How-to: Backtrack 3 USB save changes

In Backtrack 3 new release, the developer of Backtrack 3 includes USB version to make an easy mobility pentesting. I really enjoy this version because it’s so mobile, you don’t need to resize your PC/laptop hard drive, just download the USB version of Backtrack 3 here, and extract them to your pendrive or flash drive or usb drive or whatever.

This version gives us some options in boot screen, whether we want to boot into a standard Backtrack or a Compiz version of Backtrack (*shocked*) with your own risk. I prefer choose the default and standard Backtrack configuration than Compiz, because it’s still experimental.

Now, when we started to pentest something and later we want to use the data that has been collected within the pentest, you should choose BT3 Graphics mode with Persistent Changes to save all of your changed configurations.

Since i often use this option, and it’s very annoying, i prefer make some changes to the boot screen configurations. I edited the syslinux.cfg, and copy the BT save changes option to my own boot option. Of course, i commented the experimental boot until it stable on next release

This what i’ve done (assume /dev/sdb as my pendrive)

1. Make sure you have a large disk space on your pendrive.
2. Split your pendrive into 2 partitions, the 1st is for your BT3 files, and the 2nd is for your changes. I have 4 GB pendrive, so i made 2 partitions with 1500MB for BT3 files (with FAT32 FS) and the rest of disk space went to another partition with Ext2 FS.
3. Format it using mkfs (e.g. mkfs.vfat /dev/sdb1; mkfs.ext2 /dev/sdb2)
4. Mount it (e.g. mount /dev/sdb1 /mnt/sdb1;mount /dev/sdb2 /mnt/sdb2)
5. Copy all BT3 files to our new FAT32 partition (e.g. cp -r /path/to/your/extracted/bt3-usb/ /mnt/sdb1). You should now have two directory called BT3 and boot in /mnt/sdb1.
6. Go to your new mounted BT3 directory (/mnt/sdb1), and edit syslinux.cfg on /boot/syslinux/
7. Find this line: APPEND vga=0×317 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 rw changes=/changes/slaxsave.dat autoexec=xconf;kdm (in MENU LABEL BT3 Graphics mode with Persistent Changes). Take a look at changes=/changes/slaxsave.dat, this is an option to save all your changes to a file called slaxsave.dat. Now we’re going to make some changes in this boot screen.
8. Remember when i said that i prefer to use the default Xwindow configuration than Compiz experimental configuration? Now we will edit the default configuration of Backtrack 3 boot in syslinux.cfg. Find this line: APPEND vga=0×317 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 rw autoexec=xconf;kdm (in MENU LABEL BT3 Graphics mode (KDE)), now insert changes=/dev/sdb2. Our new lines should be APPEND vga=0×317 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 rw changes=/dev/sdb2 autoexec=xconf;kdm. Don’t forget to commented the experimental boot option because we’re not gonna use it. After that, save the configuration.
9. Next we will make a directory called changes on /mnt/sdb2 (e.g. mkdir changes /mnt/sdb2). Because all changes will be saved there.
10. Reboot..
11. Boot normally via USB Drive and wait for Backtrack 3 boot prompted.
12. Press TAB to make sure our configuration loaded. You should see our edited lines there, next..boot into our new BT3 Graphics mode (KDE).
13. Let it boot the kernel, extract some lzm, and finally load the desktop (May the sauce be with you )
14. Go setup Nessus to make some changes on this Backtrack, and reboot. Please check whether your configurations is saved or not. If saved, you should see a mirror of BT3 root partition on /mnt/sdb2/changes/
15. Good luck and happy mobile pentesting ^^

UPDATED:

2008-10-10

Here is my syslinux.cfg, this should be in /mnt/sdb1/boot/syslinux/. You may compare from the default.

Thx to Paul Dixon for pastebin.com

Related posts

• Audit website dengan w3af (0)
• Kumpulin Security Distro (0)
• Penetration testing Real world mode by Offsec (0)
• Tehnik Tunneling dalam Hacking (5)
• Nessus on Backtrack 3 (3)