How do I access my Windows C: drive or files from CD/DVD/USB drives in BT?
Do you dual boot between Windows and BackTrack or boot your Windows system from a BackTrack DVD/USB system, and wonder how you can access the files from your Windows system on BackTrack?
Do you have a large wordlist on a removable media, and are not able to work out how to use that wordlist in BackTrack?
If you do then you need to learn to mount partitions in BackTrack! And that is exactly what this brief FAQ entry will discuss.
Now before I proceed I will note that this FAQ entry is NOT intended to be a detailed tutorial on mounting volumes in Linux. There are many other resources on the Internet better suited for that purpose, and the intention of the BackTrack forum is not to focus on discussing basic Linux tasks.
That being said, threads detailing problems with mounting volumes appear here often enough that a brief post on the topic may be useful to some members. Given that this post is covering basic Linux skills however, if you have any issues with the process listed here Id encourage you to search the Internet for more information on the topic before asking any questions here on the forum. There is enough information out there on this particular issue that any but the most obscure of mounting problems should be able to be solved by you, using existing resources, before you need to raise the issue here.
Now lets get started...
Finding the device name of the partition you want to mount
The first step to mounting a partition in a Linux system is finding its device name. Devices in linux are represented by files under the /dev directory in the filesystem, and partitions are usually represented as subordinate devices of a volume device. As an example, the hard disk represented by device /dev/hda may have one or more partitions underneath it named /dev/hda1 (partition 1) and /dev/hda2 (partition 2).
Different types of volume devices will also use different device naming conventions. Older style IDE hard drives are usually name /dev/hd[X] where X is a letter from a-z representing the order in which the drives were detected by the system, e.g. /dev/hda for the first hard drive, /dev/hdb for the second and so on. SCSI, SATA and USB drives and some newer IDE drives are usually represented by devices named /dev/sda, /dev/sdb and so on. CD/DVD drives can be represented by a number of different names, such as /dev/scd0, /dev/cd, /dev/cd3, /dev/dvd3, or even /dev/hd[X], depending on whether the drive is SCSI or IDE, its age, etc. Knowing these details will help you in identifying the correct device to mount.
Two ways in which you can find which partitions are recognised by your BackTrack system as well as their device names are to use the fdisk command and to read the contents of the /proc/partitions virtual file.
The examples below show the output from these commands when run from BackTrack 4 Final on a Windows Xp SP2 virtual machine.
Here I can see that my BackTrack system recognises a NTFS partition at device /dev/hda1. That is my Windows "C: drive".
root@bt:~# fdisk -l
Disk /dev/hda: 4294 MB, 4294967296 bytes
255 heads, 63 sectors/track, 522 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x4f1f4f1e
Device Boot Start End Blocks Id System
/dev/hda1 * 1 521 4184901 7 HPFS/NTFS
Here I can see that my BackTrack system recognises a number of devices as containing partitions, but the only one that looks to match the partition naming convention discussed above is hda1.
Based on the output from these commands, /dev/hda1 looks to be the device I need to mount.
root@bt:~# cat /proc/partitions
major minor #blocks name
7 0 1502416 loop0
3 0 4194304 hda
3 1 4184901 hda1
Creating a Mount Point and Mounting the Volume
Before we can actually access the files on the partition, we need to tell our BackTrack system that it needs to treat the given device as a device containing a file system, and to do this we need to integrate it into the existing filesystem. A Linux filesystem organises all files under a parent root "/" directory, and all filesystems need to be placed somewhere under this structure to be accessed, using a process called mounting.
We can do this by creating a mount point (really just a directory in the file system), and mounting the device there.
Lets create a mount point using the mkdir command. Convention has us create a directory using the same name as the device under either the /mnt or /media directories, but you can put this elsewhere if you choose.
root@bt:~# mkdir /media/hda1
Now we mount the volume. The mount command will usually try and autodetect the filesystem to use, but if it cant you can specify one using the -t switch.
root@bt:~# mount /dev/hda1 /media/hda1
Now we can access files on the volume via our mount point /media/hda1
root@bt:~# ls /media/hda1
AntDSData Documents and Settings pagefile.sys Savant
AntDSWorkDir IO.SYS Program Files Software
AUTOEXEC.BAT MSDOS.SYS Python25 System Volume Information
boot.ini NTDETECT.COM RECYCLER Test
CONFIG.SYS ntldr rtrace.txt WINDOWS
The specific example I have given above was for accessing a Windows "C: drive" but the general process will work for pretty much any type of media you need to access - you just need to specify the correct parameters.
For more information about mounting volumes, try Google or "man mount". Using "mount" without any parameters will show you the already mounted volumes. If you happen to be running BackTrack as a non root user you will need to use mount options and/or assign correct permissions or group memberships to your user so that they will be able to access the mount volumes. Mount operations themselves always need to be done as root.
I should note that it is also possible to mount volumes in BackTrack by using the GUI, however this is a method I usually avoid because of potential complications in accessing that volume later from the command line.
If you want to stop accessing your mounted volume (so you can safely unplug a mounted USB stick for example), unmount it using the "umount" command, using either the mount point or device name as a parameter, e.g. "umount /dev/sda1" or "umount /media/sda1".