Multi-Boot USB Thumb Drive

February 14, 2010 at 01:34 (linux, Uncategorized) (, , , , , , , )

Ever thought it might be cool to only have an USB-Stick where all your individual security / pentest / recovery / hack-a-tack bootdiscs can be booted?

I thought so!

Crawling the Internet looks promising and shows two different ways how to get an bootdisc on your USB thumbdrive:

  • Booting a bootdisc as ISO stored on the drive (which is not compatible to most bootdisc’s)
  • Booting abootdisc ISO extracted to a extra Partition on the USB-Drive (which is more compatible)

Remember: both ways are possible on a single Stick, so you can have ISO’s there AND extra partitions with the contents of the original ISO.

The Main problem having an ISO booted is that most Systems cannot access their system files after initial booting because they don’t use INT13 calls after booting the initial “bootstrap” system – DOS based bootdiscs should work always…

This is a very good quote from boot-land:

An operating system has basically two modes (exception made for DOS, see later) “real mode” and “protected mode”.
DOS has ONLY “real mode” i.e. “trusts” the info the BIOS gives it, and Windows 3.x/9x/Me though having a “protected mode” still trust the BIOS.
Windows NT based systems starts in “real mode”, trusting the info the BIOS gives it, then switches to “protected” mode, when the hardware is re-scanned and “protected mode” drivers load.
Linux does more or less the same, but not exactly.

…..

The main problem is that once the kernel is booted the grub4dos mapped iso isn’t visible for the linux kernel (doesn’t use INT13 BIOS calls to get data from a device), so SystemRescueCD can’t find the other files it needs.

However to get round this problem we can create an extra partition for the System – as it scans all partitions to find it’s boot files – so the boot files are found in one of those partitions.

I have the following Systems on my Multi-Boot USB Thumbdrive:

  • Backtrack 3 Final USB (extra partition)
  • Backtrack 4 (extra Partition)
  • Hiren’s boot-cd (ISO)
  • Ophcrack XP LiveCD (ISO)

Really cool is that you can do much more than only booting this or that System stored on the Thumbdrive, one can do also this:

  • Booting ISO’s
  • Booting partitions on the Thumbdrive
  • Booting Floppy disks
  • Find Windows (98/XP/Vista/7) Bootfiles and boot that (really helpful if you killed the original bootloader)
  • Booting Win XP Recovery console

 Okay, enough cooliness, let’s start.

For this HowTo I assume the following:

  • Basic knowledge of how to use Linux. You’ll NEED that!
  • SystemRescueCD (or any other Linux distro which has Grub installed)
  • No Harddrive connected in the Computer you build the Stick (i killed my Partition Table just due a Typo :))
  • My USB-Stick is recognized as /dev/sda if your USB Stick is recognized as something other replace your /dev entry with mine!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

I’ll describe the Steps you’ll ned to do, as every System is different i cannot guide you n00b-Step-by-Step :o)

1. Boot SystemRescueCD

2. Setup the Partition Table

Use Qtparted, gparted or parted to create the following partition Table:
1. Primary FAT32 (as big as you want, i took 10GB on a 16GB thumbdrive)
2. Extended (rest of drive)
now create inside the extended Partition the following Logical Partitions:
3. Locigal FAT16 (800MB, backtrack 3)
4. Logical FAT16 (1800MB, backtrack 4)

So it should look like that:

3. Copy Bootfiles

For quick-Start i uploaded you the grub4dos and grub-boot files you’ll need: (zip) or (tgz)
Copy everything to the FAT32 Partition on your USB-Stick

4. Setup Grub

This part is really important. Be sure you don’t have anything in your System that should not get a new bootsector :) Normally only the USB-Stick get it with this procedure but i’m not responsible if fsck up your running System!

Mount the freshly created FAT32 Partition:

# mkdir /mnt/usbstick
# mount /dev/sda1 /mnt/usbstick

Install Grub and copy it’s bootfiles:

NOTE: if you don’t have /dev/sda as your USB-Stick you need to edit /mnt/usbstick/boot/grub/device.map before executing the next command

# grub-install –root-directory=/mnt/usbstick /dev/sda

Setup Grub4Dos:

# cd /mnt/usbstick
# chmod +x bootlace.com
# ./bootlace.com /dev/sda

Easy isn’t it? :)  
You can give it a try now and see if the Stick is booting or you can continue.

If it is not booting mainly the (hd0) entry in the devices.map is wrong, some helpful tips you can find here:
How to add GRUB to your USB Thumb Drive

The next step is to setup your partitions and ISO files:

5. Copy the Bootdisc contents

I assume the following:

  • You have created 2 Extended Partitions for backtrack 3 and 4
  • You have Backtrack3 as iso in (usb-stick)/bootcds/bt3.iso
  • You have Backtrack4 as iso in (usb-stick)/bootcds/bt4.iso
  • You have Ophcrack as iso in (usb-stick)/bootcds/ophcrack.iso

First we need to make the usb-stick ISO’s and created partitions accessible:

# mkdir /mnt/usbroot
# mkdir /mnt/part1
# mkdir /mnt/part2
# mkdir /mnt/isoimg

We’ll mount the Partitions:

# mount /dev/sda1 /mnt/usbroot
# mount /dev/sda5 /mnt/part1
# mount /dev/sda6 /mnt/part2

Now we can access /mnt/usbroot where our subdirectory “bootcds” is and we load backtrack 3 ISO and copy the contents to our 1st extended Partition (yes you can mount ISO’s under linux ^^):

# mount -o loop /mnt/usbroot/bootcds/bt3.iso /mnt/isoimg
# cp -Rv /mnt/isoimg/* /mnt/part1/
# umount /mnt/isoimg

Go on with Backtrack 4:

# mount -o loop /mnt/usbroot/bootcds/bt4.iso /mnt/isoimg
# cp -Rv /mnt/isoimg/* /mnt/part2/
# umount /mnt/isoimg

Everything copied, we unmount the two Partitions:

# umount /mnt/part1
# umount /mnt/part2

Now edit /mnt/usbroot/menu.lst (vi, nano) to your liking – you don’t have to if you use my files and followed this HowTo.

Then unmount everything, reboot and Go On!

# umount /mnt/usbroot
# shutdown -h now

Have Phun!

References:

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: