd /initram.igz

title Trinity Rescue Kit - ISO
map --mem (hd0,0)/trinity-rescue-kit.3.3-build-334.iso (hd32)
map --hook
chainloader (hd32)
boot


title DBAN: Hard Drive Disk Wipe and Data Clearing.
kernel /memdisk
initrd /DBAN.img


title FreeDOS: free DOS-compatible operating system for IBM-PC compatible systems.
map (hd0,0)/FreeDOS.iso (hd32)
map --hook
chainloader (hd32)
boot
//FreeDOS is called directly from an ISO on the root here. Not all software’s can be used like this.//
title
kernal
initrd
# --- Notes ---
title Notes
configfile /menu2.lst
savedefault

title Serials select and press E to view
map Windows 7 64b        XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
map Windows 7 32b        XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
map Windows XP 32b        XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
kernel
boot
//By pressing E you may see predefined keys then return to your menu with this entry//


# --- Shutdown ---
title Shut Down the System
halt
# --- Reboot ---
title Reboot the System
reboot

Charles · January 22, 2010

I didn't need to copy the casper directory to the root for Ubuntu. I did however, need to copy it for BT4 Final. *shrugs*

phen1x13 · January 22, 2010

@ Charles ... is your Ubuntu menu different and does it boot well?

Charles · January 22, 2010

title Ubuntu 9-10 LiveCD
find --set-root /Ubuntu-910.iso
map /Ubuntu-910.iso (0xff)
map --hook
root (0xff)
kernel /casper/vmlinuz file=/cdroom/preseed/ubuntu.seed boot=casper iso-scan/filename=/Ubuntu-910.iso quiet splash locale=en.UTF-8 persistent --
initrd /casper/initrd.lz

Mine is a little different. I'm guessing yours in a persistent liveusb?

### Ubuntu 9.10 x86 LiveCD ###
title Ubuntu 9.10
find --set-root /ubuntu910.iso
map /ubuntu910.iso (0xff)
map --hook
root (0xff)
kernel /casper/vmlinuz file=/cdrom/preseed/ubuntu.seed boot=casper iso-scan/filename=/ubuntu910.iso quiet splash locale=en.UTF-8 --
initrd /casper/initrd.lz
boot

phen1x13 · January 23, 2010

Is anyone here who's Backtrck4 is working "really" well. Somehow mine now refuses to go past this: Start BackTrack FrameBuffer, Start BackTrack Forensics and so on.

Charles · January 24, 2010

Is it actually booting or getting stuck at the menu?

Mine is working fine.

Tree:

.
|-- bt4final
|   |-- bootsplash
|   |-- grub
|   |   |-- bt4.xpm.gz
|   |   |-- bt4final.lst
|   |   `-- stage2_eltorito
|   |-- initrd.gz
|   |-- initrd800.gz
|   |-- initrdfr.gz
|   |-- memtest86+.bin
|   `-- vmlinuz
|-- casper
|   |-- filesystem.manifest
|   |-- filesystem.manifest-desktop
|   `-- filesystem.squashfs
|-- fingerprint.xpm.gz
|-- grldr
`-- menu.lst

menu.lst entry:

### Back|Track 4 Final ###
title BackTrack 4 Final
configfile /bt4final/grub/bt4final.lst

bt4final.lst:

# By default, boot the first entry.
default 0

# Boot automatically after 30 secs.
timeout 30

#splashimage=/bt4final/grub/bt4.xpm.gz
foreground e3e3e3
background 303030

title Start BackTrack FrameBuffer (1024x768)
kernel /bt4final/vmlinuz BOOT=casper boot=casper nopersistent rw quiet vga=0x317
initrd /bt4final/initrd.gz

title Start BackTrack FrameBuffer (800x600)
kernel /bt4final/vmlinuz BOOT=casper boot=casper nopersistent rw quiet vga=0x314
initrd /bt4final/initrd800.gz

title Start BackTrack Forensics (no swap)
kernel /bt4final/vmlinuz BOOT=casper boot=casper nopersistent rw vga=0x317
initrd /bt4final/initrdfr.gz

title Start BackTrack in Safe Graphical Mode
kernel /bt4final/vmlinuz BOOT=casper boot=casper xforcevesa rw quiet 
initrd /bt4final/initrd.gz

title Start Persistent Live CD
kernel /bt4final/vmlinuz BOOT=casper boot=casper persistent rw quiet 
initrd /bt4final/initrd.gz

title Start BackTrack in Text Mode
kernel /bt4final/vmlinuz BOOT=casper boot=casper nopersistent textonly rw quiet
initrd /bt4final/initrd.gz

title Start BackTrack Graphical Mode from RAM
kernel /bt4final/vmlinuz BOOT=casper boot=casper toram nopersistent rw quiet 
initrd /bt4final/initrd.gz

title Memory Test
kernel /bt4final/memtest86+.bin

title Boot the First Hard Disk
root (hd0)
chainloader +1

phen1x13 · January 24, 2010

Thanks i have the same thing but i think it's because my casper folder is missing this file: filesystem.squashfs, and i cant put it back on

Charles · January 24, 2010

You can't pull it from the iso and put it into the casper folder?

phen1x13 · January 24, 2010

nope. For some reason, it's the only file in the casper folder that i cannot copy. I don't know if maybe it's because of the size (1.4GB); although i doubt.

Charles · January 24, 2010

Hrm. How much space is left on yer thumb drive?

phen1x13 · January 24, 2010

i have a 16GB thumb drive, i have more than 11GB left but somehow that file doesn't want to go. I tried xcopy and so on. I just used unetbootin to burn the iso image to my usb but then the volume changes from 1.4Gb to 0 byte. Bracktrack does boot but it stucks at the loading page (i think it's the one before this: http://miss-networks.com/wp-content/upload...-backtrack.jpg).

And i wanted to pend the day to work on hacksaw....

Charles · January 24, 2010

Hrm. I would suggest verifying the MD5sum of the iso and then try extracting to to a folder on the desktop using something like 7-zip. See if it will extract, then move it over to the usb drive.

phen1x13 · January 24, 2010

Thanks, it works. I put everything (except menu.lst and grldr) into a hidden folder on the usb as to make sure that they are secure (sort of the way real usb programs are done). Now all i have to do is change the path of all the files in the menu list and backtrack menu list.

judgefeyd · February 9, 2010

I am still quite a newbie here so please bear with me. I started off by following the Grub 2 instructions from http://hak5.org/forums/index.php?showtopic=14111 and set up my multipass drive like this:

boot

--grub

---(all the grub files)

BT4

--bootbt4

---(all those files)

--casper

---(all those files)

--(all the files associated with BT4)

TRK

--pxelinux.cfg

---(empty)

--trk3

---(associated files)

--(rest of the TRK files)

grldr

menu.lst

Here is my menu.lst:

title BackTrack 4

kernel /BT4/bootbt4/vmlinuz vga=0x317 ramdisk_size=6666 root=/dev/ram0 rw quiet

initrd=/BT4/bootbt4/initrd.gz

boot

title Trinity Rescue Kit 3

kernel /TRK/kernel.trk initrd=/initrd.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose

initrd /TRK/initrd.trk

What I get when I boot from the drive is the VT100 command prompt and not the menu of what to choose to boot. What next step would I take?

Thanks for all your help

Netshroud · February 9, 2010

Grub2 doesn't use menu.lst, it uses grub.cfg which has a different syntax.

judgefeyd · February 22, 2010

Grub2 doesn't use menu.lst, it uses grub.cfg which has a different syntax.

thanks Psychosis

lufthansa747 · March 30, 2010

i have a 16gb sandisk cruiser. i tried using usbprep and got a formatting error. so i then formatted the usb with the disk manager tab. then i ran the grub gui and i got the message mdr was istalled succsefuly. then i added the grldr file and added a menu.lst file. but when i tried booting it i got a message saying. please remove all devices and retry? what do i do.

one more quik note, i am running xp and it gives me the above problems but i tried it on a laptop with vista and it loaded up to grubs main screen. y is that

Edited March 30, 2010 by lufthansa747

H@L0_F00 · March 31, 2010

Sounds like it's your machine that's throwing the error and not GRUB4DOS/GRUB2

lufthansa747 · March 31, 2010

oh so i guess there is nothing i can do. and second when you run back track which setting do you choose because there is a list of like 10 different ones to run.

H@L0_F00 · March 31, 2010

Well if it works on other PCs and/or VMs, then you can try fiddling around with the BIOS or maybe try PLoP.

For Back|Track, use which ever boot argument suit your needs, which will most likely be the first or second choice.

lufthansa747 · March 31, 2010

ok but like what option do the hak5 guys use. cause they have like a mouse. when i run it i only have a comand line

H@L0_F00 · April 1, 2010

Sounds like you need to run "startx"

lufthansa747 · April 1, 2010

what is startx and how do i instal it

Sign In

Episode 5x24

Recommended Posts

Link to comment

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Recently Browsing 0 members