Sunday 8 September 2013

Three new 'Tutorials' added

109 - USB Rubber Ducky Hack Device (Hak5)  (just information rather than a tutorial!)
110 - Run full Windows XP to Go! from a USB drive Install full XP to a VHD in 30 minutes (works on some systems but not all!)
111 - How to semi-automate and speed-up Windows driver installs (if you often manually re-install Windows using Setup.exe on the same model of system, why not semi-automate the driver installation and save time).

Thursday 5 September 2013

FAST! Windows NTFS file search of your entire system in a few seconds! - SwiftSearch

SwiftSearch requires Admin privileges, however, it is VERY FAST!
You can use regular expressions or use a search pattern like t*.xl??  to find Excel files beginning with t or T. On my 250GB nearly full C: volume it did this search in about 1 second (after reading the NTFS file table on the first search, which took about 5 seconds)!
Not only is it fast, but it actually finds the files I am looking for (even if it is a hidden or system file) unlike the next-to-useless Win 7 search engine! Finally you can disable the resource hungry and delay-causing Windows Search Service and no need for an enormous index file either. Shame MS couldn't do this!
SwiftSearch is a standalone executable and therefore is a portable application - it ran fine under a vanilla Windows 7 PE environment too. This means it could be very useful for booting a system to WinPE from a USB drive and then quickly using SwiftSearch to find and copy an important file (or all .doc files?) onto your USB drive. Unfortunately you can only select and copy one file at a time in the search results (no Ctrl+A function) but at least right-click works as expected on individual files. Maybe this will be improved soon?
See here for a forum thread on SwiftSearch and comments from the author of SwiftSearch about hidden (previously undocumented) features:
  • F5 - re-index target volume (use this if you have copied files to the same volume since you launched SwiftSearch)
  • Ctrl+Search = find all files included deleted files (right-click on result to see file number) - combined with DiskBuddy's ability to read the MFT, that should be enough to tell you where a file is located on the disk.
  • Shift+Search = display all NTFS attributes
  • ESC - minimise to System Tray (re-indexes every 15 minutes)




Wednesday 4 September 2013

Easy2Boot v1.08 - few minor changes

v1.08 2013-09-04 bitdefender mnu file added to docs folder, Windows 8.1 temporary Product Keys added, master pwd option in MyE2B.cfg

Setting a master password prevents the user from running E2B unless they know the password.

Tested with Windows 8.1 x86 ISO (no E2B code changes were required but new Windows 8.1 keys need to be entered to install Win8.1).

Link for leaked Win8.1 ISOs is available in External Links page on www.rmprepusb.com site.

Tuesday 3 September 2013

'Hide' grub4dos menu.lst and other 'sensitive' files

If you have made a grub4dos bootable USB drive and you have password protected the menu.lst (or maybe just some of the menu entries) using the grub4dos password command, it is really quite easy for someone to hack the menu.lst file and simply remove the password lines just by using Notepad.

Another scenario is that you have set up an expiry date in the menu.lst file, so that when the expiry date is reached, a message will warn the user that it has expired and it should be updated and you don't want this to be circumvented! . See here for details on how to set this up.

Here are two ideas which I use to deter the amateur hacker.

1. Use 7Zip to compress the menu.lst file (or any sensitive .g4b batch files or other files loaded by grub4dos) to GZip format. Ensure that the resultant filename and extension is not changed and grub4dos will still run it just fine.

2. Set the file attribute on the 'sensitive' files (e.g. menu.lst) to Hidden (right-click - properties - Hidden).
You could also set the file attribute to System+Hidden+ReadOnly to make it even more difficult to see in Windows Explorer. You can use the Windows command line and the attrib menu.lst +h +r +s command or use NirSoft BulkFileChanger to do this.

This (compression to Gzip +  attribute change) will also work on most of the grub4dos Easy2Boot files (e.g. all .g4b, .lst and .mnu files and even your \_ISO\MyE2B.cfg file). Just keep the filename and the extension the same. Any file loaded by grub4dos that is detected as being in compressed gzip format is automatically uncompressed by grub4dos when it is read.

Of course, now I have told everyone this, it is no longer a secret!


Footnote: Another format that grub4dos can read is lzma, but not the standard lzma compression used by 7Zip. This format is slightly better because if you open it in NotePad, you don't see any tell-tale header information. For this lzma compression which grub4dos understands, we need to use the Windows lzma.exe utility

1. Download lzma.exe from https://code.google.com/p/grub4dos-chenall/downloads/detail?name=lzma.exe
2. Open command prompt
3. Type
                  lzma.exe e J:\_ISO\MyE2B.cfg J:\_ISO\MyE2B.cfg.lzma
4. Delete the original file and rename the lzma so it is the same name as the original (e.g. MyE2B.cfg).

To decode the compressed file, use the d parameter:

              lzma.exe d J:\_ISO\MyE2B.cfg J:\_ISO\MyE2B.cfg.txt

P.S. 7Zip can also decode the compressed lzma files if you add the .zip extension - 7Zip lists them as LZMA:23 encoded files.

For more details and also a handy drag&drop utility to compress E2B files (without changing the original filename) see Tutorial 72a here. It also has a decompress drag&drop utility included too. Each file selected is checked first to ensure you don't try to double-compress a file by mistake!

E2B - bitdefender ISO + persistence now supported

You can run a BitDefender .ISO with persistence from an E2B USB drive which keeps AV updates on the USB drive's persistent ext2 filesystem. I have added a new .mnu file to the E2B download - look in the \_ISO\docs\Sample mnu files folder (as usual).

Saturday 24 August 2013

Easy2Boot v1.07 now available

Download Version 1.07 here.

  • Latest grldr gives better alphabetical sorting (e.g. _fred.iso now listed in E2B menu before afred.iso).
  • .isope file extension support - if WinPE2/3/4 iso then when wpeinit runs, the iso will be loaded as a virtual CD/DVD.  See here for more info.
  • WinPE ISOs (.isope) can mount the .ISO after booting and user can define any drive letter for the ISO and auto-run a post-cmd batch file once ISO is loaded. See here for more info.
  • ISOASK variable supported (is set, will ask user how to run every .iso). See here for more info.
  • Can force any .iso to run as if it had a different file extension by creating a .mnu file for the iso file. See here for more details.


Sunday 18 August 2013

E2B v1.07 Beta5

Another small change for Zalman ZM-VE200/300/400 CD emulator owners! You do not have to change the .iso file extension for E2B now.

This version allows you create a .mnu file for each .iso file that requires a different extension for E2B.

For instance, if you have a Hirens iso file and you want to run it with the .isowinvh file extension in E2B, but leave the hirens iso file with a .iso extension on the Zalman E2B drive, use this .mnu text:

title Hirens ISO\n Boot direct from Hirens ISO\n If running DOS utilities from an NTFS drive you may need to select the NTFS driver when offered a choice instead of AUTO
/%grub%/qrun.g4b force.isowinvh %MFOLDER%/Utility/Hiren's.BootCD.15.2.iso
boot


The force.isowinvh is a dummy filename (any filename will do!) followed by the extension that you want E2B to use. Whatever extension is specified in this first dummy parameter will be used to run the .iso file that is specified in the second parameter. So in this case, the Hirens .iso file will be run by E2B as if it had a .isowinvh file extension.

In the example above, the hirens iso file and .mnu file would be present in the \_ISO\UTILITIES\Utility folder or \_ISO\MAINMENU\Utility folder  (i.e. at the \_ISO\xxxx\Utility level).

Friday 16 August 2013

E2B v1.07Beta 4 now available - BUGFIX!

bugfix for v 1.00 and all later versions - %MFOLDER% was set to ()/_ISO/xxx instead of /_ISO/xxx by AUTOMN.g4b. This meant that some sample .mnu files that used (bd)%MFOLDER% did not work and you needed to remove the (bd) portion to get them to work.
Beta4 fixes AUTOMN.g4b so that MFOLDER is now /_ISO/xxxx  as it was in most previous Beta versions.
If you are having problems getting the sample .mnu files to work, try this new version!
See Easy2Boot V1 Tutorial 72a  (bottom of page) for the download.

Thursday 15 August 2013

E2B v1.07Beta3 now available

If you add the line
set ISOASK=1
to your \_ISO\MyE2B.cfg file, then any ISO file listed in the E2B menus will run as if the extension was .isoask  (i.e. it will run the .iso and ask you to choose a way to run it).
This means if you have a Zalman CD/DVD  USB HDD caddy, you do not have to have duplicate copies of all the iso files (e.g. have hirens.isowinvH for E2B and hirens.iso for the Zalman). All your files can be .iso but when running E2B, it will ask you how to run them.