Tuesday 3 September 2013

'Hide' grub4dos menu.lst and other 'sensitive' files

If you have made a grub4dos bootable USB drive and you have password protected the menu.lst (or maybe just some of the menu entries) using the grub4dos password command, it is really quite easy for someone to hack the menu.lst file and simply remove the password lines just by using Notepad.

Another scenario is that you have set up an expiry date in the menu.lst file, so that when the expiry date is reached, a message will warn the user that it has expired and it should be updated and you don't want this to be circumvented! . See here for details on how to set this up.

Here are two ideas which I use to deter the amateur hacker.

1. Use 7Zip to compress the menu.lst file (or any sensitive .g4b batch files or other files loaded by grub4dos) to GZip format. Ensure that the resultant filename and extension is not changed and grub4dos will still run it just fine.

2. Set the file attribute on the 'sensitive' files (e.g. menu.lst) to Hidden (right-click - properties - Hidden).
You could also set the file attribute to System+Hidden+ReadOnly to make it even more difficult to see in Windows Explorer. You can use the Windows command line and the attrib menu.lst +h +r +s command or use NirSoft BulkFileChanger to do this.

This (compression to Gzip +  attribute change) will also work on most of the grub4dos Easy2Boot files (e.g. all .g4b, .lst and .mnu files and even your \_ISO\MyE2B.cfg file). Just keep the filename and the extension the same. Any file loaded by grub4dos that is detected as being in compressed gzip format is automatically uncompressed by grub4dos when it is read.

Of course, now I have told everyone this, it is no longer a secret!


Footnote: Another format that grub4dos can read is lzma, but not the standard lzma compression used by 7Zip. This format is slightly better because if you open it in NotePad, you don't see any tell-tale header information. For this lzma compression which grub4dos understands, we need to use the Windows lzma.exe utility

1. Download lzma.exe from https://code.google.com/p/grub4dos-chenall/downloads/detail?name=lzma.exe
2. Open command prompt
3. Type
                  lzma.exe e J:\_ISO\MyE2B.cfg J:\_ISO\MyE2B.cfg.lzma
4. Delete the original file and rename the lzma so it is the same name as the original (e.g. MyE2B.cfg).

To decode the compressed file, use the d parameter:

              lzma.exe d J:\_ISO\MyE2B.cfg J:\_ISO\MyE2B.cfg.txt

P.S. 7Zip can also decode the compressed lzma files if you add the .zip extension - 7Zip lists them as LZMA:23 encoded files.

For more details and also a handy drag&drop utility to compress E2B files (without changing the original filename) see Tutorial 72a here. It also has a decompress drag&drop utility included too. Each file selected is checked first to ensure you don't try to double-compress a file by mistake!

Posted by at No comments:

E2B - bitdefender ISO + persistence now supported

You can run a BitDefender .ISO with persistence from an E2B USB drive which keeps AV updates on the USB drive's persistent ext2 filesystem. I have added a new .mnu file to the E2B download - look in the \_ISO\docs\Sample mnu files folder (as usual).
Posted by at No comments:
Topics:

Sunday 1 September 2013

New Easy2Boot Intro Video

Easy2Boot v1.07 Video now on YouTube



Posted by at No comments:

Saturday 24 August 2013

Easy2Boot v1.07 now available

Download Version 1.07 here.

  • Latest grldr gives better alphabetical sorting (e.g. _fred.iso now listed in E2B menu before afred.iso).
  • .isope file extension support - if WinPE2/3/4 iso then when wpeinit runs, the iso will be loaded as a virtual CD/DVD.  See here for more info.
  • WinPE ISOs (.isope) can mount the .ISO after booting and user can define any drive letter for the ISO and auto-run a post-cmd batch file once ISO is loaded. See here for more info.
  • ISOASK variable supported (is set, will ask user how to run every .iso). See here for more info.
  • Can force any .iso to run as if it had a different file extension by creating a .mnu file for the iso file. See here for more details.


Posted by at 11 comments:

Sunday 18 August 2013

E2B v1.07 Beta5

Another small change for Zalman ZM-VE200/300/400 CD emulator owners! You do not have to change the .iso file extension for E2B now.

This version allows you create a .mnu file for each .iso file that requires a different extension for E2B.

For instance, if you have a Hirens iso file and you want to run it with the .isowinvh file extension in E2B, but leave the hirens iso file with a .iso extension on the Zalman E2B drive, use this .mnu text:

title Hirens ISO\n Boot direct from Hirens ISO\n If running DOS utilities from an NTFS drive you may need to select the NTFS driver when offered a choice instead of AUTO
/%grub%/qrun.g4b force.isowinvh %MFOLDER%/Utility/Hiren's.BootCD.15.2.iso
boot

The force.isowinvh is a dummy filename (any filename will do!) followed by the extension that you want E2B to use. Whatever extension is specified in this first dummy parameter will be used to run the .iso file that is specified in the second parameter. So in this case, the Hirens .iso file will be run by E2B as if it had a .isowinvh file extension.

In the example above, the hirens iso file and .mnu file would be present in the \_ISO\UTILITIES\Utility folder or \_ISO\MAINMENU\Utility folder  (i.e. at the \_ISO\xxxx\Utility level).

Posted by at 1 comment:

Friday 16 August 2013

E2B v1.07Beta 4 now available - BUGFIX!

bugfix for v 1.00 and all later versions - %MFOLDER% was set to ()/_ISO/xxx instead of /_ISO/xxx by AUTOMN.g4b. This meant that some sample .mnu files that used (bd)%MFOLDER% did not work and you needed to remove the (bd) portion to get them to work.
Beta4 fixes AUTOMN.g4b so that MFOLDER is now /_ISO/xxxx  as it was in most previous Beta versions.
If you are having problems getting the sample .mnu files to work, try this new version!
See Easy2Boot V1 Tutorial 72a  (bottom of page) for the download.
Posted by at No comments:

Thursday 15 August 2013

E2B v1.07Beta3 now available

If you add the line
set ISOASK=1
to your \_ISO\MyE2B.cfg file, then any ISO file listed in the E2B menus will run as if the extension was .isoask  (i.e. it will run the .iso and ask you to choose a way to run it).
This means if you have a Zalman CD/DVD  USB HDD caddy, you do not have to have duplicate copies of all the iso files (e.g. have hirens.isowinvH for E2B and hirens.iso for the Zalman). All your files can be .iso but when running E2B, it will ask you how to run them.
Posted by at 1 comment:

Easy2Boot 1.07 Beta 2 now available

This has enhanced WinPE2/3/4 ISO support.
If you place a file that is the same filename as the ISO in the same folder as the WinPE ISO, e.g.
\_ISO\MAINMENU\WinPEx86ABC.isoPE
\_ISO\MAINMENU\WinPEx86ABC.cmd

WinPEx86ABC.cmd
===============
set ISOLETTER=S:


 then if no <isoname>.cmd file exists then Y: is used, otherwise the letter set in your .cmd file is used. If Y: is already used then the next free letter will be used to mount the WinPE ISO.

Now .cmd files as well as .mnu and .txt files will not be listed in the menu.

This version also supports the .isoPE01  extension. This has the same function as .isoPE but swaps hd0 and hd1 over before booting to the ISO. This may be useful for some repair ISOs that expect hd0 to be the primary internal system disk.

Beta2a has minor change to add double-quotes around the iso filename when ImDisk is called to load the ISO - this should (may) allow filenames with spaces in them to work (e.g. SVR2012).
Posted by at 7 comments:

Wednesday 14 August 2013

Easy2Boot v1.07Beta now available

This version recognises iso's with a .isoPE extension.

This can be used with Vista/7/8 WinPE ISOs. If the extension is .isoPE then when WinPE runs and wpeinit starts, the .ISOPE file will be automatically loaded in WinPE as a virtual CD/DVD drive.
This means that once the WinPE is fully loaded, it will have access to all the files in the ISO as a virtual CD/DVD drive.
Note that this only works if you use an E2B USB flash drive, or use an E2H USB HDD + USB 'Helper' Flash drive, as the \unattend.xml file is required to be on a 'removable' USB drive for this to work.

This version is available from the downloads section of the E2B Tutorial here.

There have also been some minor changes to the LOADISOxx.cmd files used for Vista/7/8 install ISOs but hopefully this should not affect their function at all.
Posted by at 2 comments:

Monday 5 August 2013

Easy2Boot v1.06

If you update your current E2B USB drive, it will make quite a few changes and you will need to delete some files from your existing E2B USB drive - otherwise you may get duplicate entries in the menu!

The big change in this version is that ALL files are sorted alphabetically. In previous versions you could either have all .mnu files listed in the menu first and then all payload (e.g. .iso) files OR all payload files first and then all .mnu files.

With version 1.06  .mnu and payload files are enumerated in one go, so the menu will list entries according to the files alphanumeric order. This means you can arrange the menu better (just sort the files by name in Windows Explorer to see what order they will be in). It also means that the boot is quicker as the whole \_ISO folder is only enumerated once instead of twice.

I have had to re-organise some files in the \_ISO\Mainmenu folder.  Mainmenu.mnu is gone and so are the SubMenuxxx.mnu files. Instead we have some ZZxxxxx.mnu files. Obviously these will be listed last in the main menu.

Although all menu entries will now be listed in the menu according to their filename, it is important to realise two things:

1. If a .txt file is specified for a payload file, or a .mnu file is found, then the actual text that appears in the menu is that contained in the file.
e.g.
a.mnu   (contains 'title X files')
z.iso  
z.txt     (contains 'title Runs z.iso')

then the menu will look like this
X files
Runs z.iso
2. Files in sub-folders will be listed alphabetically as each folder name is discovered. This means that a .mnu file entry from a file at \_ISO\MAINMENU\A\Zlot.mnu will appear in the main menu before a payload file at \_ISO\MAINMENU\backup.iso.



If you want to try the new version, you can download it here.

I recommend you make a new USB E2B drive and re-copy your payload files onto the drive.

If you want to just update your current E2B drive then you will need to delete the following files:
All \_ISO\MAINMENU\SubMenuxxxxx.mnu files
\_ISO\MAINMENU\mainmenu.mnu
\_ISO\e2b\grub\adf2mm.g4b (no longer required)
Note that you can now control the position of each individual menu entry (except F9 and F10 which will always be last in the menu) by renaming the payload and .mnu files.

Files in \_ISO\MAINMENU folder
=========================
ZZSubMenuAntiVirus.mnu
ZZSubMenuAuto.mnu
ZZSubMenuBackup.mnu
ZZSubMenuDos.mnu
ZZSubMenuLinux.mnu
ZZSubMenuUtilities.mnu
ZZSubMenuWinPE.mnu
ZZWindowsInstall.mnu

ZZZF7BootHdd.mnu
ZZZF8ReloadMenu.mnu

If you want the sub-menu entries for the sub-folders to be listed first in the main menu, just add $ in front of the first 8 ZZxxxx.mnu files.

Note that ZZZF7BootHdd.mnu and ZZZF8ReloadMenu.mnu must not be deleted and must be alphabetically last so that the F9 and F10 entries, which are automatically added to the end of the menu by E2B, will be listed in order and look nice!

Please add a comment if you have tried this and give me your feedback!






Posted by at 20 comments:
Subscribe to: Posts (Atom)