manu's blog

I have been playing with backtrack installation on USB since last 3 days. Just thought of sharing my experiences with you. I have a 2 GB USB stick. I wanted to create 2 partitions on it and install backtrack in one of them. Don't ask my why - I just wanted to play with different boot options on a USB stick. Here is what I learned from last 3 days of head breaking: 1. Using a filesystem other than FAT/FAT32 on USB stick is a bad idea. I tried ext2 and ext3. Sometimes they work and sometimes (and on some systems) they fail for no reason. 2. Bootloader 'grub' is a bad choice for USB boot. 'grub' tries to know too much about the system and when things change it just raises the hands and aborts. I could get it run my USB stick, but it was very unreliable. 3. Bootloader 'lilo' also didn't work always. I worked on my laptop, while it got stuck in between on my desktop. I don't know whether it was 'lilo' or filesystem ext2. I didn't test with FA

I have compiled some modules during my testing/use of BT 2.0 beta. Here are some modules that you could find useful: NTFS read/write support using ntfs-3g: http://manugarg.googlepages.com/ntfs-3g-0.20061031-BETA.mo More information on ntfs-3g can be found in my previous post: "Release of ntfs-3g beta, read write driver for ntfs" LVM2 support. Device-mapper userspace tools and lvm2 tools are required to make lvm2 work in BT: http://manugarg.googlepages.com/device-mapper.1.02.12-i386.mo http://manugarg.googlepages.com/LVM2-2.02.13-i386.mo Note: muts has already been informed and he has pushed these binaries in the cvs. So next release won't require these modules. I'll update the modules for this release in this thread only to make it easier to find them. Happy Backtracking ;) M Update: Nov 12, 2006 -------------------- Here comes the new modules: truecrypt . A very useful encryption utility. http://manugarg.googlepages.com/truecrypt-4.2a.mo Digg this ; Post to del.icio.

Some news and some experiences: mutts and max released Backtrack 2.0 Beta about 2 weeks back. I have not got much time to test it extensively so far. Some inputs from the initial runs: -It looks even more sexier (very important :)). -It has latest madwifi drivers. Phew, looks like I am finally relieved of compiling madwifi-ng with every release of backtrack. Very welcome change :) -Kernel sources with the distribution. Here goes 1 more external module away. -Replacement of UnionFS by aufs with zlib for modules. This allows for more stuff to be packed in less space. But, it also leaves older modules incompatible (who needs them anyways ;)). I tried to run it on my thinkpad z60t. My wireless card (Thinkpad a/b/g mini-pci, based on Atheros chipset) came up just fine with madwifi drivers. Monitor mode also seems to work fine. For monitor mode, I had to use wifi0 as source in Kismet configuration, while rest of the networking stuff works fine with ath0. For graphics, do run 'xorgset

This is one tool that I had written about one and half years back. Why am I talking about it now? Well, I have recently realized that it's quite a useful thing. I find myself using it quite a bit. You may also find it of some use. What does it do? As the title says, it just sends mails. To understand the usability, it will probably help to know why I wrote this? I wanted a tool to backup my files to my gmail account in quick and easy steps. I wanted to use gmail smtp server as I thought gmail would be reliable. Using gmail smtp was not easy, as it required login and tls support from the client. I know I could have used Thunderbird and other clients. But, idea was to have something simple and quick to use. So, requirements were like: 1. Definitely a command line interface 2. Platform independent (should run on linux and windows at least) 3. Attaching files should be easy and smooth. 4. Should have support for TLS 5. And possibly should have support for GUI and an option to save conf

...mysterious carriers of information from kernelspace to userspace. I hit upon them while writing my last paper on sysenter based system call mechanism . In one sentence, these vectors are the mechanism to transfer some OS specific information to the program interpreter (e.g. ld) and the process. Examples of such OS specific information are - page size, system call entry point, real and effective user ids etc. Linux 2.6 specifically uses an ELF auxiliary vector called AT_SYSINFO to pass the address of __kernel_vsyscall. How these vectors are passed on? This work is done by the elf loader. Elf loader is responsible for loading elf binary files into the system. Elf loader puts these vectors on the process stack alongwith other information like argc, argv, envp. Isn't it new? Many programmers are unaware of these extra creatures on the stack (at least, I was one of them ;)). To make life easier for them (and for me too), I have written this article, nah a small writeup on elf aux

Szaka announced the release of user land read-write driver for NTFS on linux-ntfs-dev mailing list on July 14th, 2006. This is a user land driver and it makes use of fuse . Fuse is a linux module which provides facility to write filesystems in user space. It seems that this driver is quite stable and provides better option than captive-ntfs. Good news for BackTrackers, huh? :-). I have complied ntfs-3g beta module for backtrack-v1. Backtrack comes with fuse kernel module, but I had to compile fuse tools and library to compile ntfs-3g. Here are the links to the modules: http://manugarg.googlepages.com/ntfs-3g-20070714-BETA-i386.mo http://manugarg.googlepages.com/fuse-2.5.3-i386.mo I have done some basic testing using these modules and things look fine. Hope you will find these modules helpfull. To start using it: -Load fuse module using: modprobe fuse -Mount windows filesystem using: mount -t ntfs-3g /dev/hda1 /mnt/windows More information about ntfs-3g can be found in the announcement

Reporting from linux kernel land, Starting with version 2.5, linux kernel introduced a new system call entry mechanism on Pentium II+ processors. Why this new mechanism? Well, somebody reported performances issues with system calls on Pentium IV processors. Apparently, the system call mechanism based on software interrupts was responsible for this performance lag. Linux, or Linus more specifically, responded by implementing an alternative system call mechanism. This mechanism made use of SYSENTER/SYSEXIT instructions available on Pentium II+ processors to implement system call entry and exit. This articles explores this new mechanism. If I have made any general statement, i.e. not mentioned specific architecture, please make a mental note that I am talking about Pentium processors. Also, all source code listings are based on the kernel i.e. 2.6.15.6 (that's the kernel on backtrack v1.0). Here is the link: http://articles.manugarg.com/systemcallinlinux2_6.html I explored t

BackTrack v.1.0 was released on May 26, 2006. Against all my expectations, it again didn't have latest madwifi drivers on it. So had to compile them again. Few changes that I observed during compiling: - svn is there (good) - kernel sources are gone (bad) Here are the links to compiled packages: slax community website: http://slax.linux-live.org/modules.php?id=1151 googlepages.com: slax-module: http://manugarg.googlepages.com/madwifi-ng.mo compiled tgz: http://manugarg.googlepages.com/madwifi-bt-v1.tar.gz Refer to my previous post for instructions to use them. Happy backtracking! -M http://www.manugarg.com "Journey is the destination of life" Technorati tags: wireless thinkpad slax madiwifi atheros backtrack

Greetings fellas, Have been playing with linux on my new Thinkpad z60t recently. Tried running BackTrack (a live-cd distribution of remote-exploit group) from usb drive. BackTrack is based on slax and is probably the best live cd distribution around for pen-testing with lots of security and forensic tools onboard. Well, it booted up fine from the usb stick, but the default madwifi drivers on the latest (v.3.0) backtrack were not able to recognize the wireless card ( ThinkPad 11a/b/g mini-pci ) on my laptop which is based on Atheros chipset. After some googling I found out that latest madiwifi drivers should work just fine. Tried looking for some compiled module for slax but could not find any. So, finally decided to build one myself. I followed the steps here to compile the modules and it went on quite smooth. My wireless card worked just fine with the latest madwifi drivers. To make life a little easier for other BackTrack and Slax users, I have uploaded this module to Slax module