E2B v2.04d fixes 'imdisk' bug when installing Windows from agFM

If you are using agFM v1.50 or later and are using a Removable USB drive for E2B, then you will find that the Windows Install from ISO function using agFM stops with an 'imdisk' error if you also use an XML file.

This is due to agFM actually using ImDisk to mount the ISO now (since v1.50) and so the E2B cmd file tries to install imdisk again.

If you are using a USB Fixed disk for E2B then you won't see this error.

This bug is fixed if you update to E2B v2.04d.

I will release E2B v2.04 very soon, so please let me know if you find any issues with it.

E2B eBooks special offer ends tomorrow - SORRY - TOO LATE NOW!

Some of the eBooks were previously priced at $6.99, $7 and $10 but for the month of May the price was reduced to just $5 each. If you buy more than one eBook you get a 10% reduction on all eBooks in your Basket too.

This 'Corona' special offer ends tomorrow when the price will go up from $5 each to $6.99 each.

P.S. There are a few reviews about the eBooks on the GuestBook page if you want to see if they might be useful to you (and I didn't pay them to write that - honest!).

agFM v1.51 for E2B officially released

See previous blog article for details.
To update, you can now run  \e2b\Update agFM\Download and update agFM_v2.cmd.

For best results, you should also download the latest Beta of E2B.

agFM eBook #4 v1.13 is now available (updated today).

agFM v1.51v2 Beta now available

Download from Alternate Download site as usual.

This version adds the ability to use a file with a .imgptnREP3 file extension (file must be on partition 3).

Changes from 1.50 (v1.51v2 changes in orange)

• New search (F) button added (e.g. search for file types such a .iso, .wim). 
• Boot Windows ISO option now runs X:\Setup.exe so that Repair option is offered if no XML file is specified. 
• Allow use of file extension override suffixes (e.g. Medicat v18.10 stable_.isowin.iso) so extension can be kept as .iso but it will immediately boot with no secondary menu. 
• Support _.winntsetup.iso file extension suffix for booting to Windows PE from Install ISO and directly loading the ISO into WinNTSetup.exe. 
• Danish language. 
• Ventoy boot option for ISOs added
• Bugfix for Auxilliary partition image file not detected as hfs type 0xAF (e.g. MacOS..imgPTN23+MacOS.), 
• .imgPTNrep3 file extension now supported (file must be in partition 3). 
• Add a check to prevent one .imgPTN* file from being used if a .imgPTN* file has already been switched in (thus preventing the backup MBR from being overwritten). 
• The 'Restore E2B Partitions' menu entry in the startup_default.cfg menu is now displayed whenever the MBR partition table contains a 'switched-in' .imgPTN image.

The .imgptnREP3 file extension allows you to replace partition 3 with any other image file.

I extracted the 10GB 3.hfs file from a Niresh Catalina.dmg file and renamed it.

When it is switched in to replace partition 3, I can use the agFM menu to boot from it (use F3) - you should also be able to directly boot to it from a Mac using its Clover boot manager.

You can thus  UEFI-install any MacOS from one E2B drive.

Please feedback any issues/successes/failures!

agFM v.1.51v with Ventoy now available

A1ive has now added Ventoy v1.0.10 to the main build of agFM.

You can download the latest beta v1.51v from here.

The advantage of Ventoy is that it can work from a write-protected drive (but agFM requires writeable media for some functions) and the ISO files do not need to be made contiguous. It may also boot faster. The disadvantage is that it is relatively young and may have quite a few compatibility issues.

I have found that Ventoy does not seem to like UEFI-booting under VirtualBox, so if you experience any issues with the Ventoy boot option for ISOs, please test it on a real system.

Please note: There are three 'SKUs' of Ventoy v1.0.10:

1. Official Ventoy release from Ventoy website
2. Ventoy as added to A1ive grubfm
3. Ventoy as added to E2B+agFM

If you experience any issues on a real system with Ventoy, please first test by renaming \boot\grubfm\config on the agFM partition so that the E2B+agFM modifications are suppressed and thus you are testing the pure a1ive version of Ventoy.

Before reporting any Ventoy issues it is best to make an official Ventoy USB drive and re-test the same ISO on that and then report the issue to Ventoy via reboot.pro. Make sure you clearly state what version you have tested (Ventoy USB drive, or A1ive Ventoy (no config file), or E2B agFM Ventoy) and also how you booted (MBR or UEFI) + make\model of target system.

New agFM v1.51 Beta and E2B v2.04c Beta available

I have made some tweaks to agFM so that it can now directly boot Strelec, DLCBoot, HBCDPE, Bob Omb's PE, Gandalf PE and Medicat ISOs - no secondary menu is presented if you use file extension override suffixes.

agFM now understands some file extension override suffixes (similar to E2B feature) - e.g.  filename_.override.iso

The special suffix tells E2B\agFM to boot it as if it had that file extension. This allows the file to still keep it's .iso file extension which is needed by some WinPEs to make them work correctly.

· Medicat v18.10 stable_.isowin64.iso
· Bob Omb's WinPE_.isomap64.iso
· DLCBoot WinPE_.isohw.iso
· Windows 10 x64 Eng_.winntsetup.iso

Currently isowin, isomap, isodef, isodefault, isoagfm, isoloop, isohw, isope and winntsetup are supported - with or without the four special suffixes 64, 32, 3GB, 4GB.

agFM v.1.51 

• New search (F) button added (e.g. search for file types such a .iso, .wim from current folder). 
• Boot Windows ISO option now runs X:\Setup.exe so that the Windows Repair option is offered if no XML file is specified. 
• Allow use of file extension override suffixes (e.g. Medicat v18.10 stable_.isowin.iso) so extension can be kept as .iso but it will immediately boot with no secondary menu. 
• Support _.winntsetup.iso file extension suffix for booting to Windows PE from Install ISO and directly loading the ISO into WinNTSetup.exe.

This should be used with E2B v2.04c Beta.

Check the Alternate Download site for these new versions (see top-left sidebar).

Full details are in eBook #4 on agFM v1.12 which I have just updated so you can download the new versions now.

E2B v2.04b Beta includes Danish language and keyboard + better Strelec ISO support

v2.04b Beta now includes the Danish language as an option.

If you want to boot to a Strelec ISO, try the extension .isowin. This should allow you to boot to the two Win10 WinPEs using the Easy2Boot menu system or using the agFM menu system.

Easy2Boot v2.03 released

• a1ive grub2 File Manager.mnu and Enable or Disable UEFI Booting.mnu added to \_ISO\MAINMENU folder.
• The three letters 'MBR' will be ignored if present anywhere in any file extension. This can be used to prevent agFM from listed these files. Useful if the files do not support UEFI-booting and only boot via the E2B menu system.
• New version SWITCH_E2B.exe to fix small bug which affected the appearance only (not function). 
• New default background
• Update_E2B_Drive.cmd now will update agFM files if present. 
• Internet ping test changed in MAKE_E2B_USB_DRIVE.cmd script in case ipv4 blocked. 
• agFM Sample Mnu files folder added with examples files, 
• WinContig files updated
• Keyboard scan code files updated
• KeyCheck.g4b test script added (type KeyCheck from grub4dos console and press down keys to get BIOS key status codes (e.g. NUM LOCK, CAPS LOCK, CTRL, etc.)
• XP Step 1 now warns user if not enough memory to load XP ISO file into RAM
• Example commented code added to SDI_CHOCO.cmd for detecting UEFI or MBR boot

https://www.easy2boot.com/download/

64-bit Scraper cold-boot attack now available!

So the head of SMERSH switches off his password protected and BitLocker-protected PC and walks out of his office to go home for the night.

Stealing the hard drive will get you nowhere because it is encrypted.

But you quickly break into his office - remove the DIMM RAM sticks and plonk them into a flask of liquid Nitrogen and then go back to your secret base. After a few minutes you have collected all the bytes that were in that RAM into a file on your USB drive. Now you can analyse the file to find out what passwords and images, etc. were in his RAM just at the point he shut it down. For instance you could use PHOTOREC to find jpeg images or perhaps use some of the investigative tools in Kali Linux to find passwords or the BitLocker key?

Later you will return the DIMM sticks and no one will be any the wiser. If the BitLocker key or any passwords were found in memory, you could try them out and gain access to the encrypted hard drive too.

Up to now this was only possible for a maximum of 4GB because the 'scraper' code only worked as 32-bit code. However, Basel has now also compiled a 64-bit version for us which seems to work nicely!

My original blog was here and I have updated the original RMPrepUSB Article 124 to include a menu for the 32-bit and 64-bit versions that he has kindly provide - great work Basel!

So now even BitLocker will not protect you Colonel Niktin!

YouTube video of a Cold Boot Attack here.

P.S. A funny thing happened in the park this morning ...
The local park had just opened for the first time for ages (it had been closed due to Corona) and my brother took his collie dog there for a walk as he used to do in the pre-Corona days.
Once there, the dog had a great time and then she saw an old friend - a whippet that she loves to chase and play with. Then suddenly the whippet runs along and puts his foot in a rabbit hole or something and 'SNAP!' goes his right hind leg - broken!
Everyone came to his rescue and even a wheelbarrow was fetched by someone to transport him back to the car park and get him to the vets. No one blamed my brother or his dog - it was just a freak accident.
So my brother goes back to his car and there a middle-aged lady bends down to make a fuss of his collie dog when the lady stumbles, falls over and hits her head on a large stone on the ground. She was unconscious for quite a few seconds and took some more time to slowly come to her senses.
So after that, my brother drove home very slowly and carefully with his dog and they are both staying indoors all day just in case anything else happens! You couldn't make this up!

P.P.S. The vet set the dog's broken leg but unfortunately it later got infected and so had to be amputated. The dog has now been re-named as 'tripod'.

New large font theme for agFM (and discovery of a bug in grub2 themes)

I was experimenting with some grub2 themes yesterday (to use a large font for partially sighted users) and I wanted to create a menu which had a different theme.

However, I noticed a strange problem - sometimes one icon would be missing from the menu list!