Thursday, 29 April 2010

When All Else Fails, Kon-Boot

*** NOTE***  This post relates to bypassing Windows and Linux Operating System security.  

The tool discussed here is for HOME USE ONLY!  It is NOT be used on systems that do not belong to you.  Any problems arising from using Kon-Boot are YOUR responsibility.  After all, no-one is forcing you to Kon-Boot!

We have all been there.  Passwords, or lack of.

Luckily, there is a tool now available that will allow you to bypass Windows or Linux operating system security and allow you to log on without knowledge of any of the operating system passwords.

What's more is this tool will allow you to do this without making any changes to the operating system installation itself.  Instead, it makes changes to the operating system as held in memory on the target machine.  Once the machine is rebooted, those memory changes are lost.

The tool is called Kon-Boot, developed by Piotr Bania. Piotr's Website

I'm not going to tell you how to use it.  Instead, I'll point you towards some videos of Kon-Boot in action.

Windows


Linux


If you are interested in learning more about  Kon-Boot, then have a look at Claus Valca's blog post here.  Well worth the read as Claus has spent quite a bit of time on this.

- Chris

Tuesday, 20 April 2010

USB Boot Without BIOS Support

Here is a great little workaround; how to boot any PC (or virtual machine) from a USB device.

As shown in previous posts USB Antivirus, Ubuntu USB and ESX4 USB, it is easy to create a bootable USB device and save on CD/DVD media costs.

However, what happens if your hardware doesn't support booting from USB? Or the USB devices you've carefully created don't work with your particular hardware?

Here is the simple workaround, using a tiny piece of software that you can install onto a floppy disk or write onto a CD.  Yes I know, I said boot from USB and now we need to create a floppy disk or CD...  Stick with me, it's worth it.

Software
  • PLoP Boot Manager  - Boot Manager download page: here (filename plpbt-x.x.x.zip) circa 1.5Mb
  • RawWrite - [Only required if creating a floppy disk] - 210Kb
Floppy / CD Creation
Download the latest version PLoP Boot Manager zip from the link above and decide whether you are going to use CD or floppy to boot your machine.  I tend to use a floppy as it's smaller and on balance (at the moment) more machines have floppy drives than have CD drives.  Also makes keeping the Boot Manager up to date easier!

Floppy
  1. Extract the file plpbt.img from the PLoP Boot zip (plpbt-x.x.x.zip) to a temporary location
  2. Download RawWrite (link above) and extract rawwritewin.exe from the zip
  3. Insert floppy disk
  4. Launch rawwritewin.exe and open plpbt.img from the temporary location:
  5. Click Write. The plpbt.img will be written onto the floppy
  6. Once the write is complete, eject the floppy.  You are ready to boot!
CD
  1. Extract the file plpbt.iso from the PLoP Boot zip (plpbt-x.x.x.zip) to a temporary location
  2. Burn the ISO file onto CD.  If you are unsure if your software is capable of doing this then I suggest you use ImgBurn.  A tutorial for burning ISO files with ImgBurn is available here.
  3. You are ready to boot!
Use
  1. Insert you floppy or CD and reboot your machine.  Also insert the USB device to boot from.
  2. All being well, you will be presented with the following menu:
  3. Using the arrow keys scroll down to USB and hit return
  4. Wall-la!  The machine will now boot from the USB device
I've also used this method to boot VMware virtual machines from within VMware Player, VMware Workstation, and VMware Server.  Unfortunately ESX and ESXi lack the USB support.

Hope you agree, PLoP Boot Manager makes a handy little tool to keep around.

- Chris

Monday, 19 April 2010

Easy Bootable Antivirus CD/USB

*** Checkout Easy Bootable Antivirus CD/USB: UPDATED  for an even easier process!***

With the prevalence of Viruses / Rootkits / Spyware and all sorts of other malware these days, quite often I get asked to take a look at machines that are suspected of infestation with one or more of the above "nasties".

Quite often this comes about because the nasties have "grown resistant" to the antivirus tool being used  - that is they do not clean as expected.  Sometimes this can be because the nasty hooks itself deep into the operating system or it locks itself as in use and hence cannot be deleted. 

One way around this is to boot the computer from an alternative operating system located on a device such as a CD or USB pen drive.  This will get around both issues, thus making the removal much easier.

Here is a guide showing how easy it can be to create such a CD or USB and how to use it.

It's entirely your choice whether to create a CD or a USB.  You only need one or the other.

If you choose the USB option, you need to be sure that your hardware supports booting from USB (older hardware doesn't always support this) and know how to make it do so.  If you are unsure, use the CD option.

Software
As I'm sure you can appreciate, there is a plethora of antivirus software available.  Some come with bootable media, some not.

For ease of use, I'm going to use Avira's AntiVir Rescue System Bootable CD.  The main reasons for this are:
  1. Definition updates - The Avira AntiVir Rescue System ISO download file is updated several times a day with the very latest definition files.  This means that the file is always up to date.  No need for additional updates once booted.
  2. Size - The ISO file is only around 65Mb.  I've seen other AV media weigh in at 350Mb plus...
  3. It's free!
The Avira AntiVir Rescue System Bootable CD website is here
Direct download to the ISO file is here

Option 1 - Create CD
Next step is to burn the ISO file onto CD.

As an ISO file contains is a single file containing other files (boot code etc) it must be burnt on to CD in a special way, with software that understands how to do this.

If you are unsure if your software is capable of doing this then I suggest you use ImgBurn.
A tutorial for burning ISO files with ImgBurn is available here.

Option 2 - Create USB
Here we are going to use our good friend UNetbootin.

From within UNetbootin:
  1. Select Diskimage and locate your ISO file (in this case rescue_system-common-en.iso)
  2. Select your USB drive
  3. Click OK and let UNetbootin extract and copy the installation and boot sector files on to the USB
  4. Once complete, Reboot or close UNetbootin as required
Cleaning Nasties
So we have our boot media (be that a CD or a USB) and we are ready to start cleaning off that nasty malware that has been plaguing our lives.
  1. Insert the CD / USB and power on the device to be cleaned.  Ensure that you select the correct device to boot from; CD or USB.  [This is a achieved differently depending on hardware].
  2. Assuming you have selected correctly, the first screen you are met with is as follows:
  3. Enter 4 (Advanced 1024x768) and hit return.  The tool will continue to boot
  4. Once booted an initialised, click the Union Jack flag in the bottom left hand corner to change the display language to English
  5. Click  Configuration
  6. Select Try to repair infected files:
  7. Click Virus scanner and Start scanner to start the scan:
  8. Sit back and relax, get some coffee.  This may take a while
  9. Depending on the type of infection you may be asked additional questions... you may not...
  10. When all done, click Miscellaneous and Shutdown to safely dismount the file system:
That's it.  Job done.

As most nasties spread due to lack of security patching,  upon first boot I would highly recommend a visit to Windows Update

Follows is and additional step only required if problems are encountered during the above process.

Cleaning Nasties - Advanced: Command Line
One thing noticed during testing is that occasionally the Avira GUI would freeze necessitating a reboot to get going again.  The resolution is to scan from the command line.  Here's how:
  1. Boot to Step 4 above
  2. Click Miscellaneous and Commandline  to exit the GUI to the command line console:
  3. Now comes the fun part; as you can see the console is in German....!
  4. For reference, here is a German keyboard layout.  This can be used to workout which keys are which:
  5. The command to run a full scan is (notice the capital D on Devices):
  6. antivir -s -e -ren /media/Devices/hda1
    Which (on a UK keyboard) translates to:
    antivir /s /e /ren &media&Devices&hda1
  7. Once the scanner starts, it should look something like this:
  8. Use the command reboot to safely dismount the file system and reboot once complete
Conclusion
In this post looked at the easy creation of two types of alternative boot media to aid in the removal of malware.

Also discussed was an advanced method should issues occur.

- Chris

Thursday, 15 April 2010

On the Day the Skies Went Quiet


If you are not aware, all UK airports are closed tonight due to an ash cloud from a volcanic eruption in Iceland:


See this BBC article for additional detail.

Following on for my live aircraft tracking link-around here, I thought it would be fun to look see what is happening for myself.

Unfortunately radarvirtuel looked to be having technical difficulties, but flightradar24 was up and running OK.  Its only when you zoom out that you finally find some air traffic:


Still, nice sunset though:


I especially like the lack of aircraft trails in this shot.

- Chris

Wednesday, 14 April 2010

Ubuntu 10.04 Beta2: First Look


As last Thursday (April 8th) saw the Beta 2 release of Ubuntu v10.04-LTS (Long Term Support), I thought I would give this new version a trial run on my test-bed laptop.

Besides I was getting bored with running Windows 7 release candidate and it's bi-hourly reboots.

Also as this is a beta, and I've had such success using UNetbootin to create a VMware ESX 4.0 bootable installer USB, I'm going to have a bash at creating a bootable Ubuntu USB installer - (yet another first for me!)

Test-Bed Laptop
Nothing flash.  A Dell Latitude D600 with:
  • 1.4GHz Pentium M
  • 1Gb RAM
  • Intel 2200BG 54Mb Wireless
  • Secondary (modular bay) battery
(Yes, I agree, it did struggle somewhat to run Windows 7!)


Creating USB Installer
I've decided to make this into another post - See HERE


Installing
Nothing much untoward, looks like the installer application has a fresh new look, but other than that, standard easy to follow fare.


First Impressions
WOW! Looks good... Very good... Continuing from the last release, v9.10 - See my Installation guide HERE  Once again, there was no post install playing around required.  Everything just ...worked!

Here are some eye candy and comments:

Desktop.  Also both batteries!

Start Menu
Wa-hey! The brown is gone!

File explorer. Nice and simple
Seems to make more sense than previous versions

Progress dialogue
The red certainly does stand out!

Firefox.
I've also installed Balck and White Firefox persona

Remote Desktop with built in RDP client

All in all, I think you'll agree, looking very nice!

Also compared to Windows 7, this old laptop is flying once again.  A real performance boost from the old girl!

According to https://wiki.ubuntu.com/LucidReleaseSchedule the final 10.04 release is on 28th April. Not long to wait now!!

- Chris

Tuesday, 13 April 2010

UNetbootin Strikes Again! Ubuntu 10.04 Beta 2


As I've had such great success using UNetbootin to create a VMware ESX 4.0 bootable installer USB - See here for details - I'm going to have a bash at creating a bootable Ubuntu 10.04 USB installer.

Really this is such an easy process, I'm amazed that it's not used more often to create installation media.

What is UNetbootin?
UNetbootin allows you to create bootable Live USB drives for a variety of Linux distributions from Windows or Linux, without requiring you to burn a CD.  You can either let it download one of the many distributions supported out-of-the-boxsupply your own Linux .iso file if you've already downloaded one or your preferred distribution isn't on the list.
UNetbootin Website

So with that in mind, lets get cracking.

  • Firstly you will need to download UNetbootin (well duh!)
  • Secondly you are going to need to grab / download a copy of an ISO image containing the install files of the Windows or Linux distribution that you would like to copy to onto USB.
  • Lastly you will need a USB memory stick.  Anything 1Gb or above will do for most CD based distributions.
Here goes:
  1. Format your USB stick using Windows format.  FAT32 file system is fine:

     
  2. Once format is complete, leave USB stick plugged in and start UNetbootin:

     
  3. Select "Diskimage" and locate your ISO file (in our case ubuntu-10.04-beta2-desktop-i386.iso)
  4. Select your USB drive
  5. Click OK and let UNetbootin extract and copy the installation and boot sector files on to the USB
  6. Once complete, Reboot 
What could be simpler?

PLUS think of all those burnable CD's and DVD's you'll be saving!

- Chris

Thursday, 1 April 2010

What the.....? Blog Tour 2010 - A Diary

With over 10,000 hits coming from America alone, it was decided that this year's What the.....? Blog tour should be to go visit Uncle Sam - to say thank you in person like.

Besides, it's been a while since the What the.....? UK team and the What the.....? US team have had a get together.  Well, as you know, the team like to spare zero expense on these tours.

Day 1
The level of expenditure was pretty evident when we hit the airport.  The kind production team had chartered us our own jet!


The fact that we had to share with the Swedish all ladies cheerleader squad, just seemed to add to the excitement....


Once we landed and had picked up our limo:


We hit the streets.  First to was a gas station for supplies as strangely the limo had zero gas:


After that, we found the hotel:


And settled our selves in for the rest of the afternoon. With that much fudge on tap, we knew we were in for a great time!

Soon it was time for some dinner, so back into the the limo.  We eventually found a place:


mmmm the pork was just cracking.  Back to the hotel for some shut eye... and more fudge.

Day 2
Up early and flushed, we hit the road.  Today were due to visit the US What the.....? team at their offices:

 

We all felt proud as we pulled up out front.

After a very quick tour of the desk, we were where whisked off to our very own book signing event at Pack Place:


The crowd looked 'bitchin'.  What The.....? book we hear you say.  Well, here you go:

 

Yeah.  We were thrilled with it too.

After 30 mins of signing, we were bushed.  Back to the hotel for a wash and bush up (and yet more fudge).

For dinner the US team had laid on an all American treat:


man this was livin.

Day 3
Up early again to the sound of fresh fudge being made, we called the US team.  Turns out for our last day in town they had laid on a street party style send off.  WOW!!!

Luckily we managed to grab a photo before the riot police turned up:


With that we were rushed out of the country post haste.

Well there you have it readers another successful Blog Tour. We loved it too!

Newer Posts Older Posts Home