Saturday 8 February 2014

Com! Magazin Readers (ISOs vom Stick booten)

Welcome, Com! magazine readers. This is just to tell you that the latest version of Easy2Boot is v1.28. The magazine used v1.17 which is now old.
Please obtain the latest version from here. If you want to install XP from an XP Install ISO, download "E2B + Windows XP Mass Storage Drivers [30MB]" - this includes XP 32-bit Mass storage drivers.

Herzlich willkommen, Com! magazin Leser. Dies ist nur zu sagen, dass die neueste Version der Easy2Boot ist v1.28. Das Magazin verwendet v1.17, die jetzt alt ist. 
Erhalten Sie die neueste Version von hier. Wenn Sie von einem XP XP installieren Installieren ISO wollen, laden Sie "E2B + Windows XP Massenspeichertreiber [30 MB]" - dazu gehören XP 32-Bit-Treiber für Massenspeicher.

Posted by at No comments:

Thursday 6 February 2014

Easy2Boot in Com! Magazine

If you subscribe to Com! Magazin (a German computer magazine), look out for an article on Easy2Boot in the 03/2014 issue on Friday 7th February!

http://www.com-magazin.de/news/com-magazin/neue-com-3-2014-da-237003.html



Posted by at No comments:

Easy2Boot v1.27

Note: I just re-tried v1.26 and it is working now! Seems this was a false alarm??? v1.26 and v1.27 should be the same and no need to update to 1.27!

v1.26 seems to have a problem with Win8 Install ISOs if a Helper USB drive is used together with a USB HDD - please update to E2B v 1.27 or later!!!

 The problem seems to be in the \_ISO\e2b\grub\ENG\RunWin8.g4b batch file, but as far as I can tell it has hardly changed for at least 3 previous versions, so I am not quite sure what the problem was. When I added a few lines to debug it, it just started working again!

 v. 1.27 seems to work though, so please update to this new version ASAP.

 Sorry for the inconvenience, I am still trying to figure out why it stopped working....


Posted by at No comments:

Wednesday 5 February 2014

Easy2Boot v1.26 available (with new batch file to make an E2B USB drive)

v1.26 2014-02-05
  1. Small changes so we can have individual XP ISO entries in the Main menu (e.g. 'Install XP Home' and 'Install XP Pro' can be in the main menu with no need to pick the ISO name). Use XP_Inst_from_MainMenu.mnu in sample mnu folder as an example.
  2. A few new sample .mnu files added for OpenElec and XiaOpan
  3. Latest grub4dos version 0.4.5c 2014-01-17
  4. New \_ISO\docs\Make_E2B_USB_Drive.cmd batch file added to automate making of an E2B drive (requires RMPrepUSB to be pre-installed).
The Make_E2B_USB_Drive.cmd batch file is designed to be run from the \_ISO\docs folder.
Download the E2B .zip file, extract it to a temporary folder on your hard disk and then double-click on the Make_E2B_USB_Drive.cmd batch file to make an Easy2Boot USB drive (requires Admin rights). It formats the USB drive (choice of FAT32 or NTFS), installs grub4dos and then copies the E2B files across. Your E2B drive is then ready to boot!

The batch file requires RMPrepUSB to be pre-installed on your system in the default (C:\Program Files) folder.

Make_E2B_USB_Drive.cmd - Initial Drive Selection

Make_E2B_USB_Drive.cmd - E2B drive completed

Posted by at No comments:

Sunday 2 February 2014

Adding Xiaopan to Easy2Boot

Xiaopan is a linux distro used for wireless penetration testing (e.g. cracking WPS). You can add the latest ISO to Easy2Boot in the usual way (i.e. just copy the .iso file to \_ISO\MAINMENU and then run WinContig to make the iso file contiguous). This will work on both FAT32 and NTFS E2B USB drives even though Xiaopan does not support NTFS.


However, if you want to run Xiaopan with persistence, it is easiest to use a FAT32 E2B USB drive.

To make your extensions and changes persistent, Tiny Core needs a directory to store them.

1. Extract the mydata.tgz file from the root of the ISO file using 7Zip
2. Copy the file to the root of the FAT32 USB boot drive
3. Rename the file to xi.tgz

If however, you have an NTFS E2B USB drive, we need to create an ext2 filesystem...

1. Use RMPrepUSB - Create ext2 FS to create an ext2 file of the filename x-rw in the root of the NTFS E2B USB drive (any size you choose).
2. Copy the Xiaopan.mnu file from the \_ISO\docs\Sample mnu files folder to an E2B subfolder (e.g. \_ISO\MAINMENU\MNU) - see below.
3. Move the Xiaopan ISO file to the same folder and rename it to Xiaopan.iso

Now when you boot from the ISO for the first time, use the Control Panel - Backup\Restore applet in Xiaopan and change the backup location from sdb4/ (may differ on your system but it should end in 4) to sdb3/. Now change the wallpaper colour and Exit. There should be no error message (if there is, try using Control Panel - Mount Tool to mount \sdb3 first and then Exit). When you run Xiaopan again, the wallpaper settings should be remembered.

The .mnu file is shown below:
#create an ext2 file in the root of the E2B USB drive called x-rw
#when Xiaopan boots, use the Control Panel - Backup\Restore applet to change the location to partition 3 - e.g. sdb3/

iftitle [if exist $HOME$/XIAOPAN.iso] Xiaopan (with persistence)\n Boot using .mnu file with persistence
if exist CD echo WARNING: Cannot use partnew command! && pause && configfile (bd)/menu.lst
set ISO=XIAOPAN.iso
set PER=x-rw
if "%E2BDEV%"=="" set E2BDEV=hd0 && pause E2BDEV forced to hd0!
#enable parttype output
debug 1
# make empty table entry in 3rd position in ptn table
parttype (%E2BDEV%,2) | set check=
debug off
set check=%check:~-5,4%
if "%check%"=="0x00" partnew (%E2BDEV%,2) 0 0 0
if not "%check%"=="0x00" echo WARNING: PTN TABLE 3 On %E2BDEV% IS ALREADY IN USE - PERSISTENCE MAY NOT WORK! && pause
debug 1
if not exist /%PER% echo WARNING: /%PER% persistence file not found! && pause
errorcheck off
if "%check%"=="0x00" partnew (%E2BDEV%,2) 0x0 /%PER%
errorcheck on
#map ptn 4 to ISO
partnew (%E2BDEV%,3) 0x0 $HOME$/%ISO%
map $HOME$/%ISO% (0xff)
map --hook
root (0xff)
chainloader (0xff)




Posted by at No comments:

Friday 31 January 2014

Transferring ISOs from an XBOOT USB drive to Easy2Boot

If you already have an XBOOT USB drive containing linux ISO files, you may have found that when you copy them to your Easy2Boot USB drive, they don't work.

This is because XBOOT modifies the ISOs. For a typical linux ISO, XBOOT will extract the files from the casper folder of the ISO file and then copy them to a subfolder under the \images folder on the USB drive. XBOOT also modifies the \isolinux\isolinux.cfg file contents (inside the ISO file) to add some cheat codes which will direct the linux kernel to load the squashfs files from a different folder, e.g.

label driverupdates=Use driver update disc
append driverupdates=debian-installer/driver-update=true

is converted to:

label driverupdates=Use driver update disc
append driverupdates=debian-installer/driver-update=true ignore_uuid live-media-path=/images/fdraptor/casper

The cheat codes added by XBOOT may work for some linux distros (or versions) but not for others. This is why it is 'hit-or-miss' as to whether XBOOT will work or not with 'unsupported' ISOs.

To move these XBOOT converted ISOs to an E2B USB drive we need to:

1. Copy the whole \images folder from the XBOOT drive to \images on the E2B drive
2. Move the ISO files to the \_ISO\MAINMENU folder

So if we had 'fdraptor' on our XBOOT drive, we would now have an E2B drive with these folders:
  • \images\fdraptor\casper\ - several files including filesystem.squashfs (700MB)
  • \_ISO\MAINMENU\fdraptor.iso (32MB)
As many linux initial kernels do not support NTFS, XBOOT does not work well on an NTFS drive. If you use these files on an E2B drive, the E2B USB drive needs to be formatted as FAT32 and not NTFS.

Of course, you can just download the original ISOs from the web and copy them to your E2B drive (even on an NTFS E2B drive) and it should work just fine.

The other alternative is to make a .imgPTN file from the XBOOT USB drive by dragging-and-dropping the drive letter onto the MPI_FAT32 desktop shortcut.

Posted by at No comments:

Easy2Boot .mnu files

Usually, when adding payload files to Easy2Boot, you just need to copy the file over and make sure it is contiguous. In some cases you may need to modify the file extension slightly too. However, for some 'special' payload files or if you want persistence when booting from linux ISOs, we need to use a .mnu file.

Below is a list of some of the .mnu files that can be found in the \_ISO\docs\Sample mnu Files folder of the Easy2Boot download in v1.25. More may be added to later versions, so always check for new examples!
Instructions on how to use .mnu files can be found by opening them in Notepad and reading the instructions within.
Read more »
Posted by at No comments:

Thursday 30 January 2014

Make a 'Forensics To Go' 32GB USB Flash drive

If you have a 32GB or larger USB pen and want a ready-made 'Forensic' multiboot USB Flash drive, try the (virtual disk) image provided on 'Hacking Exposed' by David Cowen\Kevin Stokes.  Download is here.


This USB disk image contains two FAT32 partitions, with XBOOT installed ISOs of...
  • SIFT 2.14
  • Kali Linux
  • Paladin 5
  • Raptor 3
on a hidden 2nd partition, and 4GB-worth of the following portable apps and tools on the first partition (which is visible to Windows):

Documents
analyzing-malicious-document-files.pdf
log2timeline-cheatsheet.pdf
Memory-Forensics-Cheat-Sheet-v1.pdf
Network Forensics Cheat Sheet.pdf
SANS-DFIR-Poster-2012.pdf
sbag.users.guide.v.0.24.pdf
SIFT Cheat Sheet and DFIR Curriculum.pdf
USB-Device-Tracking-Artifacts.pdf

Linux Tools
TZworks_64bit
TZworks_32bit
Truecrypt

Mac Tools
FortiClient_Installer.dmg
nmap-6.40-2.dmg
TrueCrypt 7.1a Mac OS X.dmg
TZworks

Portable Apps
PortableApps.com
2XClient
7-ZipPortable
AbiWordPortable
AntRenamerPortable
AutorunsPortable
BabelMapPortable
cdrtfePortable
ClamWinPortable
CommandPromptPortable
ConverberPortable
CrystalDiskInfoPortable
CubicExplorerPortable
DaphnePortable
DatabaseBrowserPortable
EraserPortable
EraserDropPortable
Explorer++Portable
FileAlyzerPortable
FileZillaPortable
FoxitReaderPortable
FrhedPortable
GetSudokuPortable
GoogleChromePortable
grepWinPortable
HDHackerPortable
HijackThisPortable
HWiNFOPortable
InfraRecorderPortable
IniTranslatorPortable
IrfanViewPortable
JkDefragPortable
KasperskyTDSSKillerPortable
KchmViewerPortable
KeePassPortable
KeepNotePortable
KiTTYPortable
McAfeeStingerPortable
Monster2Portable
CamStudioPortable
ChecksumControlPortable
ConvertAllPortable
DiffpdfPortable
Notepad++Portable
PasswordGorillaPortable
PeerBlockPortable
PidginPortable
ProcessExplorerPortable
ProcessHackerPortable
ProcessMonitorPortable
PuTTYPortable
PWGenPortable
RegshotPortable
SIWPortable
SkypePortable
SmartDefragPortable
SpybotPortable
SQLiteDatabaseBrowserPortable
SqlitemanPortable
StickiesPortable
SumatraPDFPortable
SystemExplorerPortable
TeamViewerPortable
ThunderbirdPortable
Toucan
UUID-GUIDGeneratorPortable
VLCPortable
WhoDatPortable
WindowsErrorLookupToolPortable
winMd5SumPortable
WinMTRPortable
WinSCPPortable
WiseDiskCleanerPortable
WiseProgramUninstallerPortable
WiseRegistryCleanerPortable
xpyPortable
CppcheckPortable
KompoZerPortable
NetHackPortable
PeaZipPortable
qBittorrentPortable
RevoUninstallerPortable
PortableApps.comLauncher

Windows Tools
volatility-2.3.1.standalone.exe
WiresharkPortable-1.10.5.paf.exe
Imager_Lite_3.1.1
NirSoft Tools
Password Tools
rrv2.8
Scalpel-2.0
SysinternalsSuite
Tools that require Install
TZworks 32bit
TZworks 64bit
USB Write - EnableProtect
Woanware


To make this USB Flash drive

You need a 32GB or larger USB drive.
1. Download the 8GB (!) USB_Multiboot.zip file from the blog here or the updated image here.
2. Extract the 30GB 'USB image for download.img' file to your system hard disk using 7Zip (or similar utility)
3. Run RMPrepUSB and insert your 32GB (or larger) USB Flash drive
Select the 32GB USB Flash drive in the top drive selection box and click on the File->Drive button.
Enter 1SEC for the file start sector (see screenshot), 0 for the USB start sector and 0 for the length.
After 10 -30 minutes you will have a bootable USB flash drive.

The image is from a 32GB USB Flash drive made using XBOOT. If you wish to add more files to it using XBOOT, you can must first change the partition order over as follows:

1. Run RMPrepUSB and select the 32GB drive
2. Type CTRL-O and select partition 2 when prompted

This will swap over the partitions and make visible the XBOOT 1st FAT32 partition containing the (modified) ISO files:
  • fdraptor.iso
  • hirensbootcd.iso
  • paladin.iso
  • siftworkstationrevusb.iso
You should now be able to run XBOOT and modify the contents.

When you have finished testing the USB drive, use RMPrepUSB - Ctrl-O to change back the partitions and make the applications partition visible to Windows again.

You can either boot from this USB drive on a 'live' system or boot from it (or the original .img file) with the 'target' hard-disk image in VirtualBox.

Note: XBOOT modifies the .ISO files and extracts and removes the squashfs (casper) files into a subfolder under \images. Therefore these .iso files cannot just be 'dropped' onto an Easy2Boot drive as they will not boot correctly. These XBOOT ISOs can be used if you copy the whole \images folder from the XBOOT partition to the root of a FAT32 E2B USB drive (not NTFS - it won't work!) and then move the .iso files to the \_ISO\MAINMENU folder (i.e. the E2B drive will contain a \images folder with subfolders).

Of course, you can download the original ISOs from their websites and simply add them to your Easy2Boot USB drive.

Note: There is a later download here which may have some of the files missing (I have not tested it).

Posted by at No comments:

Wednesday 29 January 2014

Easy2Boot v1.25 available (new $HOME$ keyword for .mnu files)

Easy2Boot v1.25 adds a new feature for .mnu files.

Previously, you had to 'hard code' the sub-folder name into the .mnu file text. For example, here is a typical .mnu file which expects the ISO file to be in the MNU subfolder (e.g. \_ISO\MAINMENU\MNU) :

iftitle [if exist %MFOLDER%/MNU/Ylmf_OS_3.0.iso] Boot YlmF (Windows Like OS) Non-Persistent 
map %MFOLDER%/MNU/Ylmf_OS_3.0.iso (0xff)
map --hook
root (0xff)
kernel /casper/vmlinuz file=/cdrom/preseed/ubuntu.seed boot=casper  persistent iso-scan/filename=%MFOLDER%/MNU/ylmf_OS_3.0.iso floppy.allowed_drive_mask=0 splash
initrd /casper/initrd.img

However, now we can use $HOME$ to represent the path of the .mnu file like this:

iftitle [if exist $HOME$/Ylmf_OS_3.0.iso] Boot YlmF (Windows Like OS) Non-Persistent 
map $HOME$/Ylmf_OS_3.0.iso (0xff)
map --hook
root (0xff)
kernel /casper/vmlinuz file=/cdrom/preseed/ubuntu.seed boot=casper  persistent iso-scan/filename=$HOME$/ylmf_OS_3.0.iso floppy.allowed_drive_mask=0 splash
initrd /casper/initrd.img


This means that we can place the .mnu files and their payload files in any sub-folder of any name and we don't have to edit the .mnu file to match it.

This is useful because it means we can control the order of the items in the menus more easily by simply changing the name of the folders that we place our .mnu files in.

Consider an E2B file and folder arrangement of:

\_ISO\MAINMENU\b.iso
\_ISO\MAINMENU\k.iso
\_ISO\MAINMENU\MNU\a.mnu  (and a.iso)
\_ISO\MAINMENU\MNU\y.mnu  (and y.iso)
\_ISO\MAINMENU\z.iso

The menu entries in the Main menu would be ordered like this because the MNU folder's files will be enumerated after k.iso:

b.iso
k.iso
(title text from the a.mnu file)
(title text from the y.mnu file)
z.iso


Now if we want the a.mnu entry to be listed first in the Main menu, previously when using the %MFOLDER% variable, we would have had to make a new $MNU folder and then move the a.mnu and a.iso files also edit the .mnu file to change 'MNU' to '$MNU'.

However, if we use the new $HOME$ keyword in the .mnu file, all we need do is move the a.iso and a.mnu files to a new $MNU folder and we don't have to edit the .mnu file at all.

\_ISO\MAINMENU\$MNU\a.mnu  (and a.iso)
\_ISO\MAINMENU\b.iso
\_ISO\MAINMENU\k.iso
\_ISO\MAINMENU\MNU\y.mnu  (and y.iso)
\_ISO\MAINMENU\z.iso

The keyword $HOME$ will be expanded by E2B to be "/_ISO/MAINMENU/$MNU" automatically.

If you also want to change the position of y.mnu, you can simply rename the MNU folder (e.g. use $A to list it first or ZZ to list it last in the menu).

I have changed all of the Sample mnu Files in the \_ISO\docs\Sample mnu Files folder in v1.25 of E2B to use the new $HOME$ keyword. You can still use %MFOLDER% in your .mnu files if you wish.

The new v1.25 downloads are linked here.








Posted by at No comments:

Combine SARDU with Easy2Boot

To add SARDU to your Easy2Boot menu

1. Make your E2B USB drive as usual
2. Run SARDU and install SARDU plus any ISOs etc. to your E2B drive. This will add a dozen or so files to the root of the E2B drive and also a \SARDU folder.
3. Re-install grub4dos to the PBR using RMPrepUSB
4. Open an Administrator command prompt and navigate to the RMPRepUSB\SYSLINUX\Syslinux_4.06 folder  (tip: you can press F3 in RMPrepUSB to find the folder)
5. At the command prompt type:

syslinux.exe -f   X:   X:\SARDU\sardu.bin

 where X: is the drive letter of your Easy2Boot USB drive

6. Create a SARDU.mnu file and add it to the \_ISO\MAINMENU\MNU folder:

title SARDU\n Run SARDU
chainloader /SARDU/sardu.bin


Posted by at No comments:
Subscribe to: Posts (Atom)