[Eee901] Create an Backtrack 3 Eee901 Usb Stick

There are dozend Situations in which Backtrack 3 comes in handy.
Backtrack 3 is an special Linux Suite of Security Auditing Tools which allow i.e. WEP Cracking, Network Security Checking, Sniffing, and so on.
To make this nice Suite a bit more portable, we will put it onto an Usb Stick and customize it with Eee901 Drivers, persistent Changes and Nessus 4!

Download:
Backtrack 3 USB Version: http://www.remote-exploit.org/backtrack_download.html
unetbootin Windows: http://unetbootin.sourceforge.net
Partiton Tool, like partedmagic: http://partedmagic.com
Eee901 Pack: 901_net_gfx.lzm (you'll find it in google)
Nessus 4.0.2: http://www.nessus.org/download/
( We need the 4.0.2 as Nessus-4.0.2-linux-generic32.tar.gz and the Graphical Linux Interface for nessusd NessusClient-4.0.2-es4.i386.rpm )
And you should help yourself to an free personal key under http://www.nessus.org/plugins/?view=register-info

Preparation:
First thing is you need to prepare the Usb Stick. For Backtrack 3, an 2 GB Stick should be ok. For Backtrack 4, you would need an 4 GB Stick at least.
1) Get your stick and partedmagic CD
2) Plug it in and boot to partedmagic
3) Create with the Partitioneditor 2 Partitions
- 1) fat32, 900mb
- 2) ext2, 1100mb
-> write down if your usb stick is sda1, sdb1, or what.
4) Reboot - again to partedmagic
Now create an folder called changes to the second partition.
Should look somehow like this (not nice, but should work if you're on sda2...):

mount /dev/sda2 /mnt
cd /mnt
mkdir changes
cd /
umount /mnt

5) Done, boot to Windows

Installation of Backtrack 3:
1) Start unetbootin
2) Choose Disk Image, ISO and as file the Backtrack3 USB
3) Check wheter the destination drive is correct (your usb stick, fat32 partition) - CHECK TWICE! And Error would kill your System!
4) Press Ok and wait until its done, do NOT reboot
5) Copy 901_net_gfx.lzm to your usb stick, folder BT3\optional
6) Open syslinux.cfg in boot\syslinux\ and add following lines, which will be your new menu entrys for booting from the usb stick - with eee901 drivers.

label eee901save
menu label BT3 Graphics mode (Eee901) - Save Changes
kernel /boot/vmlinuz
append vga=785 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 rw load=901_net_gfx autoexec=kdm changes=/dev/sda2

label eee901
menu label BT3 Graphics mode (Eee901)
kernel /boot/vmlinuz
append vga=785 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 rw load=901_net_gfx autoexec=kdm

WARNING! changes=/dev/sda2 MUST be changed to what you saw on the partition - and maybe you still need to try it out.
2 means second partiton and thats right - ext2 partition. This changes tells Backtrack where it should save the changes you make while working in it.
the changes could be sda2 or sdb2 or sdc2. But mostly its sda2.

Save after you're done

7) Open cmd and access your usb stick, cd to boot\syslinux\ and execute this:
syslinux.exe -ma -d \boot\syslinux H: (H: should be your usb drive letter... will be different!)
This will write the bootmanager to the usb stick with the settings you entered in 6).
After changing for example the changes line there, you will need to repeat this again, also.

8) You're done. Boot from the stick, it should work.

Insallation of Nessus 4:
Nessus is an auditing tool which is really strong - but is not complete opensource - so you need to install it manually.
Boot onto your Backtrack 3...

Install NessusServer
Nessus-4.0.2-linux-generic32.tar.gz
gunzip Nessus-4.0.2-linux-generic32.tar.gz
tar -xvf Nessus-4.0.2-linux-generic32.tar
cd Nessus-4.0.2
install.sh

Follow the install instructions

/opt/nessus/sbin/nessus-mkcert
/opt/nessus/sbin/nessus-adduser
cd /opt/nessus/etc/nessus
nessus-fetch --register XXX-YYY-ZZZ-VVV (Serial you obtained)

Launch the Server:
/opt/nessus/sbin/nessus-service -D

Install NessusClient
NessusClient-4.0.2-es4.i386.rpm
rpm2tgz NessusClient-4.0.2-es4.i386.rpm
pkgtool (Select NessusClient-4.0.2-es4.i386)
cp /usr/lib/libssl.so.0.9.8 /lib
cp /usr/lib/libcrypto.so.0.9.8 /lib
cd /lib
ln -s libcrypto.so.0.9.8 libcrypto.so.4
ln -s libssl.so.0.9.8 libssl.so.4

Launch the Client:
/opt/nessus/bin/NessusClient

Nessus Install taken from: http://forums.remote-exploit.org/backtrack3-howtos/22031-backtrack3-nessus-4-0-install.html
Rest from Remote Exploit and others / google

[XP/Vista/7/Server2k3/8] x86? x64? What am I, and how many?

To check wheter which version of Windows is installed on that shiny little x64 box with 64 Processors and 4 TB of RAM, you should start the msinfo32 and watch for "Systemtype": and x86 is clearly an 32 bit Windows Installation, while an x64 or ia64 means that you're running on 64 bit.

[Vista] How To Disable Network Auto Tuning and fix Connectivity Problems

Autotuning dynamically changes the TCP Window Size - which often causes errors as loss of network connectivity, firewall problems, and so on.

To show the status of this autotuning, you should check it with admin rights under cmd with this command: netsh interface tcp show global
To disable use: netsh interface tcp set global autotuning=disabled
To reenable use: netsh interface tcp set global autotuning=normal

Another important thing concerning wireless problems - you should install Service Pack 2, as it does contain an bunch of hotfixes and other important stuff.

Toshiba Satellite P300D-211 (PSPDCE-02KOOWGR) Wireless Problems

The Satellite \ Satellite Pro P300 \ P300D Series suffers from Problems with Wireless Connectivity.
To solve these problems you need to upgrade to at least Bios Version 3.00 (recent is 3.10).
For XP and Vista64, that should already fix it.
For Vista32, you need to upgrade the Wireless Lan Drivers as well.
But I would recommend upgrading it also on x64 Systems.

(disabling autotuning for networking and installing sp2 should help as well!)

[XP] Solve Stop Error 7B on Windows XP Setup

If you get an Stop Error 7B / Blue Screen of Death (BSOD) on Windows XP Setup (for example Win Xp 32bit Professional) on an up-to-date machine, you should try changing the SATA Controller Mode from AHCI to IDE / ATA in BIOS. That should do the trick.

Reset Password on Linux

1. Boot with Knoppix
2. mount /dev/sda1 /mnt
3. vi /etc/shaodw
4. i
5. kill the string between the first and second :...
for example: user:$1$pM8HYEMB$Cx0yiRM4pj2Ty4lFBWuy4.:12038:0:99999:7::: becomes:
user::12038:0:99999:7:::
6. ESC :w Enter
7. cd /
8. umount /mnt
9. reboot
10. login with user and just press enter on password.
11. enter passwd and change the password.
12. you're done!

c3560 Cheat

Hostname:
hostname test

Image Upgrade:
del /r /f flash:c3560-ipbase-mz.122-35.SE5
copy tftp://192.168.2.1/images/c3560-ipbasek9-mz.122-46.SE.bin flash:

del - File
rm - Folder

Boot with other Image:
boot system c3560-advipservicesk9-mz.122-46.SE.bin

Portfast (on dhcpd Problems):
spanning-tree portfast

Switchport with Vlan 10:
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
description nativ
macro description NATIV
spanning-tree portfast

Description Vlan 10:
vlan 10 name testvlan

Trunkport:
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
ip dhcp snooping trust

DHCP Snooping:
Global Activate:
ip dhcp snooping vlan 1-4094
no ip dhcp snooping information option
ip dhcp snooping

Allow DHCP on Port:
ip dhcp snooping trust

ESXi Trunking:
ip dhcp snooping vlan 1-4094
no ip dhcp snooping information option
ip dhcp snooping

these are the vlans, one main, one “test” for the vm
vlan 1
name main
vlan 999
name test

normal client port
interface FastEthernet0/1
switchport access vlan 1
spanning-tree portfast

vm client port which does access vlan 999
interface FastEthernet0/3
switchport access vlan 999
spanning-tree portfast

vm server port, which does access normal vlan 1, and does trunk the rest
” ip dhcp snooping trust” means, that this port is allowed to answer dhcp requests
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport trunk native vlan 1
switchport trunk allowed vlan 1,999
switchport mode trunk
ip dhcp snooping trust
end

Routing with c3560-advipservicesk9-mz.122-46.SE.bin:
( Every Net needs a own Vlan! )
( The Vlan Ip is the Gateway )

ip routing

interface FastEthernet0/1
switchport access vlan 2
switchport mode access

interface FastEthernet0/8
switchport access vlan 3
switchport mode access

interface Vlan2
ip address 134.96.10.1 255.255.255.0

interface Vlan3
ip address 192.168.2.1 255.255.255.0

c3560 Routing with Advanced IP Services

Problem: You got serval networks, you got an c3560 but no Router.
Solution: Get an c65e VSS
Following Problem: Insufficient Money, Power, Space,....
Solution: Get your c3560 to route these Networks with an Advanced IP Services Firmware
YOU DO NEED AN "advipservices" FIRMWARE ON YOUR c3560!

Assumption:
On f0/1 PC with 134.96.10.2 -> We want the Gateway to be 134.96.10.1
On f0/8 PC with 192.168.2.2 -> We want the Gateway to be 192.168.2.1

How to:
Easy Idea - for an normal routing process you need an Interface in the "to be routed" net.
And there for the Solution lies in the usage of vlans.
Every port that uses one net is bound to the vlan of that net.
Every net get its own vlan.
Every vlan gets an ip (the gateway ip thats entered into the pcs of this net).
Activate routing.
Done.

Configuration:

interface FastEthernet0/1
switchport access vlan 2
switchport mode access

interface FastEthernet0/8
switchport access vlan 3
switchport mode access

interface Vlan2
ip address 134.96.10.1 255.255.255.0

interface Vlan3
ip address 192.168.2.1 255.255.255.0

ip routing

SCP with Plain Password

My altered Version:

Call it with ./scp_bkp.sh User Password BKPPath ServerIP

#!/usr/bin/expect -f


set USER [lrange $argv 0 0]

set PW [lrange $argv 1 1]

set BKPPath [lrange $argv 2 2]

set IP [lrange $argv 3 3]
# 1 User, 2 PW, 3 BkpPath, 4 IP
# trick to pass in command-line args to spawn

#eval spawn scp $argv

eval spawn scp $USER@$IP:/bootbank/state.tgz $BKPPath
expect "password: $"

send "$PW\n"

# wait for regular shell prompt before quitting # probably a better way using 'wait' expect "$ $"

Orginally taken from: http://tiebing.blogspot.com/2009/01/scp-with-automatic-password-input.html

[VMWare] How to shrink Virtual Harddrives?

You want to shrink an too big harddrive on your VM?
Ok, lets go:

1.) Create an Harddrive in your VM which does have the desired size as second Drive
2.) Boot the VM with an Parted Magic ISO (http://partedmagic.com)
3.) Choose GParted and size your existing Harddrive down so that it will fit into the new Drive
4.) Choose Clonezilla, start for Local Disk, Local Disk to Local Disk, choose your old Disk as Source and the new as Destitination and Expert Modus.
4b.) Don't change anything in Expert, just klick through and accept the new MBR and Co.
5.) After thats done, you're done! Shut down, remove the first Harddrive (just remove from VM, NOT ERASE FROM ESXi!) and select the "new" Drive and set it to the SCSI Path the old one was (0:0:0) or so - fire it up! It should boot.

If it doesn't, get the new drive again to second with the second scsi path, insert the old drive as first again, and try again. Mostly works on second trial.

PS: If you got an Windows VM, try to use Acronis True Image Home 11 and its harddrive clone function. Works better on MS Products.