Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Remastering Knoppix as a Windows Rescue CD (aioscript)

  1. #1
    Member registered user
    Join Date
    Sep 2004
    Posts
    34

    Remastering Knoppix as a Windows Rescue CD (aioscript)

    I'm remastering Knoppix to act as a dedicated Windows Rescue CD. Here are my ideas so far on what it can perform on broken Windows PC's.

    1. Backup client data to a network share or USB/Firewire drive using Samba
    2. Blank out the administrative password using chntpw
    3. Force a scandisk on next windows boot using ntfsfix
    4. Restore data onto an NTFS drive using captive-ntfs
    5. Test the PC's memory using memtest86
    6. Test the PC's hard drive using Drive Fitness Test
    7. Test the PC's hardware using Aida16
    8. Undelete files from an NTFS partition using ntfsundelete
    9. Resize partitions using QTParted
    10. Have limited rescue tools in a console menu for PC's with low memory.
    11. Have the ability to setup static IP's for sites with no DHCP or crossover cable connections.
    12. Use icewm and nautilus as the GUI portion and place an XP theme on it.
    13. Set expirations and login passwords on the CD itself
    14. Use isolinux and memdisk to allow for booting other boot image files like DOS bootdisks

    Although all of this can be done with the current Knoppix CD it cannot be done easily by a Microsofty tech

    With the Microsofty in mind I've customized the GUI to resemble XP and placed all of the rescue tools under the start button. The rescue tools in the past were a set of scripts but for future portability I'm consolidating all of them into one script called "aioscript" (All In One script

    The script can run the different functions by just setting the function after its name...for example...if you would like to reset the admin password to blank then just type:
    Code:
    aioscript ntpasswd
    this calls the ntpasswd) function inside the script. So you get the idea.

    The project is for my dept in the company I work for. Being that it can get any data and reset any admin password some security has been placed into the CD to avoid loss or misuse:

    1. Expiration date using the time off of NTP servers
    2. Username and passwords using /bin/login or GDM

    Since there around 300 Microsofty's in my company I had to devise a way of distribution with customization...thats where the web came in...

    Currently the old version of the RCD can be requested from our internal website. The website requires you to authenticate, once authenticated the website knows your email address, company ID # (HRID) and other little tidbits about the tech requesting...
    The requesting tech can customize some features of the CD before compilation:
    1. Username - extracted from authentication into the website, tech cannot change this.
    2. HRID stamped into the bootscreen
    3. Creation date stamped on the bootscreen
    4. Account expiration - tech cannot change this
    4. Password - given by the requesting client.
    5. Other internal customizations for our dept.

    Once requested the website ftp's a file with the clients info inside over to the Rescue CD Server...from there a cron job runs each minute to check if there is a request in its queue...once a request is entered the server then process' that info into an uncompressed copy of the CD then creates the ISO from it. This part is yet to be done so I may need some help
    Once compiled the server will email the client stating that their CD is available for download, also another job is entered to lock the tech from being able to request another CD for 5 months and yet another email set to be emailed to the tech 5 months from creation date notifying the tech that they have 30 days to request another. The site is also able to email forgotten passwords to the techs

    Obviously the current version right now is not releasable to this forum since there are alot of internal customizations done so it would work on our network environment but with my current rewrite hopefully I'll be able to release the "aioscript" for input, improvement and corrections...

    The aioscript is written entirely in bash and requires the following on top of your base linux live-cd:

    Samba
    Captive-NTFS
    expect
    smbclient
    ntfsprogs

    I may be missing some things but thats the bulk of it...

    Another thing I'm aiming to do with this release is to make every CD able to act as a distribution server. Just another script that will prep the hdd, ftp and mail and done

    This is my first real linux project that I'm making public and wanted to gauge interest on it...so far 2 other member expressed interest...

    I also consider myself an intermediate linux user and I'm sure you'll see that in my script so please be gentle on the criticism

    I'll be posting the script as soon as I have a more complete version of it...

    In the mean time if you have any ideas of what to add please post here.

  2. #2
    Junior Member
    Join Date
    Sep 2004
    Location
    LA
    Posts
    7
    You would also need some type of registry editing utility!!!!!!!!!!!! That is major if you are going to attempt to repair windows, from viruses, spyware, and other annoying problems.

  3. #3
    Member registered user
    Join Date
    Sep 2004
    Posts
    34
    there is a windows registry editor that is native to linux but it is so cryptic that i don't even bother...

    the question then becomes if you can rescue the client data from the machine with in a few minutes...why not just reimage the hard drive with ghost and restore the client data...?

    in most cases it is a faster solution than going through the registry and deleting spyware and worrying about virus'...

    thats why its called a rescue instead of a repair

    but you just gave me another good idea! i'll leave the knoppix install to hd script intact JUST in case we get some believers

  4. #4
    Senior Member registered user
    Join Date
    Feb 2004
    Posts
    949
    Very well thought out.

    I can see this woule be very useful. Plus the auto creation of the cd and iso I think is just plain cool.

    Are you the same one who said that you were already doing something like this?

  5. #5
    Junior Member
    Join Date
    Sep 2004
    Location
    LA
    Posts
    7
    Quote Originally Posted by bizarro
    there is a windows registry editor that is native to linux but it is so cryptic that i don't even bother...

    the question then becomes if you can rescue the client data from the machine with in a few minutes...why not just reimage the hard drive with ghost and restore the client data...?

    in most cases it is a faster solution than going through the registry and deleting spyware and worrying about virus'...

    thats why its called a rescue instead of a repair

    but you just gave me another good idea! i'll leave the knoppix install to hd script intact JUST in case we get some believers
    If you are imaging data thats infected with viruses using ghost and you restore the image, your not getting rid of the problem. For instance if you fixing the famous windows logon problem, in which the userinit is missing or pointing to some random location, Its much easier to go into the registry and fix the proper key that to do a format and restore. I fix registry issues with bartPE all of the time, I was just wondering if the same could be done with linux. Also, you say that why its called a rescue instead of repair, same thing to me, as fixing an os is just as good as restoring one if you know what you are doing, but it your post, so let me sotp hijacking it.

  6. #6
    Junior Member registered user
    Join Date
    Sep 2003
    Posts
    10
    bizarro,

    This sounds like a cool project. Instead of just limiting it to your company have you considered shaing it with all of us?

    As far as security and password resetting you sounded worried about I am sure most here have seen
    The Offline NT Password and Registry Editor
    http://home.eunet.no/~pnordahl/ntpasswd/

    It does sound like you have enough Linux knowledge that you could even take things to the next step and offer disk backup, cloaning/imaging.

    Knoppix comes with Mondo Rescue http://mondorescue.org/ . However that won't run on a RAM drive i.e. Knoppix Live CD. The author even says he has two lines of C code that could be changed by "anybody" to make it work on a RAM drive etc. Unfortunatly the Author does not want to create an open source project that supports closed suource work.

    If you or someone could add backup/cloaning/imaging support it would truly make a strong rescue disk.

    Here are a few references to the Mondo/Windows issue:
    http://forum.mondorescue.org/viewtop...indows+knoppix

    http://forum.mondorescue.org/viewtop...indows+knoppix

    http://forum.mondorescue.org/viewtop...noppix+2+lines

  7. #7
    Member registered user
    Join Date
    Sep 2004
    Posts
    34
    Are you the same one who said that you were already doing something like this?
    Dunno which thread you are referring to...but I do currently have a debian based rescue cd that is distributed through my company...

    If you are imaging data thats infected with viruses using ghost and you restore the image, your not getting rid of the problem.
    The rescue cd backs up data via zip or just plain copy...there is no imaging...the servers we connect to on our network are all antivirus managed so whatever files we copy up to or zip up to the server is cleaned or blocked

    The company standardizes on Ghost so no imaging on the rescue cd although I have played with partimage before and even recommended it to the company...

    This sounds like a cool project. Instead of just limiting it to your company have you considered shaing it with all of us?
    I am...as soon as I have a working aioscript I will post it here for everyone to use and work and fix and clean up and add to...etc etc etc

    As far as security and password resetting you sounded worried about I am sure most here have seen
    The Offline NT Password and Registry Editor
    shhhhh!!!!! don't tell anyone!!! actually like I said before...the tech in my company are mostly Windows savy and have no clue on Linux...in the documentation that I have for the cd I give credit to the actual developers and reference their links...

    Thing is there is no one in my company that can take all of the tools and put them together in a working fashion as I have done...

    If you or someone could add backup/cloaning/imaging support it would truly make a strong rescue disk.
    I'm assuming when you speak of imaging you speak of ghost or partimage or something like that...if so...I haven't figured out how to run Ghost within the linux session...if anyone here has figured it out using dosemu please let me know

    Partimage does work but its not part of my tools since my company doesn't standardize on that.

  8. #8
    Senior Member registered user
    Join Date
    Mar 2004
    Posts
    1,516
    dd should make great "image" backup of partitions or whole drives.
    if you flag it with dd conv=ignerror. and/or conv=noerrors and bs=X where X is 512, 1024, 2048...
    or perhaps dd-rescue (never used by me)

  9. #9
    Member registered user
    Join Date
    Sep 2004
    Posts
    34

    Okay guys...here is what i've been working on so far...

    Here is what I have so far to give to the forum...

    Run the following command to see if you have some of the tools needed.
    Code:
    aioscript test
    That test is complete though...once you look inside the script you'll see the files it checks.

    So far its the console section I've been working on...once the console section is complete I will work on the X version which will be inside the same script...

    Just cut and paste the file into /usr/bin/aioscript and chmod +x to make it executable and remaster...

    Some things are still buggy I'm sure...just let me know or post corrections...thanx!


    Code:
    #!/bin/bash
    
    PATH=/sbin:/bin:/usr/sbin:/usr/bin:/etc/xdscripts
    IP=`ifconfig | grep inet | grep -v 127\.0\.0\.1 | cut -f2 -d':' | cut -f1 -d' '`
    
    if [ ! -d /mount ]; then
    	mkdir /mount
    fi
    
    case "$1" in
    	## Main Menu Section
    	menu)
    		MAP=`mount | grep smbfs | cut -f1 -d' '`
    		FUNCTION=`dialog --stdout --no-cancel \
    			--title "Rescue CD Console" \
    			--menu "IP: $IP - Mapped to: $MAP" 0 60 0 \
    			1 "Map to Network Share" \
    			2 "Backup local drive to ... $MAP" \
    			3 "Run NTFS Check Disk" \
    			4 "NTFS Undelete" \
    			5 "Reset Admin Password" \
    			6 "Set Static IP" \
    			7 "Exit"`
    		if [ $FUNCTION = 1 ]; then
    			aioscript map
    			aioscript menu
    			elif [ $FUNCTION = 2 ]; then
    				aioscript backup
    				aioscript menu
    				elif [ $FUNCTION = 3 ]; then
    					aioscript checkdisk
    					aioscript menu
    					elif [ $FUNCTION = 4 ]; then
    						aioscript ntfsundelete
    						aioscript menu
    						elif [ $FUNCTION = 5 ]; then
    							aioscript ntpasswd
    							aioscript menu
    							elif [ $FUNCTION = 6 ]; then
    								aioscript staticip
    								aioscript menu
    								elif [ $FUNCTION = 7 ]; then
    									echo "Returning to login..."
    		fi
    	exit 1
    	;;
    
    	## Map to network share section
    	map)
    		if mount | grep smbfs > /dev/null; then
    		        SMBMOUNTS=`mount | grep smbfs | cut -f1 -d' '`
    		        for i in $SMBMOUNTS; do
    				umount $i
    			done
    		fi
    		USERNAME=`dialog --no-cancel --stdout --title "Map to Network Share" \
    			--inputbox "Enter your Domain Username" 0 0`
    		DOMAIN=`dialog --no-cancel --stdout --title "Map to Network Share" \
    			--inputbox "Enter your Domain" 0 0 ""`
    		SERVER=`dialog --no-cancel --stdout --title "Map to Network Share" \
    			--inputbox "Enter just the server name" 0 0`
    		SHARE=`dialog --no-cancel --stdout --title "Map to Network Share" \
    			--inputbox "Enter the share name" 0 0`
    		if ! nmblookup $SERVER > /dev/null; then
    			dialog --infobox "Cannot lookup server, starting over" 0 0
    			sleep 2
    			aioscript map
    		fi
    		if dialog --yesno "Username: $USERNAME \n Domain: $DOMAIN \n Server: $SERVER \n Share: $SHARE" 0 0; then
    		        if [ ! -d /mount/$SERVER.$SHARE ]; then
    		                mkdir -p /mount/$SERVER-$SHARE
    		        fi
    		        if ! mount -t smbfs -o username=$DOMAIN\\$USERNAME //$SERVER/$SHARE /mount/$SERVER-$SHARE; then
    		                dialog --infobox "Cannot map to share, starting over" 0 0
    		                sleep 2
    		                aioscript map
    		        fi
    		else
    		        dialog --infobox "Lets try again..." 0 0
    		        sleep 2
    		        aioscript map
    		fi
    	exit 1
    	;;
    
    	## Backup hard drive section
    	backup)
    		if dialog --yesno "Due to having no GUI this script will copy the ENTIRE hard drive.
    		\nThis may take a long time, please be patient. \nContinue?" 0 0; then
    			if ! mount | grep smbfs; then
    				dialog --infobox "You must be mapped to a network share to use this tool..." 0 0
    				sleep 1
    				aioscript map
    			else
    				MAPDIR=`mount | grep smbfs | cut -f3 -d' '`
    				DIRNAME=`dialog --stdout --no-cancel --inputbox "Enter a unique directory name for the backup..." 0 0`-`date +%d%m%y`
    				MOUNTS=`fdisk -l | grep -i "ntfs\|fat" | cut -f3 -d'/' | cut -f1 -d' '`
    
    				for i in $MOUNTS; do
    					if [ ! -d /mount/$i ]; then
    						mkdir /mount/$i ; mount /dev/$i /mount/$i
    					fi
    				done
    				if [ -e /mount/$SERVER-$SHARE/$DIRNAME ]; then
    					if dialog --yesno "SAME DIRECTORY NAME EXISTS, CONTINUE?" 0 0; then
    						for i in $MOUNTS; do
    							dialog --infobox "Copy in progress..." 0 0
    							cp -auv /mount/$i/* /$MAPDIR/$DIRNAME/. >> /dev/null
    							dialog --msgbox "HardDrive backup completed.\nPress OK to return to Main Menu" 0 0
    						done
    					else
    						dialog --infobox "Lets try this again..." 0 0
    						sleep 2
    						aioscript backup
    					fi
    				else
    					mkdir $MAPDIR/$DIRNAME
    					for i in $MOUNTS; do
    						dialog --infobox "Copy in progress..." 0 0
    						cp -auv /mount/$i/* $MAPDIR/$DIRNAME/. >> /dev/null
    						dialog --msgbox "HardDrive backup completed.\nPress OK to return to Main Menu" 0 0
    					done
    				fi
    			fi
    		fi
    	exit 1
    	;;
    
    	## Run ntfsfix section
    	checkdisk)
    		if dialog --yesno "This option will unmount all partition(s), run a checkdisk then automatically reboot.\n\nContinue?" 0 0; then
    			PARTS=`fdisk -l /dev/hd[a-z] /dev/sd[a-z] | grep "NTFS" | cut -f1 -d' '`
    			umount -t ntfs /dev/hd[a-z][1-9] /dev/sd[a-z][1-9]>/dev/null 2>/dev/null
    			for i in $PARTS; do
    				clear
    				ntfsfix $i
    				clear
    			done
    			dialog --infobox "Rebooting now..." 0 0 & sleep 2
    			echo reboot
    		fi
    		exit 1
    	;;
    
    	## Run ntfsundelete section
    	ntfsundelete)
    		if ! mount | grep smbfs; then
    			dialog --infobox "You must be mapped to a network share to use this tool..." 0 0
    			sleep 1
    			aioscript map
    		fi
    		if dialog --yesno "This will undelete all files from a chosen partition that are 90% undeletable and copy them to a network share. \n\nContinue?" 0 0; then
    			PART=`fdisk -l /dev/hd[a-z] /dev/sd[a-z] | grep "NTFS" | cut -f1 -d' '`
    
    			PART1=`echo $PART | awk --source 'BEGIN { FS=" " }' --source '{ print $1 }'`
    			PART2=`echo $PART | awk --source 'BEGIN { FS=" " }' --source '{ print $2 }'`
    			PART3=`echo $PART | awk --source 'BEGIN { FS=" " }' --source '{ print $3}'`
    			PART4=`echo $PART | awk --source 'BEGIN { FS=" " }' --source '{ print $4}'`
    
    			umount -t ntfs /dev/hd[a-z][1-9] /dev/sd[a-z][1-9]>/dev/null 2>/dev/null
    
    			UNDELETE=`dialog --stdout --separator " " \
    				--radiolist "Select a partition and press SpaceBar:" 0 0 0 \
    				"$PART1" "" "on" \
    				"$PART2" "" "" \
    				"$PART3" "" "" \
    				"$PART4" "" ""`
    			echo $UNDELETE
    		fi
    	exit 1
    	;;
    
    	## Run NT password reset section
    	ntpasswd)
    
    ##Creating expect script!!!
    echo '#!/usr/bin/expect -f
    #
    
    set timeout -1
    spawn chntpw -u 0x1f4 /tmp/.ntpasswd/SAM
    match_max 100000
    expect -exact "Please enter new password: "
    send -- "*\r"
    expect -exact "Do you really wish to change it? (y/n) \[n\] "
    send -- "y\r"
    expect -exact "Write hive files? (y/n) \[n\] : "
    send -- "y\r"
    expect eof' > /tmp/chntpw.exp
    chmod +x /tmp/chntpw.exp
    
    		if dialog --yesno "This will reset the administrative password to blank, \
    			run NTFS Check and automatically reboot.\n\nContinue?" 0 0; then
    			dialog --infobox "Blanking out admin password" 0 0
    			if [ -d /tmp/.ntpasswd ]; then
    				umount /tmp/.ntpasswd > /dev/null 2>/dev/null ; rm -rf /tmp/.ntpasswd
    			fi
    			if [ -d /tmp/ntfsdrive ]; then
    				umount /tmp/ntfsdrive > /dev/null 2>/dev/null ; rm -rf /tmp/ntfsdrive
    			fi
    			mkdir /tmp/.ntpasswd
    			mkdir /tmp/ntfsdrive
    			mount -t tmpfs tmpfs /tmp/.ntpasswd
    			mount -t ntfs `fdisk -l /dev/hd[a-z] /dev/sd[a-z] 2>/dev/null | grep NTFS | \
    				grep "\*" | cut -f1 -d' '` /tmp/ntfsdrive
    			DEFROOT="winnt windows"
    			if [ -d /tmp/ntfsdrive/winnt ]; then
    				DEFDIR="/tmp/ntfsdrive/winnt"
    				elif [ -d /tmp/ntfsdrive/windows ]; then
    					DEFDIR="/tmp/ntfsdrive/windows"
    			fi
    			cp $DEFDIR/system32/config/SAM /tmp/.ntpasswd
    			
    			expect /tmp/chntpw.exp >> /dev/null
    			rm -f /tmp/chntpw.exp
    			mount -o remount,rw /tmp/ntfsdrive
    			cp /tmp/.ntpasswd/SAM $DEFDIR/system32/config/.
    			umount /tmp/ntfsdrive
    			dialog --infobox "Running NTFS fix on mondified partition" 0 0
    			ntfsfix `fdisk -l /dev/hd[a-z] /dev/sd[a-z] 2>/dev/null | grep NTFS | \
    				grep "\*" | cut -f1 -d' '` > /dev/null
    			dialog --infobox "REBOOTING" 0 0 && sleep 2
    echo			init 6			
    		fi
    		exit 1
    	;;
    
    	## Set static IP section
    	staticip)
    		if dialog --yesno "This option will setup a static IP \
    			for sites without DHCP.\nContinue?" 0 0; then
    		IP=`dialog --stdout --title "example: 321.123.321.123" \
    			--no-cancel --inputbox "IP Address" 0 0`
    		IPGW=`echo $IP | cut -f-3 -d'.'`.1
    		SUBNET=`dialog --stdout --no-cancel --inputbox "Subnet Mask" 0 0 255.255.255.0`
    		GW=`dialog --stdout --no-cancel --inputbox "Defautl Gateway" 0 0 $IPGW`
    		DNS=`dialog --stdout --no-cancel --inputbox "DNS" 0 0 ""`
    		SUFFIX=`dialot --stdout --no-cancel --inputbox "Suffix Search Order \
    			(separated by spares)" 0 0 \
    			""`
    			if dialog --yesno "Is this information correct? \n
    				IP Address:	$IP \n
    				Subnet Mask:	$SUBNET \n
    				Default Gateway:	$GW \n\n
    				Suffix Search Order:\n$SUFFIX" 0 0; then
    				ETH=`ifconfig | grep eth| grep -v 0.0.0.0 | cut -f1 -d' '`
    					ifconfig $ETH $IP
    					ifconfig $ETH netmask $SUBNET
    					route add default $ETH
    					route add default gw $GW
    					echo search $SUFFIX > /etc/resolv.conf
    					echo nameserver $DNS >> /etc/resolv.conf
    			else
    				aioscript staticip
    			fi
    		fi
    		exit 1
    	;;
    
    
    	*)
    	echo "Usage: aioscript {menu|backup|map|checkdisk|ntfsfix|ntpasswd|ntfsundelete|staticip|checkdisk|?}"
    	exit 1
    	;;
    
    
    esac
    exit 0

  10. #10
    Senior Member registered user
    Join Date
    Feb 2004
    Posts
    949
    I belive there is an attempt to create linux usable Ghost image program

    Last I saw it, it work with unecrpyted, un compressed. That was a while ago so they might have it working now. I don't have a link.

Page 1 of 2 12 LastLast

Similar Threads

  1. Windows rescue cd remastered Knoppix 3.8.1 from debootstrap!
    By bizarro in forum Customising & Remastering
    Replies: 2
    Last Post: 05-22-2005, 06:06 AM
  2. Windows Rescue CD All In One script (aioscript) PART 2!!
    By bizarro in forum MS Windows & New to Linux
    Replies: 9
    Last Post: 11-13-2004, 02:11 AM
  3. Remastering on MS Windows PC with NFS
    By spiwokv in forum Customising & Remastering
    Replies: 0
    Last Post: 05-28-2004, 08:36 AM
  4. How rescue Windows Partitions with K3B?
    By HK in forum General Support
    Replies: 4
    Last Post: 11-14-2003, 05:34 PM
  5. Replies: 8
    Last Post: 03-28-2003, 08:43 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •