Results 1 to 4 of 4

Thread: [BT3b BUG] bt3 overwrites hdd

  1. #1
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    4

    Default [BT3b BUG] bt3 overwrites hdd

    (sorry for not posting this in bugs, but I cant for some reason although its way more than 3 days from my reg)

    Backtrack 3 beta overwrited my first partition on my hdd.
    Alright, Ive been complaining about BT3 overwriting my /dev/sda1 on startup on this forum before, but I had no proof.
    Well now I do:
    I downloaded BT3, burned, booted it up, tried few features like Firefox &internet connection etc., nothing dangerous, rebooted the machine and whoa, /dev/sda1 damaged.

    Later I datadumped the whole crashed partition on some other disk, installed new system (now using it) and viewed the old partition in hex editor.

    on the very beginning there is a block of some data, usually zeroes also ascii text tty4, tty5 ... etc... then theres plain text data obviously made by BT3:

    Code:
    version 2.6.21.5 (root@bt) (gcc version 4.1.2) #2 SMP Sat Aug 25 19:01:21 GMT 2007
    BIOS-provided physical RAM map:
    sanitize start
    sanitize end
    copy_e820_map() start: 0000000000000000 size: 000000000009fc00 end: 000000000009fc00 type: 1
    copy_e820_map() type is E820_RAM
    copy_e820_map() start: 000000000009fc00 size: 0000000000000400 end: 00000000000a0000 type: 2
    copy_e820_map() start: 00000000000f0000 size: 0000000000010000 end: 0000000000100000 type: 2
    copy_e820_map() start: 0000000000100000 size: 000000000fef0000 end: 000000000fff0000 type: 1
    copy_e820_map() type is E820_RAM
    copy_e820_map() start: 000000000fff0000 size: 0000000000003000 end: 000000000fff3000 type: 4
    copy_e820_map() start: 000000000fff3000 size: 000000000000d000 end: 0000000010000000 type: 3
    copy_e820_map() start: 00000000ffb00000 size: 0000000000500000 end: 0000000100000000 type: 2
     BIOS-e820: 0000000000000000 - 000000000009fc00 (usable)
     BIOS-e820: 000000000009fc00 - 00000000000a0000 (reserved)
     BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)
     BIOS-e820: 0000000000100000 - 000000000fff0000 (usable)
     BIOS-e820: 000000000fff0000 - 000000000fff3000 (ACPI NVS)
     BIOS-e820: 000000000fff3000 - 0000000010000000 (ACPI data)
     BIOS-e820: 00000000ffb00000 - 0000000100000000 (reserved)
    0MB HIGHMEM available.
    255MB LOWMEM available.
    Entering add_active_range(0, 0, 65520) 0 entries of 256 used
    Zone PFN ranges:
      DMA             0 ->     4096
      Normal       4096 ->    65520
      HighMem     65520 ->    65520
    early_node_map[1] active PFN ranges
        0:        0 ->    65520
    On node 0 totalpages: 65520
      DMA zone: 32 pages used for memmap
      DMA zone: 0 pages reserved
      DMA zone: 4064 pages, LIFO batch:0
      Normal zone: 479 pages used for memmap
      Normal zone: 60945 pages, LIFO batch:15
      HighMem zone: 0 pages used for memmap
    DMI 2.3 present.
    ACPI: RSDP 000F7380, 0014 (r0 IntelR)
    ACPI: RSDT 0FFF3000, 0028 (r1 IntelR AWRDACPI 42302E31 AWRD        0)
    ACPI: FACP 0FFF3040, 0074 (r1 IntelR AWRDACPI 42302E31 AWRD        0)
    ACPI: DSDT 0FFF30C0, 3A1A (r1 INTELR AWRDACPI     1000 MSFT  100000C)
    ACPI: FACS 0FFF0000, 0040
    ACPI: PM-Timer IO Port: 0x4008
    Allocating PCI resources starting at 20000000 (gap: 10000000:efb00000)
    Built 1 zonelists.  Total pages: 65009
    Kernel command line: vga=0x317 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 rw chexpand=256 autoexec=xconf;kdm BOOT_IMAGE=/boot/vmlinuz 
    Local APIC disabled by BIOS -- you can enable it with "lapic"
    mapped APIC to ffffd000 (0120a000)
    Enabling fast FPU save and restore... done.
    Enabling unmasked SIMD FPU exception support... done.
    Initializing CPU#0
    PID hash table entries: 1024 (order: 10, 4096 bytes)
    Detected 1700.130 MHz processor.
    Console: colour dummy device 80x25
    Dentry cache hash table entries: 32768 (order: 5, 131072 bytes)
    Inode-cache hash table entries: 16384 (order: 4, 65536 bytes)
    Memory: 248352k/262080k available (6006k kernel code, 13132k reserved, 1918k data, 388k init, 0k highmem)
    virtual kernel memory layout:
        fixmap  : 0xffe16000 - 0xfffff000   (1956 kB)
        pkmap   : 0xff800000 - 0xffc00000   (4096 kB)
        vmalloc : 0xd0800000 - 0xff7fe000   ( 751 MB)
        lowmem  : 0xc0000000 - 0xcfff0000   ( 255 MB)
          .init : 0xc08c6000 - 0xc0927000   ( 388 kB)
          .data : 0xc06dd83d - 0xc08bd3ac   (1918 kB)
          .text : 0xc0100000 - 0xc06dd83d   (6006 kB)
    Checking if this processor honours the WP bit even in supervisor mode... Ok.
    ...
    and so on.

    Probably BT3 for some reason mixed ramdisk with sda1, because further in the dump I can find some firefox data - cache, history, chrome:/ links etc. etc.

    Conclusion:
    BACKRTRACK 3 BETA CAN OVERWRITE YOUR HARD DRIVE.

    Please check startup scripts.
    You can ask me for detailed info or the datadump, because its now some
    time since this all happened and Im not pissed of that much.

  2. #2
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Moved and moderated.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    This happened from the live cd or after you installed bt3 to a partition like sda2? If so did you use the installer or do it the correct way by manually copying the files? We need alot more info on the procedure with which you used bt3.

  4. #4
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    4

    Default

    No, no installation, I just booted up the live cd.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •