Sunday, March 01, 2009

Backtrack Beta 4 + USB Persistent/Changes Installation Ubuntu (Hardy/Ibex)

This post explains how to install and setup Backtrack 4 on a USB drive so that one can save changes. I have also included a fix to the Launchpad PPA required keys error so that the system can be updated without problems.
I know that there are several ways to do this. I have seen the other howtos, however, I ended up needing several references in completing this task and I have decided to share.

Software you will need
Unetbootin - There are serveral ways to get this installed, I used the deb file from unetbootin.sourceforge.net. I am not using the newest version of Unetbootin but this should not matter. Here are some older versions for other distributions. I found the debian file for hardy here.

Backtrack Beta ISO - Brought to you by Remote-Exploit.org, I am using the DVD image bt4-beta.iso.

Launchpad-ppa-fix - A perl script to fix Launchpad PPA links and import required keys. You also need to install libhtml-parser-perl and libio-socket-ssl-perl, they are in the Ubuntu repositories.
**UPDATE**
There is an alternative to using this perl script below which is the recommended method for solving this issue (simply renew the gpg key using the terminal).

Gparted - To format the USB drive. There are other ways to do this. Gparted is a nice GUI that gets the job done. Gparted is in the repositories. Feel free to use something else.

I am going to assume that you have installed/setup either Ubuntu 8.04 (HARDY) or 8.10 (ibex). This Howto may work with other versions of Linux, but I have only tested this on Hardy and Ibex.

I am also going to assume that you have installed Unetbootin, Gparted and that you have downloaded the backtrack DVD image. We will download and unpack the perl script later.

So on with the show.

1) Using Gparted create two partitions on your thumb drive.
-The first partition needs to be a primary partition of at least 1 GB and formated as FAT32.
-The second partition can be the rest of the thumb drive. It needs to be formatted as ext2.
I formated the entire drive as FAT32 and then created a 4gb ext2 partition. My USB drive is 16GB total, and I would like to access most of its space on both Linux and Windows when I am not using Backtrack 4, so I've made 12GB of the USB drive FAT32 and 4GB ext2.

2) Install Backtrack 4 to USB drive using Unetbootin.
Open Unetbootin, choose Disk image and specify the path to the bt4-beta.iso. In the Type, choose the FAT32 partition. Sometimes you have to check 'Show All Devices' as Unetbootin does not always detect a disk as a USB disk. In my case I chose /dev/sdb1. You can check your drives and partitions in terminal using df or fdisk:
:~$ sudo fdisk -l
or
:~$ df -h

3) Press the OK.
You may get a warning that files exist on your USB drive. Once you are sure you've picked the correct partition, tell it to go ahead and replace the files. When Unetbootin is finished it will prompt you to reboot or close. Reboot the computer and test to see if the computer will boot to the USB drive.

NOTE: In some cases the bootloader (which is lilo) is not configured properly or is not installed at all on the USB disk. In my case, the bootloader was installed, however the vesa settings were messed up and lilo would not display properly. If you boot to the USB drive and you get a gray screen but no menu, or a menu that flickers past the screen, then you have the same issue I did. This is fairly simple to solve. First boot back into Ubuntu. In terminal, execute the script /USBDrive/boot/bootinst.sh:
:~$ sh /USBDrive/boot/bootinst.sh

The script will try to auto detect the drive and partition where Backtrack 4 is installed and will ask for a confirmation. Check that it has detected the correct partition and confirm. Once you are brought back to the prompt, you should be able to boot the USB drive and see the grey screen with the menu options. Boot into Backtrack and make sure things start properly.

4) Configure persistent changes while booted to Backtrack 4.
Once we have booted into Backtrack 4 we need to configure the rest of the USB drive.. We need to create a folder called "changes" in the second ext2 partition. In my case, this is /dev/sdb2. We may also need to mount this partition if it is not mounted. We can do this in terminal:
:~$ mount /dev/sdb2 /mnt/sdb2
:~$ cd /mnt/sdb2
:~$ mkdir changes

Next we need to change the permissions on /boot/syslinux/lilo and /boot/syslinux/syslinux . Again in terminal:
:~$ cd /boot/syslinux
:~$ chmod +Xx lilo
:~$ chmod +Xx syslinux

Now, open /boot/syslinux/syslinux.cfg with a text editor and make the following changes. I prefer vi, if you want a GUI editor, you can use Kate.
-Find the line “LABEL BT4″.
-Copy that line and the next 3 lines and paste them right below the existing section. This will give us a fall back option in case something goes wrong.
-Change the original “LABEL BT4″ to something you want like “LABEL BT4-persistent”.
-Change the line that begins with APPEND in the original section by adding “changes=/dev/sdb2″ immediately after “root=/dev/ram0 rw”.
-It should look something like this:

LABEL BT4
MENU LABEL BT4 Beta - Console Persistent
KERNEL /boot/vmlinuz
APPEND vga=0x317 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 rw changes=/dev/sdb2 quiet

LABEL BT4
MENU LABEL BT4 Beta - Console
KERNEL /boot/vmlinuz
APPEND vga=0x317 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 rw quiet

-Save the changes and exit.
Reboot and select the option 'BT4 Beta Persistent', it should be the first option. To test that persistent changes are setup correctly, create a file and reboot again. If the file you created is still there after you reboot, everything is working.

Note: The Network Manager is not started at boot. You will need to add it to start during boot or you will need to start it when you want to use it. You can do this in terminal:
:~$ /etc/init.d/NetworkManager start

5) Finally, use the perl script or gpg to fix Launchpad PPA links and import required keys.
You will notice that if you do an apt-get update in terminal, you will get an error. It is easy to resolve this issue.
Boot into Backtrack 4 and connect to the internet. We need a few packages for the perl script to work. You can use synaptic or apt to install them. To use apt, type the following into the terminal:
:~$ sudo apt-get update
:~$ sudo apt-get install libhtml-parser-perl libio-socket-ssl-perl

Now download, untar and run the perl script. You can do this in terminal:
:~$ wget http://savvas.radevic.com/launchpad/launchpad-ppa-fix.tar.gz -O launchpad-ppa-fix.tar.gz

:~$ tar xzvf launchpad-ppa-fix.tar.gz
:~$ perl launchpad-ppa-fix.pl
:~$ sudo apt-get update

Run this script until you no longer get any error.

Alternatively, if you do not want to use the perl script, you can use the following commands in terminal to fix the PPA links:
:~$ gpg --keyserver keyserver.ubuntu.com --recv CB2F6C86F77B1CA9
:~$ gpg --export --armor CB2F6C86F77B1CA9 | apt-key add -
:~$ sudo apt-get update

That is it! You should now have a Backtrack 4 installation on your USB drive that you are able to update without errors and save changes to.

FINAL NOTES:
1) If you mess up your installation, all you need do is delete the contents of the second ext2 partition leaving nothing but an empty 'changes' folder. This will bring everything back to a fresh install and you will still be able to save changes.

2) I have had issues with updating from the Launchpad Repositories. It seems to break KDE from time to time. The RE Forum says that you should be able to update with the default repository list without any problems, but this does not always seem to be the case. If you notice KDE breaking, try removing the launchpad repositories from the /etc/apt/sources.list.

4 comments:

B0z0dcl0wn said...

What if i just want to load the persistent changes?

I would like to update BT and have the updates stick. then reboot into another menu option that loads all my changes READ ONLY so i can run any comands worry free.

Trash said...

Hell yes. Thank you. I've tried this before a slightly different way which screwed it up in a small but very annoying way. I'm glad to report from my fresh install that it works.

and thanks for adding the last bit about GPG Key - I read about that before and figured I'd have to do that.

Sharik said...

Thanks for a great tutorial! I've been following it without a snag up until the Launchpad PPA links perl script part. It installed fine but when "launchpad-ppa-fix.pl" is executed, it is unable to retrieve keys and gives ERROR 503 Service Unavailable.

Sharik said...

I was able to get the key another way by running the folllowing:

gpg --keyserver keyserver.ubuntu.com --recv CB2F6C86F77B1CA9

gpg --export --armor CB2F6C86F77B1CA9 | apt-key add -