Saturday 14 September 2013

new Video - Install Windows XP using Easy2Boot



E2B v1.09 released

This version has a few minor changes as described below:

v1.09 2013-09-14 Some sample .mnu files revised and added, .vhdmem, imz, imggz extensions supported, set DEFMENU=0 supported for no 'set default' menu item, .txt files now checked for 'title' keyword and user warned if missing.

If you set 

set DEFMENU=0

in your MyE2B.cfg file then the 'set default menu entry and timeout' menu item will not appear in the Main menu.

Also, if you accidentally create a .txt file for a payload file and forget to precede the entry with the word 'title' then E2B will warn you when it enumerates the files on boot. I have had several cases where users have forgotten to add the word 'title'.

.vhdmem will load the whole vhd file into memory.

.imz and .imggz are now recognised as valid fdd images.

I have also made available a 30MB download of E2B + the XP Mass Storage DriverPack files to make it easier to create an XP install E2B USB drive.

Wednesday 11 September 2013

Add GeeXBox ISO to Easy2Boot

GeeXBox is an XBox Media Centre linux release (XBMC). You can boot it from an ISO file in E2B but you need to also extract and copy the rootfs file from the ISO and place it in the root of the USB boot drive.

e.g.
\_ISO\MAIMENU\GeexBox-3.0-i386.iso
\rootfs




Using the following .mnu file you can have persistence too but it seems to cause some problems which I haven't managed to solve yet.

# For persistence, create an ext2 file called casper-rw in the root of the boot drive using RMPrepUSB Create ext2 FS button
# Then rename the file to geexbox-rw  (do NOT create a file called geexbox-rw - you MUST create a file called casper-rw first and then rename it!)
# Place ISO in \_ISO\Mainmenu\linux or \_ISO\Linux\Linux (and this .mnu file too)
# Extract the file rootfs from the ISO using 7Zip and copy it to the root of the USB drive
# DOES NOT WORK UNDER NORMAL VM  (you can use VBox + DavidB's USB VM Starter app)!!!
# If it complains about broken repositories, do not disable them if prompted.

iftitle [if exist %MFOLDER%/Linux/GeexBox-3.0-i386.iso] GeexBox \n GeexBox using /geexbox as a persistence file
if exist CD echo WARNING: Cannot use partnew command! && pause && configfile (bd)/menu.lst
set ISO=GeexBox-3.0-i386.iso
#enable parttype output
partnew (hd0,3) 0x0 %MFOLDER%/Linux/%ISO%
# make empty table entry in 3rd position in ptn table
debug 1
parttype (hd0,2) | set check=
debug off
set check=%check:~-5,4%
if "%check%"=="0x00" partnew (hd0,2) 0 0 0
if not "%check%"=="0x00" echo WARNING: PTN TABLE 3 IS ALREADY IN USE! && pause
debug 1
if not exist /geexbox-rw echo WARNING: /geexbox-rw persistence file not found! && pause
errorcheck off
if "%check%"=="0x00" partnew (hd0,2) 0x0 /geexbox-rw
errorcheck on
map %MFOLDER%/Linux/%ISO% (0xff)
map --hook
root (0xff)
kernel /vmlinuz root=/dev/ram0 ro vga=789 persistent
initrd /initrd

Sunday 8 September 2013

RMPrepUSB v2.1.710 available

RMPartUSB code has been updated to v 2.1.710. RMPrepUSB has just had it's version number updated to match that of RMPartUSB.

When MAX size is specified in RMPrepUSB to partition and format a drive, RMPartUSB used all available drive space as reported to it by the drive's 'get-size' function call under Windows. However, some USB drives seem to report their size inaccurately (at least under Win7) leading to a partition being created by RMPartUSB that was actually slightly larger than the end of the physical drive. As a result the last few sectors of the partition could not be accessed and this seemed to cause very slow access (BIOS timeouts) when running the Easy2Boot 'check-access' test or in grub4dos when accessing some volumes when looking for the WINHELPER.USB file or in XP when booting from a vhd (and possible when booting from flat files too?) - but only on some BIOSes. It may be that some BIOSes set up the disk geometry as modulo 255*63 as they expect the partitions to be modulo 255*63 and then try to access the end of the disk (for some strange reason).
The new version of RMPartUSB now reduces the reported drive size to a whole cylinder (nearest 8MBish) and checks that the end is accessible (and reduces it further if it is still not accessible). This should reduce the occurrence of some strange 'slow' access problems occasionally seen in grub4dos and booting XP from a USB drive and with Easy2Boot on some systems.
I recommend updating to this new version which I will release as the standard version in a few days if no problems are reported with it. If practical, reformat your E2B flash drives with this new version if you were having any 'slow' or 'hanging' problems using E2B.
The DriveInfo command has also been tweaked to show the end LBA sector of each partition and to report the drive size as reported by the drive as well as the size that RMPrepUSB will use if you partition the drive using 'MAX' for the volume size.

Three new 'Tutorials' added

109 - USB Rubber Ducky Hack Device (Hak5)  (just information rather than a tutorial!)
110 - Run full Windows XP to Go! from a USB drive Install full XP to a VHD in 30 minutes (works on some systems but not all!)
111 - How to semi-automate and speed-up Windows driver installs (if you often manually re-install Windows using Setup.exe on the same model of system, why not semi-automate the driver installation and save time).

Thursday 5 September 2013

FAST! Windows NTFS file search of your entire system in a few seconds! - SwiftSearch

SwiftSearch requires Admin privileges, however, it is VERY FAST!
You can use regular expressions or use a search pattern like t*.xl??  to find Excel files beginning with t or T. On my 250GB nearly full C: volume it did this search in about 1 second (after reading the NTFS file table on the first search, which took about 5 seconds)!
Not only is it fast, but it actually finds the files I am looking for (even if it is a hidden or system file) unlike the next-to-useless Win 7 search engine! Finally you can disable the resource hungry and delay-causing Windows Search Service and no need for an enormous index file either. Shame MS couldn't do this!
SwiftSearch is a standalone executable and therefore is a portable application - it ran fine under a vanilla Windows 7 PE environment too. This means it could be very useful for booting a system to WinPE from a USB drive and then quickly using SwiftSearch to find and copy an important file (or all .doc files?) onto your USB drive. Unfortunately you can only select and copy one file at a time in the search results (no Ctrl+A function) but at least right-click works as expected on individual files. Maybe this will be improved soon?
See here for a forum thread on SwiftSearch and comments from the author of SwiftSearch about hidden (previously undocumented) features:
  • F5 - re-index target volume (use this if you have copied files to the same volume since you launched SwiftSearch)
  • Ctrl+Search = find all files included deleted files (right-click on result to see file number) - combined with DiskBuddy's ability to read the MFT, that should be enough to tell you where a file is located on the disk.
  • Shift+Search = display all NTFS attributes
  • ESC - minimise to System Tray (re-indexes every 15 minutes)




Wednesday 4 September 2013

Easy2Boot v1.08 - few minor changes

v1.08 2013-09-04 bitdefender mnu file added to docs folder, Windows 8.1 temporary Product Keys added, master pwd option in MyE2B.cfg

Setting a master password prevents the user from running E2B unless they know the password.

Tested with Windows 8.1 x86 ISO (no E2B code changes were required but new Windows 8.1 keys need to be entered to install Win8.1).

Link for leaked Win8.1 ISOs is available in External Links page on www.rmprepusb.com site.

Tuesday 3 September 2013

'Hide' grub4dos menu.lst and other 'sensitive' files

If you have made a grub4dos bootable USB drive and you have password protected the menu.lst (or maybe just some of the menu entries) using the grub4dos password command, it is really quite easy for someone to hack the menu.lst file and simply remove the password lines just by using Notepad.

Another scenario is that you have set up an expiry date in the menu.lst file, so that when the expiry date is reached, a message will warn the user that it has expired and it should be updated and you don't want this to be circumvented! . See here for details on how to set this up.

Here are two ideas which I use to deter the amateur hacker.

1. Use 7Zip to compress the menu.lst file (or any sensitive .g4b batch files or other files loaded by grub4dos) to GZip format. Ensure that the resultant filename and extension is not changed and grub4dos will still run it just fine.

2. Set the file attribute on the 'sensitive' files (e.g. menu.lst) to Hidden (right-click - properties - Hidden).
You could also set the file attribute to System+Hidden+ReadOnly to make it even more difficult to see in Windows Explorer. You can use the Windows command line and the attrib menu.lst +h +r +s command or use NirSoft BulkFileChanger to do this.

This (compression to Gzip +  attribute change) will also work on most of the grub4dos Easy2Boot files (e.g. all .g4b, .lst and .mnu files and even your \_ISO\MyE2B.cfg file). Just keep the filename and the extension the same. Any file loaded by grub4dos that is detected as being in compressed gzip format is automatically uncompressed by grub4dos when it is read.

Of course, now I have told everyone this, it is no longer a secret!


Footnote: Another format that grub4dos can read is lzma, but not the standard lzma compression used by 7Zip. This format is slightly better because if you open it in NotePad, you don't see any tell-tale header information. For this lzma compression which grub4dos understands, we need to use the Windows lzma.exe utility

1. Download lzma.exe from https://code.google.com/p/grub4dos-chenall/downloads/detail?name=lzma.exe
2. Open command prompt
3. Type
                  lzma.exe e J:\_ISO\MyE2B.cfg J:\_ISO\MyE2B.cfg.lzma
4. Delete the original file and rename the lzma so it is the same name as the original (e.g. MyE2B.cfg).

To decode the compressed file, use the d parameter:

              lzma.exe d J:\_ISO\MyE2B.cfg J:\_ISO\MyE2B.cfg.txt

P.S. 7Zip can also decode the compressed lzma files if you add the .zip extension - 7Zip lists them as LZMA:23 encoded files.

For more details and also a handy drag&drop utility to compress E2B files (without changing the original filename) see Tutorial 72a here. It also has a decompress drag&drop utility included too. Each file selected is checked first to ensure you don't try to double-compress a file by mistake!

E2B - bitdefender ISO + persistence now supported

You can run a BitDefender .ISO with persistence from an E2B USB drive which keeps AV updates on the USB drive's persistent ext2 filesystem. I have added a new .mnu file to the E2B download - look in the \_ISO\docs\Sample mnu files folder (as usual).