I came across another memory test today. GoldMemory by Michal Tulacek is shareware and available in two versions, standard (limited 30-day free trial shareware <4GB) or Pro ($29 - at least 16GB).
Saturday 16 April 2016
Detect keyboard status and hide menu entries in E2B
We can detect the status of the keyboard using grub4dos to read the BIOS Data area.
For instance, we can tell if CAPS LOCK or SCROLL LOCK was on or not.
Here is a simple grub4dos batch file which will report the keyboard status as detected by the BIOS (not all keys may be reported accurately under a VM):
For instance, we can tell if CAPS LOCK or SCROLL LOCK was on or not.
Here is a simple grub4dos batch file which will report the keyboard status as detected by the BIOS (not all keys may be reported accurately under a VM):
Friday 15 April 2016
Run android x86 with persistence from E2B
'How to add an animated GIF' YouTube video now available
I have added a 10 minute YouTube video on how to add an animated GIF to the Easy2Boot menu.
See http://www.easy2boot.com/configuring-e2b/animation/ for more info.
Let me know if you like these videos by ticking one of the Reactions boxes.
Feel free to suggest a subject for the next one!
See http://www.easy2boot.com/configuring-e2b/animation/ for more info.
Let me know if you like these videos by ticking one of the Reactions boxes.
Feel free to suggest a subject for the next one!
Thursday 14 April 2016
Check the CRC of a payload file before running it in Easy2Boot
Nicolas asked me today about checking an ISO (for corruption?) before running it.
In E2B, you can hit SHIFT+CTRL+ENTER to ask E2B to calculate and display the CRC32 value of a payload file that is listed in the menu, but it is up to you to check that it is correct.
If you want to ensure that an ISO or other payload file is not corrupt (or infected?) before you allow E2B to run it, you can use this .mnu file for each payload file:
\_ISO\MAINMENU\RunMemTestCheck.mnu
==================================
# Check the CRC32 value of a payload file and run it if it is correct
iftitle [if exist /_ISO/UTILITIES_MEMTEST/MEMTEST.IMG.gz] Check and run a payload \n Get CRC32 value and run if correct
set ISO=/_ISO/UTILITIES_MEMTEST/MEMTEST.IMG.gz
# expected CRC32 must start with 0x
set EXP_CRC=0x1340BECC
echo Calculating CRC32 of %ISO% - please wait...
crc32 %ISO% > nul
set /A CRC=%@retval% & 0xFFFFFFFF > nul
pause --wait=3 %ISO% - EXPECTED CRC32=%EXP_CRC%, ACTUAL CRC32=%CRC%
if not %EXP_CRC%==%CRC% pause ERROR: CRC is not correct (%CRC% vs %EXP_CRC%)
if not %EXP_CRC%==%CRC% configfile (md)0x3000+0x50
/%grub%/QRUN.g4b %ISO%
boot
In E2B, you can hit SHIFT+CTRL+ENTER to ask E2B to calculate and display the CRC32 value of a payload file that is listed in the menu, but it is up to you to check that it is correct.
If you want to ensure that an ISO or other payload file is not corrupt (or infected?) before you allow E2B to run it, you can use this .mnu file for each payload file:
\_ISO\MAINMENU\RunMemTestCheck.mnu
==================================
# Check the CRC32 value of a payload file and run it if it is correct
iftitle [if exist /_ISO/UTILITIES_MEMTEST/MEMTEST.IMG.gz] Check and run a payload \n Get CRC32 value and run if correct
set ISO=/_ISO/UTILITIES_MEMTEST/MEMTEST.IMG.gz
# expected CRC32 must start with 0x
set EXP_CRC=0x1340BECC
echo Calculating CRC32 of %ISO% - please wait...
crc32 %ISO% > nul
set /A CRC=%@retval% & 0xFFFFFFFF > nul
pause --wait=3 %ISO% - EXPECTED CRC32=%EXP_CRC%, ACTUAL CRC32=%CRC%
if not %EXP_CRC%==%CRC% pause ERROR: CRC is not correct (%CRC% vs %EXP_CRC%)
if not %EXP_CRC%==%CRC% configfile (md)0x3000+0x50
/%grub%/QRUN.g4b %ISO%
boot
Just change the first few lines as required. If the payload file is large, it may take a while to calculate the CRC value. I will add this to the Sample mnu Files folder of the next E2B version (CheckCRC32_and_Run.mnu).
Wednesday 13 April 2016
Over 1 million blog views!
I just noticed the total views counter for this blog has just passed 1 million!
Thanks for reading all my ramblings over the last few years!
Steve
Thanks for reading all my ramblings over the last few years!
Steve
Tuesday 12 April 2016
Alternate German menu format
The German language files (supplied by Frettt) in E2B have been formatted so that the [hotkey] labels are right-aligned in the menus...
A few people have requested a left-aligned German menu, so Frettt has now provided an alternate STRINGS.txt file which left-aligns the hotkeys.
A few people have requested a left-aligned German menu, so Frettt has now provided an alternate STRINGS.txt file which left-aligns the hotkeys.
Petya disk encryption fix
I see on BleepingComputer.com that there is a way to decrypt a hard disk that has been encrypted with the Petya malware (actually, I think only the $MFT is encrypted by this MBR virus). Although Bleeping Computer say to remove the hard disk from the system, I don't see why we cannot just boot the infected system to WinPE from a USB drive (just be careful it does not boot from the internal hard disk!).
I copied the PetyaExtractor.exe program to my E2B USB drive and booted to a Windows 10 32-bit Install ISO. I then ran the PetyaExtractor.exe program which appeared to run OK (but I cannot be sure as I did not have an infected system). It is a 32-bit program, so you need to boot to 32-bit WinPE (or a 64-bit WinPE that has WoW64 support - e.g. ChrisR's WinPESE10).
The idea is that we could then save the sector 55 and 'Nonce' data from sector 54 to the E2B drive using NotePad, and then copy and paste it into the Petya Decrypting site page to get the decryption key.
It also would be trivial to write a grub4dos (E2B) script to save the required data (or even just use dd) and then encode it to base64 by uploading it to a website such as this one. However, it is probably just as easy to just boot to WinPE and use the PetyaExtractor tool.
Why not add the tool and a .txt file with the web links to your 'Swiss-army E2B drive' so that you will have the tool handy if you need to fix someone's system?
I copied the PetyaExtractor.exe program to my E2B USB drive and booted to a Windows 10 32-bit Install ISO. I then ran the PetyaExtractor.exe program which appeared to run OK (but I cannot be sure as I did not have an infected system). It is a 32-bit program, so you need to boot to 32-bit WinPE (or a 64-bit WinPE that has WoW64 support - e.g. ChrisR's WinPESE10).
The idea is that we could then save the sector 55 and 'Nonce' data from sector 54 to the E2B drive using NotePad, and then copy and paste it into the Petya Decrypting site page to get the decryption key.
It also would be trivial to write a grub4dos (E2B) script to save the required data (or even just use dd) and then encode it to base64 by uploading it to a website such as this one. However, it is probably just as easy to just boot to WinPE and use the PetyaExtractor tool.
Why not add the tool and a .txt file with the web links to your 'Swiss-army E2B drive' so that you will have the tool handy if you need to fix someone's system?
Sunday 10 April 2016
30 things I bet you didn't know about Easy2Boot (or were too afraid to ask)!
- E2B can directly boot from Vista/7/8/10 WindowsToGo .VHD files - just copy them over (requires a copy of Win8.1 bootmgr to be added to the E2B drive - no BCD file is required!).
Thursday 7 April 2016
FASTLOAD bug in E2B v1.79
If you use Windows Install ISOs with E2B v1.79 and have FASTLOAD enabled, you may find that the Windows Install menu options are not present in the Main menu. This is caused by a missing line in the \_ISO\e2b\grub\menu.lst file (it somehow got accidentally removed!).
Please try E2B v1.80h or later if this problem affects you.
I don't use FASTLOAD much because I prefer to use fast USB 3.0 drives (well, that's my excuse, and I'm sticking to it!). ;-)
Please try E2B v1.80h or later if this problem affects you.
I don't use FASTLOAD much because I prefer to use fast USB 3.0 drives (well, that's my excuse, and I'm sticking to it!). ;-)
Tuesday 5 April 2016
Find that file!
If you boot to WinPE or WindowsToGo from E2B to try to fix a Windows system, it is really very useful to keep a copy of SwiftSearch.exe on the E2B USB drive.
SwiftSearch.exe is a standalone 32-bit Windows executable which will very quickly find any file (you can use wildcards in any combination) on any NTFS volume in the whole system (including NTFS USB drives). And when I say 'quick', I mean really quick, like a few seconds for a full 2TB drive, because it directly accesses the $MFT of the NTFS drive! It only works on NTFS volumes however and will not search FAT or exFAT volumes.
SwiftSearch.exe is a standalone 32-bit Windows executable which will very quickly find any file (you can use wildcards in any combination) on any NTFS volume in the whole system (including NTFS USB drives). And when I say 'quick', I mean really quick, like a few seconds for a full 2TB drive, because it directly accesses the $MFT of the NTFS drive! It only works on NTFS volumes however and will not search FAT or exFAT volumes.
5 volumes (approx. 2TB) searched in 0.41 seconds (including my NTFS USB drives)!
Using E2B with the Netac U618 Encrypted USB 2.0 Flash drive
The Netac U618 is similar to the iStorage datAshur USB flash drives in that it has a PIN keypad and stores it's data in an encrypted form.
I believe the 16GB version is split as 4GB Public + 10GB Secure, however, I tested the 32GB version. You can obtain them from Amazon or eBay (approx $30 or £23 for the 32GB version).
I believe the 16GB version is split as 4GB Public + 10GB Secure, however, I tested the 32GB version. You can obtain them from Amazon or eBay (approx $30 or £23 for the 32GB version).
Thursday 31 March 2016
E2B v1.79 available (and now officially released)
v1.79 is now released.
Changes from v1.78C are:
Changes from v1.78C are:
- New NOWINXP parameter to suppress some menu items in the Windows Install menu.
- Small bugfix in AUTOMN.g4b (sometimes listed files with no extension)
- Improved Protect.cmd to show more file info.
- Bug fixes for bad error handling in QRUN.g4b (did not abort if error).
- E2B_Editor.exe v1.0.85 (NOSUG and NOWINXP options added).
- Improve robocopy detection for XP systems in UPDATE_E2B_USB_DRIVE.cmd.
Tuesday 29 March 2016
Add PepperMint 6 + persistence to E2B
PepperMint 6 can be booted as a 'LiveCD' from ISO with persistence.
Britec has a YouTube video on how to install it as an OS.
However, we can run it from an ISO file with persistence from E2B too using a .mnu file.
It is based on Ubuntu and so uses a casper-rw persistence file.
Britec has a YouTube video on how to install it as an OS.
However, we can run it from an ISO file with persistence from E2B too using a .mnu file.
It is based on Ubuntu and so uses a casper-rw persistence file.
How to increase the spacing between all E2B menu entries
grub4dos allows you to adjust the character and line spacing of text.
One of the template .cfg files in E2B demonstrates this:(\_ISO\docs\Templates\StripedFlat_pwd_is_fred)
The Sample_MyE2B.cfg file shows you how you can alter these, using the lnspace and wdspace parameters:
The default value is 'n' (or 0) for lnspace and wdspace.
Here is a 14-entry menu using the default spacing:
One of the template .cfg files in E2B demonstrates this:(\_ISO\docs\Templates\StripedFlat_pwd_is_fred)
The Sample_MyE2B.cfg file shows you how you can alter these, using the lnspace and wdspace parameters:
The default value is 'n' (or 0) for lnspace and wdspace.
Here is a 14-entry menu using the default spacing:
Monday 28 March 2016
E2B v.79f available and 'E2B.cfg is MISSING!' error
I found some error handling issues in QRUN.g4b (v1.77 and 1.78C). The problem centres around this kind of grub4dos code...
if not "%X%"="1" pause ERROR && configfile (md)0xa000+0x50
if not "%X%"="1" pause ERROR && configfile (md)0xa000+0x50
Saturday 26 March 2016
Easy2Boot v1.78C available
E2B version 1.78C has today's version of grub4dos (20160326) which fixes the bug a user found if you set 'tophelp' to a high number so that the menu help text is not displayed.
v1.79d also has the new grub4dos 20160326 version.
Despite not being officially released, I see some download sites have copied the buggy v1.78!
Differences between v1.78C and v1.79d:
v1.79d also has the new grub4dos 20160326 version.
Despite not being officially released, I see some download sites have copied the buggy v1.78!
Differences between v1.78C and v1.79d:
Friday 25 March 2016
Using E2B with the datAshur Pro encrypted USB flash drive
Easy2Boot allows you to boot literally hundreds of Windows-based, linux-based and other bootable software all from one USB drive. You can also keep all of your personal files and Windows\linux utilities on the same drive and carry it with you, on your keychain, wherever you go. But what if you lose it?
Does your Easy2Boot USB drive contain licensed software, company volume licence Product Keys or confidential files? Perhaps it contains a WindowsToGo VHD or linux already set up with your Chrome/FireFox passwords, etc. The best way to keep it secure is to use one of the PIN-entry types of USB drives that are available.
After my previous blog about the (slow) datAshur Personal encrypted USB 2.0 drive and the problems I had booting from it, iStorage (the makers of the drive) sent me a datAshur Pro for testing and review.
iStorage have four models in their current range. Here are the basic points that concern E2B users including the price and advertised read/write speeds:
Does your Easy2Boot USB drive contain licensed software, company volume licence Product Keys or confidential files? Perhaps it contains a WindowsToGo VHD or linux already set up with your Chrome/FireFox passwords, etc. The best way to keep it secure is to use one of the PIN-entry types of USB drives that are available.
After my previous blog about the (slow) datAshur Personal encrypted USB 2.0 drive and the problems I had booting from it, iStorage (the makers of the drive) sent me a datAshur Pro for testing and review.
datAshur Pro USB 3.0
iStorage have four models in their current range. Here are the basic points that concern E2B users including the price and advertised read/write speeds:
Changing language strings in E2B
E2B uses the STRINGS.txt file as a lookup file.
Menu headings, menu entries and many of the batch files in E2B use keywords, e.g.
iftitle [if exist STALE && cat --locate=YES ()/FASTLOAD.YES > nul] $$STRmFS1
if not "%GFX%"=="" configfile (md)0xa000+0x50
root ()
where $$STRmFS1 is a keyword (always $$STR followed by exactly four characters) that is substituted by E2B for a line of text taken from a language file.
Menu headings, menu entries and many of the batch files in E2B use keywords, e.g.
iftitle [if exist STALE && cat --locate=YES ()/FASTLOAD.YES > nul] $$STRmFS1
if not "%GFX%"=="" configfile (md)0xa000+0x50
root ()
where $$STRmFS1 is a keyword (always $$STR followed by exactly four characters) that is substituted by E2B for a line of text taken from a language file.
Thursday 24 March 2016
Small bug found in grub4dos 0.4.6a 20160322
A small bug has been found in some grub4dos 0.4.6a versions between approx. Feb 2016 and 2016-03-22. If you set tophelp variable to a large number (e.g. 70) then it should move the menu help text off the screen (to line 70). This was a way to hide the help text that was normally seen below the menu box. With these grub4dos versions, this did not work. v1.78 and v1.79a used these versions and so I have re-uploaded them as v1.78A and v.1.79b and they now have the latest 20160324 version of grub4dos 0.4.6a + small change to some of the $$$Guestxxx.mnu files to support F8 reload.
Note that v1.78A still displays it's version number as 1.78 (because it can affect the formatting of the Main Menu heading for some users due to the extra character).
P.S. There was still a small bug in 1.78A and 1.78B, so I have removed 1.78 until grub4dos is fixed. I will then release 1.78C!
Note that v1.78A still displays it's version number as 1.78 (because it can affect the formatting of the Main Menu heading for some users due to the extra character).
P.S. There was still a small bug in 1.78A and 1.78B, so I have removed 1.78 until grub4dos is fixed. I will then release 1.78C!
Subscribe to:
Posts (Atom)