Remastering Knoppix as a Windows Rescue CD (aioscript)
I'm remastering Knoppix to act as a dedicated Windows Rescue CD. Here are my ideas so far on what it can perform on broken Windows PC's.
1. Backup client data to a network share or USB/Firewire drive using Samba
2. Blank out the administrative password using chntpw
3. Force a scandisk on next windows boot using ntfsfix
4. Restore data onto an NTFS drive using captive-ntfs
5. Test the PC's memory using memtest86
6. Test the PC's hard drive using Drive Fitness Test
7. Test the PC's hardware using Aida16
8. Undelete files from an NTFS partition using ntfsundelete
9. Resize partitions using QTParted
10. Have limited rescue tools in a console menu for PC's with low memory.
11. Have the ability to setup static IP's for sites with no DHCP or crossover cable connections.
12. Use icewm and nautilus as the GUI portion and place an XP theme on it.
13. Set expirations and login passwords on the CD itself
14. Use isolinux and memdisk to allow for booting other boot image files like DOS bootdisks
Although all of this can be done with the current Knoppix CD it cannot be done easily by a Microsofty tech ;)
With the Microsofty in mind I've customized the GUI to resemble XP and placed all of the rescue tools under the start button. The rescue tools in the past were a set of scripts but for future portability I'm consolidating all of them into one script called "aioscript" (All In One script ;)
The script can run the different functions by just setting the function after its name...for example...if you would like to reset the admin password to blank then just type:
this calls the ntpasswd) function inside the script. So you get the idea.
The project is for my dept in the company I work for. Being that it can get any data and reset any admin password some security has been placed into the CD to avoid loss or misuse:
1. Expiration date using the time off of NTP servers
2. Username and passwords using /bin/login or GDM
Since there around 300 Microsofty's in my company I had to devise a way of distribution with customization...thats where the web came in...
Currently the old version of the RCD can be requested from our internal website. The website requires you to authenticate, once authenticated the website knows your email address, company ID # (HRID) and other little tidbits about the tech requesting...
The requesting tech can customize some features of the CD before compilation:
1. Username - extracted from authentication into the website, tech cannot change this.
2. HRID stamped into the bootscreen
3. Creation date stamped on the bootscreen
4. Account expiration - tech cannot change this
4. Password - given by the requesting client.
5. Other internal customizations for our dept.
Once requested the website ftp's a file with the clients info inside over to the Rescue CD Server...from there a cron job runs each minute to check if there is a request in its queue...once a request is entered the server then process' that info into an uncompressed copy of the CD then creates the ISO from it. This part is yet to be done so I may need some help :)
Once compiled the server will email the client stating that their CD is available for download, also another job is entered to lock the tech from being able to request another CD for 5 months and yet another email set to be emailed to the tech 5 months from creation date notifying the tech that they have 30 days to request another. The site is also able to email forgotten passwords to the techs :)
Obviously the current version right now is not releasable to this forum since there are alot of internal customizations done so it would work on our network environment but with my current rewrite hopefully I'll be able to release the "aioscript" for input, improvement and corrections...
The aioscript is written entirely in bash and requires the following on top of your base linux live-cd:
Samba
Captive-NTFS
expect
smbclient
ntfsprogs
I may be missing some things but thats the bulk of it...
Another thing I'm aiming to do with this release is to make every CD able to act as a distribution server. Just another script that will prep the hdd, ftp and mail and done :)
This is my first real linux project that I'm making public and wanted to gauge interest on it...so far 2 other member expressed interest...
I also consider myself an intermediate linux user and I'm sure you'll see that in my script so please be gentle on the criticism :oops:
I'll be posting the script as soon as I have a more complete version of it...
In the mean time if you have any ideas of what to add please post here.
Okay guys...here is what i've been working on so far...
Here is what I have so far to give to the forum...
Run the following command to see if you have some of the tools needed.
That test is complete though...once you look inside the script you'll see the files it checks.
So far its the console section I've been working on...once the console section is complete I will work on the X version which will be inside the same script...
Just cut and paste the file into /usr/bin/aioscript and chmod +x to make it executable and remaster...
Some things are still buggy I'm sure...just let me know or post corrections...thanx!
Code:
#!/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/etc/xdscripts
IP=`ifconfig | grep inet | grep -v 127\.0\.0\.1 | cut -f2 -d':' | cut -f1 -d' '`
if [ ! -d /mount ]; then
mkdir /mount
fi
case "$1" in
## Main Menu Section
menu)
MAP=`mount | grep smbfs | cut -f1 -d' '`
FUNCTION=`dialog --stdout --no-cancel \
--title "Rescue CD Console" \
--menu "IP: $IP - Mapped to: $MAP" 0 60 0 \
1 "Map to Network Share" \
2 "Backup local drive to ... $MAP" \
3 "Run NTFS Check Disk" \
4 "NTFS Undelete" \
5 "Reset Admin Password" \
6 "Set Static IP" \
7 "Exit"`
if [ $FUNCTION = 1 ]; then
aioscript map
aioscript menu
elif [ $FUNCTION = 2 ]; then
aioscript backup
aioscript menu
elif [ $FUNCTION = 3 ]; then
aioscript checkdisk
aioscript menu
elif [ $FUNCTION = 4 ]; then
aioscript ntfsundelete
aioscript menu
elif [ $FUNCTION = 5 ]; then
aioscript ntpasswd
aioscript menu
elif [ $FUNCTION = 6 ]; then
aioscript staticip
aioscript menu
elif [ $FUNCTION = 7 ]; then
echo "Returning to login..."
fi
exit 1
;;
## Map to network share section
map)
if mount | grep smbfs > /dev/null; then
SMBMOUNTS=`mount | grep smbfs | cut -f1 -d' '`
for i in $SMBMOUNTS; do
umount $i
done
fi
USERNAME=`dialog --no-cancel --stdout --title "Map to Network Share" \
--inputbox "Enter your Domain Username" 0 0`
DOMAIN=`dialog --no-cancel --stdout --title "Map to Network Share" \
--inputbox "Enter your Domain" 0 0 ""`
SERVER=`dialog --no-cancel --stdout --title "Map to Network Share" \
--inputbox "Enter just the server name" 0 0`
SHARE=`dialog --no-cancel --stdout --title "Map to Network Share" \
--inputbox "Enter the share name" 0 0`
if ! nmblookup $SERVER > /dev/null; then
dialog --infobox "Cannot lookup server, starting over" 0 0
sleep 2
aioscript map
fi
if dialog --yesno "Username: $USERNAME \n Domain: $DOMAIN \n Server: $SERVER \n Share: $SHARE" 0 0; then
if [ ! -d /mount/$SERVER.$SHARE ]; then
mkdir -p /mount/$SERVER-$SHARE
fi
if ! mount -t smbfs -o username=$DOMAIN\\$USERNAME //$SERVER/$SHARE /mount/$SERVER-$SHARE; then
dialog --infobox "Cannot map to share, starting over" 0 0
sleep 2
aioscript map
fi
else
dialog --infobox "Lets try again..." 0 0
sleep 2
aioscript map
fi
exit 1
;;
## Backup hard drive section
backup)
if dialog --yesno "Due to having no GUI this script will copy the ENTIRE hard drive.
\nThis may take a long time, please be patient. \nContinue?" 0 0; then
if ! mount | grep smbfs; then
dialog --infobox "You must be mapped to a network share to use this tool..." 0 0
sleep 1
aioscript map
else
MAPDIR=`mount | grep smbfs | cut -f3 -d' '`
DIRNAME=`dialog --stdout --no-cancel --inputbox "Enter a unique directory name for the backup..." 0 0`-`date +%d%m%y`
MOUNTS=`fdisk -l | grep -i "ntfs\|fat" | cut -f3 -d'/' | cut -f1 -d' '`
for i in $MOUNTS; do
if [ ! -d /mount/$i ]; then
mkdir /mount/$i ; mount /dev/$i /mount/$i
fi
done
if [ -e /mount/$SERVER-$SHARE/$DIRNAME ]; then
if dialog --yesno "SAME DIRECTORY NAME EXISTS, CONTINUE?" 0 0; then
for i in $MOUNTS; do
dialog --infobox "Copy in progress..." 0 0
cp -auv /mount/$i/* /$MAPDIR/$DIRNAME/. >> /dev/null
dialog --msgbox "HardDrive backup completed.\nPress OK to return to Main Menu" 0 0
done
else
dialog --infobox "Lets try this again..." 0 0
sleep 2
aioscript backup
fi
else
mkdir $MAPDIR/$DIRNAME
for i in $MOUNTS; do
dialog --infobox "Copy in progress..." 0 0
cp -auv /mount/$i/* $MAPDIR/$DIRNAME/. >> /dev/null
dialog --msgbox "HardDrive backup completed.\nPress OK to return to Main Menu" 0 0
done
fi
fi
fi
exit 1
;;
## Run ntfsfix section
checkdisk)
if dialog --yesno "This option will unmount all partition(s), run a checkdisk then automatically reboot.\n\nContinue?" 0 0; then
PARTS=`fdisk -l /dev/hd[a-z] /dev/sd[a-z] | grep "NTFS" | cut -f1 -d' '`
umount -t ntfs /dev/hd[a-z][1-9] /dev/sd[a-z][1-9]>/dev/null 2>/dev/null
for i in $PARTS; do
clear
ntfsfix $i
clear
done
dialog --infobox "Rebooting now..." 0 0 & sleep 2
echo reboot
fi
exit 1
;;
## Run ntfsundelete section
ntfsundelete)
if ! mount | grep smbfs; then
dialog --infobox "You must be mapped to a network share to use this tool..." 0 0
sleep 1
aioscript map
fi
if dialog --yesno "This will undelete all files from a chosen partition that are 90% undeletable and copy them to a network share. \n\nContinue?" 0 0; then
PART=`fdisk -l /dev/hd[a-z] /dev/sd[a-z] | grep "NTFS" | cut -f1 -d' '`
PART1=`echo $PART | awk --source 'BEGIN { FS=" " }' --source '{ print $1 }'`
PART2=`echo $PART | awk --source 'BEGIN { FS=" " }' --source '{ print $2 }'`
PART3=`echo $PART | awk --source 'BEGIN { FS=" " }' --source '{ print $3}'`
PART4=`echo $PART | awk --source 'BEGIN { FS=" " }' --source '{ print $4}'`
umount -t ntfs /dev/hd[a-z][1-9] /dev/sd[a-z][1-9]>/dev/null 2>/dev/null
UNDELETE=`dialog --stdout --separator " " \
--radiolist "Select a partition and press SpaceBar:" 0 0 0 \
"$PART1" "" "on" \
"$PART2" "" "" \
"$PART3" "" "" \
"$PART4" "" ""`
echo $UNDELETE
fi
exit 1
;;
## Run NT password reset section
ntpasswd)
##Creating expect script!!!
echo '#!/usr/bin/expect -f
#
set timeout -1
spawn chntpw -u 0x1f4 /tmp/.ntpasswd/SAM
match_max 100000
expect -exact "Please enter new password: "
send -- "*\r"
expect -exact "Do you really wish to change it? (y/n) \[n\] "
send -- "y\r"
expect -exact "Write hive files? (y/n) \[n\] : "
send -- "y\r"
expect eof' > /tmp/chntpw.exp
chmod +x /tmp/chntpw.exp
if dialog --yesno "This will reset the administrative password to blank, \
run NTFS Check and automatically reboot.\n\nContinue?" 0 0; then
dialog --infobox "Blanking out admin password" 0 0
if [ -d /tmp/.ntpasswd ]; then
umount /tmp/.ntpasswd > /dev/null 2>/dev/null ; rm -rf /tmp/.ntpasswd
fi
if [ -d /tmp/ntfsdrive ]; then
umount /tmp/ntfsdrive > /dev/null 2>/dev/null ; rm -rf /tmp/ntfsdrive
fi
mkdir /tmp/.ntpasswd
mkdir /tmp/ntfsdrive
mount -t tmpfs tmpfs /tmp/.ntpasswd
mount -t ntfs `fdisk -l /dev/hd[a-z] /dev/sd[a-z] 2>/dev/null | grep NTFS | \
grep "\*" | cut -f1 -d' '` /tmp/ntfsdrive
DEFROOT="winnt windows"
if [ -d /tmp/ntfsdrive/winnt ]; then
DEFDIR="/tmp/ntfsdrive/winnt"
elif [ -d /tmp/ntfsdrive/windows ]; then
DEFDIR="/tmp/ntfsdrive/windows"
fi
cp $DEFDIR/system32/config/SAM /tmp/.ntpasswd
expect /tmp/chntpw.exp >> /dev/null
rm -f /tmp/chntpw.exp
mount -o remount,rw /tmp/ntfsdrive
cp /tmp/.ntpasswd/SAM $DEFDIR/system32/config/.
umount /tmp/ntfsdrive
dialog --infobox "Running NTFS fix on mondified partition" 0 0
ntfsfix `fdisk -l /dev/hd[a-z] /dev/sd[a-z] 2>/dev/null | grep NTFS | \
grep "\*" | cut -f1 -d' '` > /dev/null
dialog --infobox "REBOOTING" 0 0 && sleep 2
echo init 6
fi
exit 1
;;
## Set static IP section
staticip)
if dialog --yesno "This option will setup a static IP \
for sites without DHCP.\nContinue?" 0 0; then
IP=`dialog --stdout --title "example: 321.123.321.123" \
--no-cancel --inputbox "IP Address" 0 0`
IPGW=`echo $IP | cut -f-3 -d'.'`.1
SUBNET=`dialog --stdout --no-cancel --inputbox "Subnet Mask" 0 0 255.255.255.0`
GW=`dialog --stdout --no-cancel --inputbox "Defautl Gateway" 0 0 $IPGW`
DNS=`dialog --stdout --no-cancel --inputbox "DNS" 0 0 ""`
SUFFIX=`dialot --stdout --no-cancel --inputbox "Suffix Search Order \
(separated by spares)" 0 0 \
""`
if dialog --yesno "Is this information correct? \n
IP Address: $IP \n
Subnet Mask: $SUBNET \n
Default Gateway: $GW \n\n
Suffix Search Order:\n$SUFFIX" 0 0; then
ETH=`ifconfig | grep eth| grep -v 0.0.0.0 | cut -f1 -d' '`
ifconfig $ETH $IP
ifconfig $ETH netmask $SUBNET
route add default $ETH
route add default gw $GW
echo search $SUFFIX > /etc/resolv.conf
echo nameserver $DNS >> /etc/resolv.conf
else
aioscript staticip
fi
fi
exit 1
;;
*)
echo "Usage: aioscript {menu|backup|map|checkdisk|ntfsfix|ntpasswd|ntfsundelete|staticip|checkdisk|?}"
exit 1
;;
esac
exit 0