Persistent USB

From BackTrack Linux
Jump to: navigation, search

Contents

Required Tools and Preparation

  • USB Thumbdrive (Minimum 8GB, Recommended 16GB)
  • Backtrack 5 ISO file, md5sum verified or a bootable BT5 DVD
  • Vmware to boot the iso if you choose to perform all the steps from within a VM as I did

It makes no difference which way you choose, just be aware that drive designations may be different for you than they were for me.

This may not be the best way to do this, but it works. I am sure there is a more elegant way of doing this which I may revisit later if the need arises and time allows.

Partitioning

Display the available drives with the command below and determine which drive you wish to install to. 

dmesg | egrep hd.\|sd.

The target drive needs to be partitioned as follows:

  • The first partition needs to be a primary partition of no more than 3.5 GB and set to type vfat (I have made this partition larger than needed so as it covers all iso's and future versions). Make the partition active to avoid boot problems.
  • The second Partition which stores the changes should take up the rest of the space on the thumbdrive, or as much as you wish to allocate for saving changes (4.5GB at an absolute minimum).

Run the following commands to perform the partitioning. 

fdisk /dev/sdb
# Use the Appropriate Drive Letter for Your System.
Delete any existing partitions 

Command (m for help): d
Partition number (1-4): 1

Create the first Partition 

Command (m for help): n
Command action
e   extended
p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-522, default 1): 
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-522, default 522): +3500M

Create the Second Partition 

Command (m for help): n
Command action
e   extended
p   primary partition (1-4)
p
Partition number (1-4): 2
First cylinder (193-522, default 193): 
Using default value 193
Last cylinder, +cylinders or +size{K,M,G} (193-522, default 522): 
Using default value 522

Set the First Partition to vfat/fat32 

Command (m for help): t
Partition number (1-4): 1
Hex code (type L to list codes): b
Changed system type of partition 1 to b (W95 FAT32)

Set the Second Partition to Linux 

Command (m for help): t 
Partition number (1-4): 2
Hex code (type L to list codes): 83

Make the First Partition Active 

Command (m for help): a
Partition number (1-4): 1

Command (m for help): w

At this point you may need to eject and reinsert the drive for the partition table changes to be recognized and for you to be able to perform the rest of the steps.


Format the Partitions 

mkfs.vfat -F 32 -n BT5 /dev/sdb1
mkfs.ext3 -b 4096 -L casper-rw /dev/sdb2

Please note that the second partition MUST be labeled as casper-rw exactly as written here, no other label will work, not even if you use caps instead.

Install BackTrack to the Thumbdrive

Mount the first partition which is sdb1 in this example. 

mkdir /mnt/sdb1
mount /dev/sdb1 /mnt/sdb1

Copy the files from the iso to the USB drive 

cd /mnt/sdb1
rsync -r /cdrom/* .


This last step will take a couple of minutes to finish, maybe more depending on the speed of your drives and method you are using.

Make The Drive Bootable

In this next steps, we make the Thumbdrive Bootable and copy files into their proper location with their correct names. 

syslinux /dev/sdb1

This has made the drive bootable, but as we are using files from isolinux with syslinux they will be named incorrectly and be in the wrong locations. We can easily fix that with the following commands. 

cp -r isolinux syslinux
cp syslinux/isolinux.cfg syslinux/syslinux.cfg
cp syslinux/isolinux.bin syslinux/syslinux.bin


Configure Persistence

To configure persistent modes in the entries we want, we need to do the following: 

nano syslinux/syslinux.cfg

Our original syslinux.cfg will look like this: 

default vesamenu.c32
prompt 0
timeout 300

menu title BackTrack Live CD
menu background splash.png
menu color title 1;37;44 #c0ffffff #00000000 std

label DEFAULT
  menu label BackTrack Text - Default Boot Text Mode
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrd.gz text splash vga=791--

label STEALTH
  menu label BackTrack Stealth - No Networking enabled
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrds.gz text splash staticip vga=791--

label FORENSICS
  menu label BackTrack Forensics - No Drive or Swap Mount
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrdf.gz text splash vga=791--

label NODRM
  menu label BackTrack noDRM - No DRM Drivers
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrd.gz text splash nomodeset vga=791--

label debug
  menu label BackTrack Debug - Safe Mode
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrd.gz text--

label memtest
  menu label BackTrack Memtest - Run memtest
  kernel /isolinux/memtest
  append -

label hd
  menu label Hard Drive Boot - boot the first hard disk
  localboot 0x80
  append -


In my case I just wanted to add a new Default boot which is exactly the same as the original default entry with the exception of being my new persistent mode.

To do the same you should make your syslinux.cfg look like the following: 

default vesamenu.c32
prompt 0
timeout 300

menu title BackTrack Live CD
menu background splash.png
menu color title 1;37;44 #c0ffffff #00000000 std

label DEFAULT
  menu label BackTrack Persistent Text - Persistent Text Mode Boot
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper persistent initrd=/casper/initrd.gz text splash vga=791--

label text
  menu label BackTrack Text - Boot Text Mode
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrd.gz text splash vga=791--

label STEALTH
  menu label BackTrack Stealth - No Networking enabled
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrds.gz text splash staticip vga=791--

label FORENSICS
  menu label BackTrack Forensics - No Drive or Swap Mount
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrdf.gz text splash vga=791--

label NODRM
  menu label BackTrack noDRM - No DRM Drivers
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrd.gz text splash nomodeset vga=791--

label debug
  menu label BackTrack Debug - Safe Mode
  kernel /casper/vmlinuz
  append  file=/cdrom/preseed/custom.seed boot=casper initrd=/casper/initrd.gz text--

label memtest
  menu label BackTrack Memtest - Run memtest
  kernel /isolinux/memtest
  append -

label hd
  menu label Hard Drive Boot - boot the first hard disk
  localboot 0x80
  append -

Now we need to test our new persistent mode.

Reboot your system from USB and select "BackTrack Persistent Text - Persistent Text Mode Boot" or wait for the timeout to boot it as default. To test the persistence, create a file anywhere on the system, but a new folder or text file on the Desktop is a very easy visual difference to check for.

Reboot.

If your file is there after a reboot, you have been successful.

Retrieved from "http://www.backtrack-linux.org/wiki/index.php?title=Persistent_USB&oldid=1146"