thefastestwaytobreakamachine

we’ve booted backtrack off usb before, now that’s kinda
boring and installing backtrack onto the usb with unetbootin
is painfully slow and not the same as bootin strait off the
usb which is what we want in this case; not an install
but a fresh copy every boot

there is someone disagreeing in the back of the room, now
wouldn’t this be a lot more complicated? No sir. on the contrary
booting fresh every time makes work a lot simpler; you gain a
direct relationship to what you store where, and where you
access your data from

but there is another one in the front;you sir, you feel that
one would have to sacrifice many of the comforts such as all
any tools of the trade at hand and permanent local storage -
but at best this is a lazy roadblock to salvation; by booting
off of local storage we have local storage at hand in a more
practical format, be that even a microscopic carrier can be
removed and replaced with sufficient storage for everything
and then some

the medium can be embedded, destroyed or ingested, so
the impermiableness of accidentally recorded data and the
robustness, accessability and portability of removable storage
comes very much in hand upon situations that either require
inconspiciousness, anonymity, covertness, plausible deniability
or a high degree of reliability in day-to-day computing

the totalality of the system given to remaining only in memory
causes it to be independent of other storage for operations, and when
operations cease from loss of any exterior preconditions, the
system simply ceases. when preconditions reoccur – by powering on
and executing the first block – the system can be relied upon to
simply starts afresh, completely unperturbed by any previous history

should the need arise to patch the system; say some new app or
capability is called for where there is no time to rebuild,
a patch should be scripted always when there is certanity that
the capability will require a repeat performance. It is advised
to devise a patch which includes all dependencies.

thus the fresh system becomes more capable and more accessible
over time, just like an install. patches can then easily be
rolled into the system should they proove useful to others.

But how does one do it? Well, it’s easy but unfortunately
not as easy as overwriting the boot device; it’s just not
practical because partitioning is always an individual consideration

instead, we allow any bootable partition scheme and any
filesystem and memory technology, as long as the storage
requirements of the system are met;

here’s to clone how:

cp -a boot/ apt/ casper/ gone/ preseed/ syslinux/ 
syslinux /dev/partition
mbr /dev/device

but that’s fine, it’s been done and all, but even the ability to
boot the system with precisely zilch local storage comes in
handy, and for that we have pixie dust.

pixie daemon and tiny ftp should be pointing a path
exactly matching the dhcp-provided patch.. otherwise
you will have worries!

/etc/pxe.conf:


interface=eth1
service=X86PC,0,0,local,Local boot
service=X86PC,0,0,pxelinux,PXELinux
tftpdbase=/var/lib/tftpboot
domain=truly.yours

/etc/default/tftpd-hpa:
TFTP_DIRECTORY=”/var/lib/tftpboot/”

/etc/dnsmasq.conf:


dhcp-boot=/var/lib/tftpboot/pxelinux,vulcano,10.10.10.86

“high speed” tftp daemons and multicast can be found but it is
advised to stick to tftpd-hpa and dnsmasq with no esoterics due
to the sheer amount of variables introduced.

/var/lib/tftpboot/pxelinux.cfg/default:


# not strictly necessary but makes the menu pretty
menu hshift 13
menu width 49
menu margin 8

menu title BackTrackBoot
default vesamenu.c32
display f.txt
timeout 600

label local
menu label Local Harddisk
localboot 0

menu begin bt
menu title BackTrack 5
# ok here comes the real shit
label backtrack5
menu label BackTrack R1
kernel bt5/vmlinuz
append boot=casper netboot=nfs nfsroot=vulcano:/mnt/bt5 initrd=bt5/initrd.gz text splash vga=791 file=/cdrom/preseed/custom.seed --
menu end

you’ll need to copy to tftpboot/bt5 the initrd.gz and vmlinuz from the backtrack ISO /casper folder (which you can mount -o loop -t iso9660 bt5.iso /mnt/bt5

the rest of the files you provide to the bootee over NFS

/etc/exports:


/mnt/bt5 10.10.3.0/24(rw,sync,no_subtree_check) 10.10.10.0/24(rw,sync,no_subtree_check)
mount -t iso9660 -o loop BT5R1-GNOME-32.iso /mnt/bt5

add a http server with kickstart / preseed files for an ever more powerful setup,
in which case you replace the file= stanza in the append line with
url=http://host/path/to/preseed

more on preseeds… maybe later.

Now restart all dependent services:

/etc/init.d/nfs-kernel-server restart
/etc/init.d/tftpd-hpa restart
/etc/init.d/apache2 restart
/etc/init.d/pxe restart

debugging this setup usually requires tracing the process that is failing, so:
- dhcp options tracing (dnsmasq verbose and tcpdump / wireshark)
- verbose pxe
- verbose foreground tftpd-hpa : in.tftpd -v -v -L /var/lib/tftpboot