Sunday, 27 November 2016

How to add secret, hidden menu entries to E2B

Paul wanted to prevent certain payloads from being listed in the E2B menu system so that the normal user would not be aware that they even existed.

He wanted a secret hotkey + password which would allow the hidden payloads to appear in the E2B menu system.

We can stop any file from being listed as a payload in E2B by using a .txt file and the iftitle test feature. For instance, we can test for the environment variable 'SECRET' and if it does not exist then the menu entry will not be shown...

iftitle [if exist SECRET] Windows 10 English International (32-bit)\n My Secret ISO

We can set the SECRET variable using a hotkey + password.

In the example below, if you type CTRL+F9 (in any menu) then a blank screen will appear with a password prompt.

You can then type the password SECRET  (in capital letters), and any hidden menu items will then magically appear in the E2B menus!

To make them disappear again, type CTRL+F9 again and press ENTER instead of entering the correct password or press F8 when in the Main menu to reload E2B. Or you could define a CTRL+F10 key to hide them all again more quickly (see below).

Here is how to set this up...


1. Add this single line to your \_ISO\MyE2B.cfg file (if you don't have one already then start the MyE2B.cfg text file with !BAT as the first line). Change the password SECRET (shown in red below) to whatever password you want to use...

()/%grub%/hotkey [Ctrl+F9] "clear && echo -e \nSecret Menu\n===========\n\n && set SECRET= && password SECRET && set SECRET=1 ;; configfile (md)0x3000+0x50" > nul

For other variations, see the section below. We can use 'call Fn.70 3 ;; clear' to preserve the wallpaper background, redirect the password prompt to > nul so it is not seen by the user, and even switch the wallpaper to a different one if the password was correct, etc.

2. For each payload that you want to be hidden, create a .txt file with an iftitle test for the SECRET environment variable as follows:

e.g. #1
\_ISO\WINDOWS\WIN10\Win10_1607_EnglishInternational_x32.iso
\_ISO\WINDOWS\WIN10\Win10_1607_EnglishInternational_x32.txt  - containing...

iftitle [if exist SECRET] Windows 10 English International (32-bit)\n My Secret ISO

e.g. #2
\_I1SO\MAINMENU\WinToGo10.imgPTN
\_ISO\MAINMENU\WinToGo10.txt  - containing...

iftitle [if exist SECRET] Windows To Go 10\n My Secret WinToGo

e.g. #3
\_I1SO\MAINMENU\WinToGo1064.VHD
\_ISO\MAINMENU\WinToGo1064.txt  - containing...

iftitle [if exist SECRET] Windows To Go 10 VHD\n My Secret WinToGo

Alternative hotkey prompts

Below are some more examples of how we could set up the hotkey(s).

You may want to also set up CTRL+F10 to instantly hide the menu entries as well as CTRL+F9.

Remove the ### comment characters from one of these lines:

# No password - Ctrl+F9 shows secret items always
###()/%grub%/hotkey [Ctrl+F9] "set SECRET=1 ;; configfile (md)0x3000+0x50" > nul

# No password - Ctrl+F10 hides secret items always
###()/%grub%/hotkey [Ctrl+F10] "set SECRET= ;; configfile (md)0x3000+0x50" > nul

# Blank screen (no wallpaper), heading and password prompt
###()/%grub%/hotkey [Ctrl+F9] "clear && echo -e \nSecret Menu\n===========\n\n && set SECRET= && password SECRET && set SECRET=1 ;; configfile (md)0x3000+0x50" > nul

# Clear menu only - user just sees wallpaper and cursor
###()/%grub%/hotkey [Ctrl+F9] "call Fn.70 3 ;; clear ;; set SECRET= && password SECRET > nul && set SECRET=1 ;; configfile (md)0x3000+0x50" > nul

# Clear menu with wallpaper and prompt user for password
###()/%grub%/hotkey [Ctrl+F9] "call Fn.70 3 ;; clear && set SECRET= && password SECRET && set SECRET=1 ;; configfile (md)0x3000+0x50" > nul

# Clear menu and prompt user for password, change background if successful to GreatLakes.bmp
###()/%grub%/hotkey [Ctrl+F9] "call Fn.70 3 ;; clear && set SECRET= && password SECRET && set SECRET=1 && splashimage /_ISO/GreatLakes.bmp ;; configfile (md)0x3000+0x50" > nul


.txt file for 64-bit files

Use this if you don't want to see any menu entry on a 32-bit system (for use with 64-bit payload files)

iftitle [checkrange 2,3 is64bit && if exist SECRET] Windows 10 64-bit \n Only displayed on 64-bit systems

See the E2B page for more info.