Skip to main content
No Good Father
  1. Posts/

USB Encrypt for Backtrack

·528 words·3 mins
Distribution Backtrack

backtrack4のフォーラムを読んでいたら教えて君がいたのでフォローした。 内容は distro iso を更新する方法だったが、 bt4-customise.shで出来るよって。

さらに変更したものをポストしておく。squashfs を LUKS でカプセルるもの。

bt4-customise.sh 
  btisoname=bt4.iso
  btmodisoname=`basename $btisoname .iso`-mod.iso

  luks_image=0
  count=2560000

  clear
  echo "##############################################################"
  echo "[*] BackTrack 4 customisation script"
  echo "[*] Setting up the build environment..."

  services="inetutils-inetd tinyproxy iodined knockd openvpn atftpd ntop nstxd nstxcd apache2 sendmail atd dhcp3-server winbind miredo miredo-server pcscd wicd wacom cups bluetooth binfmt-support mysql vmware vboxdrv kvm nessusd"

  test -d mnt || mkdir -p mnt
  test -d extract-cd || mkdir -p extract-cd
  test -d squashfs || mkdir -p squashfs
  test -d container || mkdir -p container
  mount -o loop,ro $btisoname mnt/
  rsync --exclude=/casper/filesystem.squashfs -a mnt/ extract-cd
  if $(file mnt/casper/filesystem.squashfs | grep -qi luks); then
      luks_image=1
      loopdev=`losetup -f`
      losetup $loopdev mnt/casper/filesystem.squashfs
      cryptsetup luksOpen $loopdev bt4
      mount -o ro /dev/mapper/bt4 container/
      mount -t squashfs -o loop,ro container/filesystem.squashfs squashfs
  else
      mount -t squashfs -o loop mnt/casper/filesystem.squashfs squashfs
  fi
  test -d edit || (
      mkdir -p edit
      echo "[*] Copying over files, please wait ... "

      cp -a squashfs/* edit/
  )

  cp /etc/resolv.conf edit/etc/
  cp /etc/hosts edit/etc/
  cp /etc/fstab edit/etc/
  cp /etc/mtab edit/etc/
  test -f ~/.proxyuse && cp ~/.proxyuse edit/root

  mount --bind /dev/ edit/dev
  mount -t proc /proc edit/proc

  echo "##############################################################"
  echo "[*] Entering livecd. "
  echo "##############################################################"
  echo "[*] Now you can modify the LiveCD. At minimum, we recommend :"
  echo "[*] apt-get update && apt-get upgrade & apt-get clean"
  echo "##############################################################"
  echo "[*] If you are running a large update, you might need to stop"
  echo "[*] services like crond, udev, cups, etc in the chroot"
  echo "[*] services like crond, udev, cups, etc in the chroot"
  echo "[*] before exiting your chroot environment."
  echo "[*] If you use proxy,  type \"source ~/.proxyuse\""
  echo "##############################################################"
  echo "[*] Once you have finished your modifications, type \"exit\""
  echo "##############################################################"

  chroot edit

  echo "[*] Exited the build environemnt, unmounting images."

  rm -rf edit/etc/mtab
  rm -rf edit/etc/fstab
  rm -rf edit/root/.bash_history
  rm -rf edit/root/.proxyuse

  umount edit/dev
  umount edit/proc
  umount squashfs
  if [ "x${luks_image}" == "x1" ]; then
      umount container
      cryptsetup luksClose bt4
      losetup -d $loopdev
  fi
  umount mnt

  chmod +w extract-cd/casper/filesystem.manifest

  echo "[*] Building manifest"
  chroot edit dpkg-query \
      -W --showformat='${Package} ${Version}\n' \
      > extract-cd/casper/filesystem.manifest

  for service in $services;do
      chroot edit update-rc.d -f $service remove
  done

  REMOVE='ubiquity casper live-initramfs user-setup discover xresprobe os-prober libdebian-installer4'
  for i in $REMOVE
  do
      sed -i "/${i}/d" extract-cd/casper/filesystem.manifest-desktop
  done

  cp extract-cd/casper/filesystem.manifest extract-cd/casper/filesystem.manifest-desktop

  sed -i '/ubiquity/d' extract-cd/casper/filesystem.manifest-desktop

  echo "[*] Building squashfs image..."
  if [ "x${luks_image}" == "x1" ]; then
      echo "[-] encrypt squashfs using"
      if [ ! -f extract-cd/casper/filesystem.squashfs ]; then
      echo "[>] encrypt squashfs making ($count MB)"
      dd if=/dev/urandom of=extract-cd/casper/filesystem.squashfs bs=1024 count=$count
      losetup $loopdev extract-cd/casper/filesystem.squashfs
      cryptsetup -y --cipher aes-xts-plain --key-size 512 luksFormat $loopdev
      else
      losetup $loopdev extract-cd/casper/filesystem.squashfs
      fi
      cryptsetup luksOpen $loopdev bt4
      mkfs.ext3 /dev/mapper/bt4
      mount /dev/mapper/bt4 container/
      mksquashfs edit container/filesystem.squashfs
      umount container
      cryptsetup luksClose bt4
      losetup -d $loopdev
  else
      rm -rf extract-cd/casper/filesystem.squashfs
      mksquashfs edit extract-cd/casper/filesystem.squashfs
  fi

  rm extract-cd/md5sum.txt

  (cd extract-cd && find . -type f -print0 | xargs -0 md5sum > md5sum.txt)

  cd extract-cd

  echo "[*] Creating iso ..."

  test -f ../${btmodisoname} && mv ../${btmodisoname} ../bt4-mod_prev.iso
  mkisofs -b boot/grub/stage2_eltorito \
      -no-emul-boot -boot-load-size 4 \
      -boot-info-table \
      -V "BT4" -cache-inodes -r -J -l \
      -o ../${btmodisoname} .

  cd ..

  echo "[*] Your modified BT4 is in $(pwd)/${btmodisoname}"
  echo "##############################################################"

Related

Xmonad for Backtrack4
·154 words·1 min
WindowManager Distribution Xmonad Backtrack4
xmonad window manager
·18 words·1 min
WindowManager Xmonad
Guruplug Std.
·9 words·1 min
Guruplug Guruplug