pskl.us

Dual Booting Windows 7 w/Bitlocker and BackTrack Linux 5. (You SAID WHAT?)

by on Apr.05, 2012, under Security, Tutorials, Whining

Recently, due to laptop thefts at work and the risk of Personally Identifiable Information (PII) loss, I had to make the difficult choice to start a project to force encrypt our user laptops.  So, due to “what do we already own?” , I chose Microsoft Bitlocker for the Windows 7 computers, and FileVault for the Macintosh OSX 10.7 computers.

That seems fine, however, one “snag”…   I use a dual boot Backtrack 5 and Windows 7 machines DAILY at work.  So, being the guy who lives by the rule “Don’t give an order that you’re not willing to follow yourself” kind of guy, I had to figure out how to encrypt my windows side and still boot Backtrack 5.

I got it to work.  I was painful.

take a second to re-read that.  yes, it works, and yes, it caused me pain to make it work.

So, here are the steps I used to make this work:

Step 1: Wipe the drive.  (you should have backed it up if you needed to save something…  I shouldn’t have to tell you that.)

Step 2: Create a partition for the Win7 to be housed.  Make it the first partition.  Leave unallocated space for BackTrack.  (I left 30 gigs for backtrack…  you probably want more, I have a lot of scripts that always put captured data on something external that I mount and encrypt with Truecrypt…)

Step 3: Install Windows7 (or dump your standard image) to that partition.  Mine created a 100MB boot thing before the windows 7 partition, let it do whatever it wants to do, except use that unallocated space you already saved for Backtrack.

Step 4: Boot Windows 7 and test.   Make sure Windows 7 works first! (Well, functions as well as one could expect for Windows)

Step 5: In Windows, run this command from a command prompt: “%windir%\System32\BdeHdCfg.exe” -target default  (this command preps the drive for Bitlocker.)

Step 6: Encrypt the drive via Bitlocker with your pin.  (record the recovery key.  this is the single more important long string of numbers you’ll ever deal with in Windows. Preserve it, protect it.  This key is your life, young padawan…)

Step 7: When it’s done, Boot Windows 7 and test.   Make sure Windows 7 still works!  (Well, functions as well as one could expect for Windows)

Step 8: Pause Bitlocker.   I turned it off.  (this seems to make no sense, but I had a problem testing this that if I tried to encrypt the drive after installing Linux, forget it, it died.)

Step 9: Boot Backtrack 5 DVD/USB key.

Step 10: Install backtrack 5 to that new unallocated partition.   I configured /dev/sda3 as my /boot partition and /dev/sda5 as my root and /dev/sda6 as my swap.  /dev/sda1 was the windows 7 boot partition and /dev/sda2 was my windows 7 system partition)

Step 11: make sure when you install grub, you install it to /dev/sda3.   DO NOT PUT IT IN THE MBR or /dev/sda or /dev/sda1.  If you do, you just screwed yourself.

Step 12: This will only boot to Windows 7 still.   Grab BCDEDIT for windows, and add a boot option to boot linux on /dev/sda3.

Step 13:  Boot Windows 7 and test.   Make sure Windows 7 still works! (Well, functions as well as one could expect for Windows)

Step 14: Boot Backtrack 5 from the windows boot menu.  it should shell to grub, boot it.  Make sure Backtrack 5 works.

Step 15: Boot Windows 7 and turn Bitlocker back on.   (record the recovery key.  this is the single more important long string of numbers you’ll ever deal with in Windows. Preserve it, protect it.  This key is your life, young padawan…)

Step 16: It should present you the windows 7 boot menu, where option 1 is Windows 7 and option 2 is Backtrack Linux then it should now prompt you for your Bitlocker pin.

I can’t stress two things: #1) this took me weeks of wiping the drive to figure this out.  Don’t be shocked if you have to tweek the steps for your specific situation.  #2) that recovery key is the most important thing in this process…

a few notes: (things that make you go Hmmmm…)
1) It asks you to pick which OS first, then prompts you to enter your Bitlocker pin…   You can’t boot linux unless you unlock bitlocker first.  Not sure why, but I’ll call it an “added feature!”  Remember, the linux side is NOT ENCRYPTED!   That means don’t be an *idiot* what you store there, assume it’s accessible if someone takes your laptop.
2) After you update-grub, plan on having your recovery password around for Bitlocker…  it always keeps asking me for it after I update grub, even though it’s installed to the /boot partition. (/dev/sda3 in my case)  Don’t leave your recovery key in your laptop bag, because that defeats the purpose of encrypting it, duh. I can’t stress that enough. The whole “point” is to protect the windows side in case anyone takes your laptop from getting any useful info off it….  Don’t forget the goal while you’re having so much fun messing with this nightmare.

–Bill (General Major Webelo Captain Zapp Brannigan)

4 Comments :, , more...

IT Crowd themed boot animation for Android phones

by on Jan.09, 2012, under Uncategorized

anim05 anim25

If you have a rooted Android phone, maybe you’ve messed around with replacing your boot animation (there are ways to do it without root, but you’re rooted anyway, right?).

I was bored a few months ago and I made a boot animation for my Droid Incredible that is based on the opening credits of the fantastic show The IT Crowd (look it up on Netflix if you haven’t seen it. You can thank me later). Now I’ve updated the animation for the 720p screen on my new Galaxy Nexus.

I made a crappy video demonstrating the boot animation here: http://bit.ly/ITCBoot

If you’d like to download them, they are here:

Galaxy Nexus (1280×720 version)

Droid Incredible (800×480 version)

Basic readme instructions are included in the zip file.

Install at your own risk!

My animation got a nice mention here on Androinica: http://androinica.com/2012/01/galaxy-nexus-it-crowd-boot-animation/

1 Comment :, , , more...

Magic of RSYNC…

by on Sep.28, 2011, under Uncategorized

I routinely back up my RHEL boxes with RSYNC over SSH…   It’s just something I do.   Yeah, I know, I’m using “X” commercial backup application and it works well, yadda, yadda, yadda.   However, I still make at least weekly backups with RSYNC to a NAS.  It is a habit of mine, like hookers and blow.

Question came up, “how do you do a bare metal restore from that backup?” which tags along with the question “how do you do a bare metal copy from old server to brand new server?”

If the hardware isn’t too odd (usually hardware RAID controllers you have drivers in your initrd is the limiting factor here, but you can work around that too with some Linux foo skillz…), or it’s a bare metal restore to same hardware, yes, you can use RSYNC.

for my examples: “sourceserver” is the other running server that you want to bare metal copy to the destination.
“target” is the destination server.
First: boot the destination server with a rescue disk.   I use RHEL rescue CD.
Create your partitions to taste, and reboot again with the RHEL rescue CD.

Second: Mount partitions in the order you want them.  example: (I just picked an example partition table, seriously, match what you really need…)
mount /dev/sda2 /mnt/sysimage
mkdir /mnt/sysimage/boot
mount /dev/sda1 /mnt/sysimage/boot
mkdir /mnt/sysimage/home
mount /dev/sda5 /mnt/sysimage/home
mkdir /mnt/sysimage/var
mount /dev/sda6 /mnt/sysimage/var

this mounts all of the “target” under /mnt/sysimage on the rescue cd.
Third: I have this script I run:  (which you can make on the rescue disk, once again, a little bit of foo goes a long way…)

#!/bin/sh
rsync –verbose  –stats –owner –group –devices \
–recursive –times –perms –links \
–rsh=/usr/bin/ssh \
–delete \
–include=/opt/nfs \
–exclude=/proc \
–exclude=/sys \
root@”sourceserver”:/ /mnt/sysimage
#

enter your SSH password  (yes, you should allow root logon through SSH for this one, if you don’t know how to enable that, look it up on google, it’s braindead easy…)

Fourth: reset the permissions on the “/” share and make sure they are right:
chmod 755 /
Fifth: Finally, fix grub.  (this example is from my VMware ESX servers…)

From the linux rescue:

Issue the grub command:
grub

then type in these commands:  (depending on your hard drive layout and 0 = zero for those easily confused…)
device (hd0) /dev/sdm  (this server was /dev/sdm instead of something normal like /dev/sda…   salt to taste, or add butter like Paula Dean…)
root (hd0,0)
setup (hd0)
quit

then reboot and test, test again, enjoy!

Leave a Comment more...

Harbor Freight Auto-Darkening Solar Welding Helmet Repair

by on Sep.26, 2011, under Tutorials

A little over a year ago, I purchased one of Harbor Freight’s auto-darkening welding helmets.  For $50, it’s a great deal.

helmet1

Unfortunately, after less than a year of use, it simply stopped working.  Somewhat ironically, the way you find out that your helmet has stopped working is by getting a flash burn in your eyes when you weld using a broken helmet.

One of the guys in my welding class mentioned that there are batteries in the helmet which can go bad over time.  Batteries in a solar-powered helmet?  Clearly this guy was nuts — but I thought I’d check it out anyway.

Turns out, he wasn’t crazy.  There are two CR2330 coin cells soldered directly to the main circuit board inside of the unit:

batteryChecking the batteries with my voltmeter, I quickly discovered that one of them was completely dead.  The other battery was still putting out a solid 3VDC.

Since soldering in batteries every time they go dead is not exactly a user-friendly solution, I decided to replace them with AAA’s.  Here’s the procedure.

1)  Remove the darkness adjustment knob by gently prying it off with a screwdriver.  Un-screw the plastic nut which holds the unit in place.

2)  Remove the clear plastic shield from the front of the helmet, and then gently remove the electronics assembly by unhooking the retaining spring.

3)  Use a utility knife to pop open one corner of the enclosure.  Work your way around the circumference with a screwdriver, breaking apart the plastic weld, until the cover can be removed.

4) Mark the locations of the (+) and (-) of each coin cell.  Using your desoldering braid, remove the coin cells.

5)  Go to Radio Shack and buy two AAA battery holders.  I used these:

batt-holder

6)  Solder one AAA holder in place of each of the coin cells that you removed.  Be sure to observe polarity.

solder wires in

2holders

7)  Using the shaft of your soldering iron, melt a hole in the side of the enclosure so that the wires from the battery holders can exit.  You’ll also want to melt a corresponding hole in the cover.

8)  Mix up some 2-part epoxy, and epoxy the wires to the enclosure.  This step probably is not necessary, but I don’t want to burn my eyeballs again.

epoxy

9) Wait for the epoxy to dry.  Take this opportunity to clean all the viewing windows with Windex and a lint-free cloth, then  reassemble the unit.  There are four friction pins which seem to hold everything together just fine.

reassemble

10)   Re-install the electronics housing into the helmet.  Re-attach the darkness adjustment dial.

11)  Glue the two AAA holders to the inside of the helmet.  I initially used the same epoxy that I used to hold the wires in place, but it didn’t bond to either the plastic of the helmet or the plastic in the battery holders.  I ended up using my hot glue gun, which worked very well.

glue

glue2

12)   Install four AAA batteries, and then test your helmet.  I found – quite by accident – that the helmet will darken when you look at a halogen light bulb.

13)  Go weld stuff.

Good luck with your repair!

~Eric

61 Comments :, , , , , more...

My Conversation with an AIM Bot

by on Jun.21, 2011, under Security

AIM Bots are nothing new — a poorly coded Eliza clone will IM you and attempt to get you to click on a URL.   The URLs I’ve seen tend to fall into one of two categories:  either a link to a malware download (usually an .exe) or a “free sign up” of some type which asks for your credit card information.

Here’s a conversation I had with an AIM bot which called itself “Jenny”…  (note:  I added the .noclick suffix to the URL)

(1:11:17 PM) incandescence20: 🙂
(1:12:49 PM) x2716057: this seems legitimate.
(1:13:06 PM) incandescence20: hello whats up? 21/f you
(1:13:35 PM) x2716057: my name is Alan Turing
(1:13:58 PM) incandescence20: Jenny
(1:14:17 PM) x2716057: Jenny.py I bet
(1:14:37 PM) incandescence20: o i’m sorry i can be forgetful at times..
(1:15:01 PM) x2716057: The thing about Arsenal is, they always try to walk it in.
(1:15:30 PM) incandescence20: so whats up
(1:15:39 PM) x2716057: My hovercraft is full of eels.
(1:16:08 PM) incandescence20: not much just got done reading a book.. it got me feeling naughty..
(1:17:00 PM) x2716057: I bet that you have a webcam you want me to check out.
(1:17:22 PM) incandescence20: are you in the mood 4 some fun?
(1:18:13 PM) x2716057: Are we going to balance my checkbook?
(1:18:37 PM) incandescence20: weII i have a webcam do you wanna play?
(2:13:15 PM) x2716057: Shocking!
(2:13:38 PM) incandescence20: i would love to let you watch me play with my pussy for u do you want to see?
(2:14:24 PM) x2716057: What kind of cat do you have?
(2:14:42 PM) incandescence20: ok click http://secretchatroulette.noclick.com/acceptinvite?=1796 & fill out your info don’t worry it’s FREEE!!!
(2:15:28 PM) x2716057: All that trouble to write an AIM bot and your URL doesn’t even work. Sheesh.
(2:15:48 PM) incandescence20: if i was a bot ..why would i be wearing this hat?? lolz
(2:16:34 PM) x2716057: you must be regex’ing on the word bot
(2:16:59 PM) x2716057: if ( $string=~/bot/i ) { print “I am not a bot”}

Jenny stopped talking to me after the last IM.  I guess she doesn’t like Perl.

2 Comments more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!