Tutorial: Advanced - Installing Backtrack 3 under VirtualBox
Part 1 of 3:
Intro: This is a Tutorial on how to install Backtrack 3 (Linux) on Windows XP so you will
be able to run both Windows and Backtrack 3 (Linux) at the same time without rebooting.
It is written "skiny" so you can read it on one side of the screen and install Backtrack 3 in
VirtualBox on the other side of the screen.
The text "hxxp://." means to use http and add "www" ;) .
In this Tutorial we will be using the free virtualization tool VirtualBox. If you have ever
used VMWare then the procedure is similar but there are a few more steps (and the
ability to directly access your hardware (ONLY if you have a NEW computer that supports
either VT-x or AMD-V)).
I have Backtrack 3 working perfectly and can boot from my harddrive, your results may be
better (or worse) depending on: your computer, your "Wireless Network Adapter" driver,
your choice of "Wireless Network Adapter" card and your abilities in general.
It is also possible to use VirtualBox the other way around, to install Windows on Linux.
You can have Linux directly access your hardware and use the virtualization to run Debian,
Windows XP, and Backtrack 3 (Slackware Linux) all at the same time. If you run VirtualBox
under Debian GNU/Linux and use VirtualBox to virtualize both Windows XP and Backtrack 3
then you won't have to worry about not getting direct access to your hardware and all of
Backtrack 3's programs should work correctly.
Running Backtrack 3 under VirtualBox on a Windows Host means that some of Backtrack 3's
programs will not work for some people (depending on your setup) but you can use most
of the tools to analyze packets that you have already captured with OmniPeek for Windows.
One of the best features (other than the ability to run Linux and Windows at the same
time) is that booting is quick and any changes you make are sticky between boots. You
can take Snapshots of your system and restore to previous versions if you get hit with
a virus (or type the wrong command).
Please note that this is an ADVANCED tutorial so Google before you ask for help!
----- Getting the software needed for this installation -----
Go to the Remote Exploit Website and visit the download page, obtain "bt3final_usb.iso".
BackTrack Downloads
hxxp://.remote-exploit.org/backtrack_download.html
Description: USB Version (Extended)
Name:: bt3final_usb.iso
Size: 784 MB
hxxp://.remote-exploit.org/cgi-bin/fileget?version=bt3-usb
Go to the VirtualBox Website and visit the download page, obtain "VirtualBox-2.0.2-36488-Win_x86.msi".
VirtualBox binaries
hxxp://.virtualbox.org/wiki/Downloads
VirtualBox 2.0.2 for Windows hosts x86
hxxp://download.virtualbox.org/virtualbox/2.0.2/VirtualBox-2.0.2-36488-Win_x86.msi
----- Installing VirtualBox 2.0.2 for Windows -----
Double click on the "VirtualBox-2.0.2-36488-Win_x86.msi" file. Reboot. Come back here.
----- Installing Backtrack 3 under VirtualBox -----
1.): Start VirtualBox and choose the "New" button.
2.): Name the Virtual Machine "Backtrack 3" and choose "Linux 2.6" for the "OS Type". Click the "Next" button.
3.): For the "Base Memory Size" choose at least 512k. I suggest 1024k if you have 3G of RAM. Click the "Next" button.
4.): On the "Virtual Hard Disk" pane click "New", click the "Next" button.
Choose the "Fixed-size Image" Radio Button, click the "Next" button.
Click the "Select Button" and choose a drive to store your Virtual Disk images.
Click on the "Create New Folder" icon and create a new directory called "Backtrack3".
Click on the newly created directory and type "Backtrack3_boot" as the "File Name", click the "Save" button.
You are back at the "Virtual Hard Disk" pane.
The "Image File Name" would now be something like: "C:\Backtrack3\Backtrack3_boot.vdi".
Leave the "Image Size" at 8GB, click the "Next" button.
Check that everything is correct, click the "Finish" button.
Wait about 2 minutes while the new "Virtual Hard Disk" is created.
Wait until you are back at the "Virtual Hard Disk" pane.
The "Boot Hard Disk (Primary Master)" would now be: "Backtrack3_boot.vdi (C:\Backtrack3)".
Click the "Next" button.
5.): You are now at the "Summary" pane. Check that everything is correct, click the "Finish" button.
6.): You will now have exited the "Wizard" and be on the "Details" tab.
7.): Click on the "CD/DVD-ROM" (Not mounted) area.
Click the "Mount CD/DVD Drive" checkbox.
Click the "ISO Image File", "Radio Button", click on the "Select Button".
In the "Virtual Disk Manager" pane click the "Add" button.
Look for your file: "bt3final_usb.iso" and click on it, choose open. Click "Select".
The "ISO Image File" would now be something like: "bt3final_usb.iso (C:\Downloads)".
8.): In the left panel of the "Settings" pane click on "General". You should be on the "Basic" tab.
9.): In the "General", "Settings", "Basic" tab you can change the "Video Memory Size" from
8MB to 120MB (120MB). If you use 120MB (120!) of memory for the "Video Memory Size" then
you should be OK. If you choose 128MB of memory then VirtualBox will crash on my machine
(but you should test it on yours). When I look at KDE's "Start", "System", "System Information",
"PCI" it says my "InnoTek VGA Compatible Controller" has only 8MB of memory, that makes
little sense since I can run 1024x768x24. If someone can get 32 bit graphics let us know.
When you get the X Window started (try the boot option "VESA KDE") there are only three video
modes available in KDE's "System", "Settings", "Hardware", "Configure Display". These are
"1024x768x16x85Hz", "800x600x16x85Hz", and, (least of all), "640x480x16x85Hz". Not great.
It is likely you will want to read Section 4.3.2 of the VirtualBox "UserManual.pdf", edit
Backtrack 3's "/etc/X11/xorg.conf" and then add this (or alter existing) section in xorg.conf:
Code:
Advice about "/etc/X11/xorg.conf" was deleted, see bottom of post.
Read Section 9.5 of the Sun xVM VirtualBox Help "Custom VESA Resolutions" if you want to
change the 'text mode' screen run this command (and modify your kernel params) (this did
not work for me but the error message gives other numbers to use):
"C:\Program Files\Sun\xVM VirtualBox\VBoxManage" setextradata VMNAME "CustomVideoMode1" "1400x1050x32"
The VESA mode IDs for custom video modes start at 0x160. In order to use the above defined
custom video mode, the following command line has be supplied to Linux (by editing your boot
command line ("TAB" key when booting):
vga = 0x200 | 0x160
vga = 864
I tried to run xorgconfig to create an updated "/etc/X11/xorg.conf" and found that the
VirtualBox Video Driver will only support certain modes while letting the X Server reinitialize
the GUI correctly. It is possible to choose amongst many video modes but unfortunately
most will confuse the X server as to what the actual screen size is and result in the
Toolbar being drawn offscreen. If you get in this situation just right-click on the Desktop
and choose "Configure Desktop", "Display" and choose screen size 1024x768@85Hz
(assuming you don't delete this setting from "/etc/X11/xorg.conf").
----------
Revision - Fixes for ' /etc/X11/xorg.conf ' :
You could add this section to enable translucency and shadows (it may slow things down
(depending on your theme, some translucency is very slow) but allows fancier themes).
Code:
Section "Extensions"
Option "Composite" "Enable"
EndSection
You should add / change these sections to enable more choices of Display size.
Prior to the "Monitor section" add these lines (CHANGE the BusID line to suit your system - you
might get away with commenting it out):
Code:
Section "Device"
Identifier "Generic Video Card"
Driver "vboxvideo"
BusID "PCI:0:2:0"
EndSection
# *********************************************************
# Monitor section
In the ' Section "Monitor" / Identifier "My Monitor" ' section try these settings:
Code:
HorizSync 28-96
VertRefresh 43-85
# Add
Option "DPMS"
In the ' Section "Device" ' section try this:
Code:
Section "Device"
# Identifier "VESA Framebuffer"
Identifier "Generic Video Card"
Driver "vboxvideo"
EndSection
In the ' Section "Screen" ' section try this:
Code:
Section "Screen"
Identifier "Screen 1"
# Device "VESA Framebuffer"
Device "Generic Video Card"
Monitor "My Monitor"
Now you should be able to change this subsection in the ' Section "Screen" ' section and have the
values work properly. Check this in [Start] -> System -> Settings -> Hardware -> Display .
No more "Draw ToolBar Offscreen" Bug.
Code:
Subsection "Display"
Depth 24
# Modes "1024x768" "800x600" "640x480"
Modes "1024x768" "1280x1024" "1152x864" "1400x1050" "1600x1200" "1800x1400" "800x600" "640x480"
ViewPort 0 0
EndSubsection
I am more familiar with Debian (Lenny) than Slackware. I am able to boot Lenny in 24Bit mode
without VirtualBox's annoying messages about screen mode that occur when booting Slackware.
These changes to /etc/X11/xorg.conf work in VirtualBox on both Lenny and Slackware so they are
more specific to X11 in VirtualBox than they are to either Operating System. This is good.
I am still using the "VESA KDE" boot option.
----------
Continued in Part 2.
Tutorial: Advanced - Installing Backtrack 3 under VirtualBox - Part 2
Part 2:
10.): In the "General", "Settings", "Advanced" tab you should do the following:
Click the "Boot Order", "Floppy" checkbox to uncheck it.
The "CD/DVD-ROM" should be the first boot device (for installation only).
You can leave the "Boot Order", "Hard Disk" checkbox checked, you will re-order the drives later.
Leave the "Extended Features", "Enable ACPI" checkbox checked.
Click the "Extended Features", "Enable IO APIC" checkbox to make it checked.
If you have a newer CPU then click the "Extended Features", "Enable VT-x/AMD-V" checkbox to make it checked.
Click the "Extended Features", "Enable PAE/NX" checkbox to make it checked.
Choose "Bidirectional" for the "Shared Clipboard" setting.
Choose "PIIX4 for the "IDE Controller Type" (PIIX3 does not implement an SMBus or I2C bus).
Change the "Snapshot Folder" to the same location as your Virtual Boot Drive (C:\Backtrack3).
11.): In the "General", "Settings", "Description" tab you can type "Backtrack 3".
12.): In the "General", "Settings", "Other" tab you should leave the "Remember Mounted Media" checkbox checked.
13.): In the "Hard Disks" tab you should click the "Enable SATA Controller" checkbox.
You could add a second drive as per the instructions in step 7. call it something
like: "C:\Backtrack3\Backtrack3_HD2.vdi". I disabled the SATA checkbox and it seemed
like VirtualBox ran slightly quicker, more testing required. I Ended up leaving it on.
14.): You have already configured your CD/DVD-ROM settings and can skip the "Floppy" setting (unless you want a floppy drive).
15.): In the "Audio" tab you should click the "Enable Audio" checkbox.
Choose "Windows DirectSound" for the "Host Audio Driver".
Choose "ICH AC97" for the "Audio Controller", (if you don't have audio in Backtrack 3 then
try the older "SoundBlaster 16" card). Audio works fine OOTB one my system.
16.): In the "Network", "Adapter 1" tab you should do the following:
Leave the "Enable Network Adapter" checkbox checked.
Choose "Intel PRO/1000 T Server (82543GC)" for the "Adapter Type" setting.
Choose "Host Interface" for the "Attached to" setting. Later you will (attempt) to 'Bridge' your 'Wireless Network Card'.
Click the "Generate" button and change the last 8 digits of the "MAC Address" to an easy to remember (080012345678) value.
Next to the "Host Interfaces" box click on the "Add" button and name the interface VBH 1 (one, not "i" or "L").
When the Windows "Hardware Installation" panel appears for the "VirtualBox TAP Adapter" click on "Continue Anyway".
After a minute you will get a new Icon in your tray with a 'red X' over it. This is
OK, we will Bridge this later. If you have more than one 'Wireless Network Card' then
you can repeat step 16 (with different MAC and IF names).
17.): In the "Serial Ports", "Port 1" tab click on "Enable Serial Port", choose "Port Number",
"COM1" and "Port Mode", "Host Device". This would allow you to add GPS later and causes
the Linux OS to notice that you do have serial ports (and install a driver).
18.): In the "USB" tab click the "Enable USB Controller" and the "Enable USB 2.0 (EHCI) Controller" checkboxs.
Click your Windows XP "Start" button, click on "Run" and 'Open' "cmd" (to shell to DOS), then type this:
cd "C:\Program Files\Sun\xVM VirtualBox"
VBoxManage list usbhost
Look at the list of USB devices. You can add things like BlueTooth or a USB drive / USB Memory Card.
Use the "Add" button to create a new "Filter" and the "Edit" button to fill in the details,
if you get a detail wrong you will filter out the device and be unable to use it so if you
are uncertain then only fill in the "Name" and "Serial Number".
19.): You can setup "Shared Folders" and "Remote Display" if you want, I did not.
20.): Prior to leaving the "Settings" panel please ensure that there is no "red warning message"
in the bottom panel and "Invalid settings detected". If there is then go back to the
suggested entry and see if it is correct. Sometimes a false warning is given and you can
simply click, then un-click on something, change the pane to a different one and the message
will go away without actually having changed anything. New software can have bugs or you may
have made an incompatable choice.
Hit "OK" and in the "Sun xVM VirtualBox" window, on the "Details" tab, all the black
writing (on the left) will turn blue once you have everthing correctly set.
21.): In the "Sun xVM VirtualBox" window click on "File", "Preferences" and in the "VirtualBox - Settings",
"Input" panel you might want to change the "Host Key" before you continue. Remember what it is
set to and click "OK". The "Host Key" allows you to swap between Backtrack 3 and Windows.
22.): Now click the green start arrow and Backtrack 3 should start to boot in the Virtual Machine.
23.): When the Virtual Machine starts you will get a reminder about your "Host Key", read the
message and then:
Click the "OK" button and QUICKLY get ready to hit the "Maximize button (so Backtrack 3
will know your true screen size). You might get a couple of popups about your screen being
in 24 bit mode (when you are actually in 32 bit mode), click "OK" to ignore these messages.
24.): You will get a "Found New Hardware" Wizard popup as Backtrack 3 boots. Grab the top and
move it out of the way so you can see Backtrack 3's boot screen and ensure that everything
is working properly. Remember, before you can use the mouse to grab the "Found New Hardware"
Wizard popup you MUST hit your "Host Key".
25.): When you get to Backtrack 3's login prompt you can go back to dealing with the "Found New Hardware" Wizard popup.
The first pane of the popup says "Can Windows connect to Windows Update to search for
software?", choose "No, not this time" and click "Next". The second pane of the popup says
"What do you want the Wizard to do?", choose "Install from a list or a specific location
(Advanced)" and click "Next". On the next pane choose the 'Radio Button' labeled "Don't
search. I will choose the driver to install. Click next. If you need to locate the driver
it might be in this directory: C:\Program Files\Sun\xVM VirtualBox\drivers\USB\device\ .
Click "Finish" to close the Wizard.
26.): If you return to Backtrack 3 (using ALT-TAB) you might see a black screen, click on it.
Now you might get a message about capturing the mouseclick, choose capture and move your
mouse. The screensaver will unblank.
27.): Now login to Backtrack three as user "root" with password "toor". Type "reboot" and
Backtrack 3 will eject the virtual CD/DVD-ROM and halt with a Fatal Error. Go to
VirtualBox's "File" menu and choose "Reset", when the capture box pops up click "OK"
(quickly) and hit the "Down Arrow" to defeat the 4 second countdown.
28.): These Lilo boot options are available under VirtualBox (without mods, with 64MB display memory):
Code:
BT3 Graphics mode (Compiz) - Boots but xconfig / startx reboots the X Server.
BT3 Graphics mode (Compiz Nvidia) - Boots but xconfig / startx reboots the X Server.
BT3 Graphics mode (KDE) - Keeps popping up messages about 16-bit mode and rebooting the X Server.
BT3 Graphics mode (Flux) - Keeps popping up messages about 16-bit mode and rebooting the X Server.
BT3 Graphics mode (VESA KDE) - Boots and starts the X session (in 16 bit mode).
...
If you use the first setting and then run xconf you can run startx and see the errors
when the X Server terminates. If you use 120MB (120!) of memory for the "Video Memory Size"
then you only get 16 bit display depth (and few errors). Refer to Section 9 (above) in
this Tutorial for info about VirtualBox Video Modes.
After only a little testing (and messing around) I found that "BT3 Graphics mode (VESA KDE)"
was the only true graphics mode that works. You can use the "Compviz" modes if you don't
want to use X11 and the GUI.
Continued in Part 3.
Tutorial: Advanced - Installing Backtrack 3 under VirtualBox - Part 3
Part 3:
29.): You can install software on Backtrack 3 and save 'Snapshots' to save your place or
follow another tutorial about making any changes 'sticky' to preserve your work between
boots. Go back to your "Settings" and change the "Radio Button" to finish using the
Backtrack 3 installation .ISO image on your HD.
30.): See these threads for info on copying the CD/DVD-ROM .ISO image to VirtualBox's virtual
HD drives so you can make changes and update your software without resorting to Snapshots
to make things sticky.
How to install backtrack 3 final from the shell
hxxp://forums.remote-exploit.org/showthread.php?t=14751
Install BT3 live onto flash, save changes, with compiz
hxxp://forums.remote-exploit.org/showthread.php?t=14812
TUTORIAL: live install with changes, swap and data partitions
hxxp://forums.remote-exploit.org/showthread.php?t=7844
How to install BT3Final onto external USB HDD - Solve the Kernel Panic
hxxp://forums.remote-exploit.org/showthread.php?t=16593
I mainly used the fourth Tutorial (and modified the commands from the above suggestions
to suit a Virtual HD with Backtrack 3, instead of a USB Drive with BT2). I then went into
VirtualBox's "Settings", "Details", "CD/DVD-ROM" settings. I unchecked "Mount CD/DVD-ROM"
to unmounted the "bt3final_usb.iso" file and made the first virtual HD the boot drive,
upon rebooting all changes were sticky.
Use "fdisk /dev/hda" to make your first partition (boot) 1.5GB, your swap 1GB and use the
rest for the root (using an 8GB HD). You can type "p" in fdisk and it should print a table
as shown below (use "m" as needed, and don't forget to "w"rite). You may prefer to use cfdisk
instead of fdisk as it is easier to use and may have fewer bugs.
Code:
bt ~ # fdisk -l /dev/hda
Disk /dev/hda: 8589 MB, 8589934592 bytes
16 heads, 63 sectors/track, 16644 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Device Boot Start End Blocks Id System
/dev/hda1 * 1 2906 1464592+ 83 Linux
/dev/hda2 2907 4844 976752 82 Linux swap
/dev/hda3 4845 16644 5947200 83 Linux
You can use QTParted to format your HDs but I recommend using fdisk to partition them.
You will now type the following to get setup (thanks to goon123 in thread 16593):
Code:
bt ~ # mkswap /dev/hda2
bt ~ # swapon /dev/hda2
bt ~ # mkdir /mnt/backtrack
bt ~ # mount /dev/hda3 /mnt/backtrack/
bt ~ # mkdir /mnt/backtrack/boot
bt ~ # mount /dev/hda1 /mnt/backtrack/boot/
bt ~ # cp --preserve -R /{bin,dev,home,pentest,root,usr,etc,lib,opt,sbin,var} /mnt/backtrack/
bt ~ # mkdir /mnt/backtrack/{mnt,proc,sys,tmp}
bt ~ # mount --bind /dev/ /mnt/backtrack/dev/
bt ~ # mount -t proc proc /mnt/backtrack/proc/
bt ~ # cp /boot/vmlinuz /mnt/backtrack/boot/
bt ~ # chroot /mnt/backtrack/ /bin/bash
bt ~ # nano /etc/lilo.conf
You want the following in your lilo.conf file. Set your vga correctly, here are some
suggested values: "vga=ask" (gives a menu), "vga=normal" (default), or use one of these:
Code:
640x480 800x600 1024x768 1280x1024
32K 784 787 790 793
64K 785 788 791 794
16M 786 789 792 795
Code:
# Start LILO global section
lba32
boot /dev/hda
prompt
timeout = 60
change-rules
reset
compact
vga = 792
# End LILO global section
# Linux bootable partition config begins
image = /boot/vmlinuz
root = /dev/hda3
label = Backtrack3
append = ”rootdelay=10”
# Linux bootable partition config ends
The "BT3 Graphics mode (VESA KDE)" command line is:
Code:
/boot/vmlinuz vga=0x317 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 rw autoexec=kdm
Save that and then execute lilo (I like to use the very verbose flag)
bt ~ # lilo -v -v
Exit your chroot enviorment and your Konsole shell.
bt ~ # exit
bt ~ # exit
If you ever wish to edit your lilo.conf after the above create and copy procedure you
can return to where you were by using these commands instead of the above procedure.
First use the CD/DVD-ROM boot disk to start Backtrack 3 and then enter these commands
to adjust your mounts:
Code:
bt ~ # umount /dev/hda1
bt ~ # umount /dev/hda3
bt ~ # swapoff -a
bt ~ # mkdir /mnt/backtrack
bt ~ # mount /dev/hda3 /mnt/backtrack
bt ~ # mount /dev/hda1 /mnt/backtrack/boot
bt ~ # mount --bind /dev/ /mnt/backtrack/dev/
bt ~ # mount -t proc proc /mnt/backtrack/proc/
bt ~ # chroot /mnt/backtrack/ /bin/bash
bt ~ # nano /etc/lilo.conf
bt ~ # lilo -v
Use the "Start" button "Log Out", "Turn Off Computer" to exit Backtrack3.
In VirtualBox's "Settings", "Details", "CD/DVD-ROM" pane you can click on the
"Mount CD/DVD-ROM Drive" to disengage the "bt3final_usb.iso" from the CD/DVD-ROM
drive or better still go to "Settings", "General", "Advanced", "Boot Order" and
click on "Hard Disk" and the "Up Arrow" (to the right) to make the HD boot first.
Click "OK" and now click the green "Start" right-arrow to restart Backtrack 3 (from the VHD).
Ensure that Backtrack 3 is working and use the "Start" button to "Log Out","
31.): In some Wireless Network Drivers you are able to use Bridging, and some you can not.
If you have a very new computer then, when configuring VirtualBox, you are able to set
on the "General", "Settings", "Advanced" tab the "Extended Features", "Enable VT-x/AMD-V"
checkbox. With this set you can use VT-d to directly access your Wireless Network card.
My computer is new, but not that new so I had to use Bridging, here is what I did:
In Windows open the "Network Connections", locate and click on both your "Wireless
Network Adapter" and your "VirtualBox TAP Adapter", now right-click and choose Bridge.
32.): When you have everything correctly installed on your HD you can add the Virtual Tools.
In the VirtualBox menu "Devices" there is an entry called "Install Guest Additions...".
To install these tools go to the VirtualBox Toolbar (bottom right of the window) and
right-click on the CD/DVD-ROM, choose "Unmount CD/DVD-ROM" to unmount the Backtrack 3
installation CD/DVD-ROM.
Now select "Install Guest Additions..." and it will appear on your Backtrack 3 Desktop
as a CD Icon. The file is called VBOXADDITIONS_2.0.2_36486. In order to mount this file
you will need to open Konsole and create a new directory called /mnt/hdc first.
When you have it mounted in your Konsole type this and then reboot:
Code:
cd /mnt/hdc
./VBoxLinuxAdditions-x86.run
echo 98vboxadd-xclient > ~/.xinitrc
reboot
33.): Start Backtrack 3 in VirtualBox and type "ifconfig", notice that you have "eth1" and "lo".
If you can use VT-d then you might have your Wireless Networking already working but for
the rest of use that must use Bridging you can enable Promiscuous mode on the Bridge:
Code:
ifconfig eth0 up
ip link set dev eth0 promisc on
Now type "ifconfig" and you will see "PROMISC" working for eth0 (your Wireless Bridge).
Notice your HWaddr, it should be the MAC of your "Wireless Network Adapter".
When following tips given you will use eth0 instead of wifi0 or ath0 and likely will
need to tweak the tips a bit to get everything working to the extent it is possible.
You will find that some programs only work if they can detect a "Wireless Network
Adapter". Wireshark works but you might want to filter out "STP" packets. You can
also use any of Backtrack 3's tools on capture files saved from OmniPeek (you can use
Wireshark to read OmniPeek ".pkt" files and save them to ".cap" format.
34.): Anyone with "mod" privs. is welcome to edit the above info and fix what needs fixing.
This Tutorial is complete but I might come back to edit any corrections that are needed. :eek:
Nokii
