Installing Backtrack 3 On An Eee Pc

Installing Backtrack3 on an Eee PC Written by hevnsnt Monday, 28 January 2008 The Asus Eee PC. A palm-sized 900Mhz computer that includes a 4Gb Solid state hard drive. Now consider the fact that this beautiful machine includes an Atheros-Chipset based wificard that supports injection, and has 3 USB 2.0 ports. You have the perfect hack-top. The only thing that could make it better is to match this great hack-top with a great Hack-OS. BackTrack is the top rated linux live distribution focused on penetration testing, and supports the Eee PC natively. **UPDATE** This tutorial will walk you though the installation of BackTrack 3.0 (FINAL) onto the Eee PC. This is the first of many tutorials using this great platform! Items Needed:

• • • •

Asus Eee PC (4G Non-Surf used in this tutorial) 2gb (or larger) flash drive Second computer running linux or windows 4Gb (or larger) SDHC card (completely optional)

Note: When you see text shown like this, it should be typed in your LINUX terminal

WARNING: THIS TUTORIAL WILL COMPLETELY OVERWRITE YOUR STOCK OS ON YOUR EEE PC, AS WELL WILL COMPLETELY DESTROY ANY DATA ON YOUR FLASH DRIVE.

Preparing the Flash Drive 1. On the second (NON-Eee PC) computer begin to download the USB version of BT3 from http://www.remote-exploit.org/backtrack_download.html (~784mb). The USB package is an extended version of BackTrack, and when expanded will take up most of our 4Gb SSD (Solid

State Disk) in the Eee PC. Once downloaded, extract the ISO; Windows users can use WinRAR, Linux/OSX just mount the iso: mkdir /mnt/iso mount -o loop -t iso9660 .iso /mnt/iso

Or use whatever program you like that can mount/extract the folders inside. If you have a DVD, just can simply burn the ISO to dvd using any popular burning program and skip step 2. 2. Copy the "BT3" and "BOOT" folders to the root of your flashdrive. Once this is done, we need to make this flash drive bootable. The BackTrack3 USB install includes scripts to perform these step for us. These scripts will attempted to locate where the drive is installed, and then copy the grub bootloader onto the flash drive. Once the script has completed you can remove the flash drive. (Unmount if needed) In Windows: Open Windows Explorer and navigate to your flash drive. You should see the two folders we previously put on there. Navigate to and double click on the \boot\bootinst.bat (make sure you are on the thumbdrive before you run it!!!) In Linux: In your terminal window, navigate to the flash drive. You should see the two folders we previously put on there. Navigate to the boot/ folder. Make the script executable by typing: chmod +x bootinst.sh

And the execute it. ./bootinst.sh

Booting BackTrack3 3. Insert the flash drive into the EeePC (doesn't matter which USB port) and turn it on. When the

gray "Starting EeePC" screen shows, press the Escape Key 'Esc' which will bring up a boot menu, allowing you to select the flash drive as your boot device. If everything went correctly, you should be presented with the BackTrack Grub loader. Make sure to arrow down and select "BT3 Graphics mode (Compiz) - Experimental." If an undefined video error comes up, just press SPACE to continue. At this point, if you would like to keep your stock Xandros OS on your SSD, and only boot BackTrack from the flash drive when you want it, you are done. You will notice however since Backtrack3 is booting from your USB drive, it will be much slower to boot than the default Xandros OS. By following the remainder of this tutorial we will fix that by installing Backtrack3 to your SSD. 4. Once the GUI starts up, open the K menu, and open up the xmms application (in multimedia.) If it has a white outline around it (see screenshot), continue to step 5, if not skip to step 8.

5. Back on the second (NON-Eee PC) computer, download the 14-12-2007 BackTrack 3 Beta USB version. 6. Once downloaded, Mount and/or extract as done before. Navigate to it, and go to "BT3/optional" and copy the cubez.lzm file to the same directory your flash drive, replacing the current file. I-Hacked members do not need to do this as the correct cubez.lzm can be downloaded here. 7. repeat steps 3 and 4. 8. Once Backtrack has booted fully, open a terminal window:

9. Use fdisk again to locate your SSD drive, in order to determine where we will be installing BackTrack3 and create the partitions. fdisk -l

By default the included 4Gb SSD has 4 partitions on it (hdc1, hdc2, hdc3, hdc4). Since we don't plan on keeping Xandros, we can simply blow the first two (hdc1 & hdc2) away. Hdc3 & hdc4 are used for Xandros recovery. I don't plan on ever keeping Xandros on my Eee, so I went ahead and deleted all four and created a single 4gb partition. The choice is up to you, but I figured the BackTrack3 image was so big I wanted to utilize as much SSD space as possible. fdisk /dev/hdc

First, type 'p' to make sure you see those same four partitions we identified earlier. (This step is just a safety step to make sure you are on the correct drive. Second use the 'd' command, and delete all four partitions. (1-4) *Or just the 'o' command to create a new empty partition table. At this point go ahead and do another 'p' to print the partition table. It shouldn't see any "linux" partitions. Now lets create the partition we will install BackTrack on.

Use the command 'n', then 'p', then '1'. It will now ask you were you want this partition to start and end, since we want the whole drive, the First Cylinder should be '1', and the last should be whatever the last is. (Just hit enter on both of these accepting the defaults) Now we need to make this partition bootable: type 'a' then '1'. You might want to do a final 'p' to ensure you only have one linux partition. After you are satisfied type 'w' to write the changes to the partition table. At this point, shutdown and restart your Eee. This is just simply a good computing step when partitioning drives. When your Eee is coming back up, don't forget to hit "Esc" and select your flash drive as the boot device. At the BackTrack Grub menu, make sure to select the "BT3 Graphics mode (Compiz) Experimental" Once BackTrack has finished booting, Open a new command windows and type: 'fdisk -l' to identify your SSD. (just like earlier)

10. The next step we need to do, is create the filesystem on the partition that we created earlier. This might be a good place to discuss which filesystem you should use on your Solid State Disk. Since the flash media used in the Eee's SSD "degrades" over time (simply a characteristic of Flash media) we want to minimize the amount of write cycles to the drive. There are hundreds of posts & wiki entries arguing which should be used. Some say you should avoid ext3 because it’s journaling function causes writes. These people advise ext2. Personally, I think the integrity risks of ext2 outweigh the reduction in write cycles, and would advise the use of a journaled filesystem. The Xandros install used an ext2 partition for the system files, and ext3 for the home directory. Since we are only making one partition, I chose to go with ext3. It must be

stated that Asus has come out and said that the use of Journaled filesystems do NOT void the warranty. Later in this tutorial we will take steps to cut down on some write cycles. Back In your terminal type: umount /dev/hdc1

and then mkfs.ext3 /dev/hdc1

(assuming your SSD was identified as hdc) Once this is finished, we will need to remount the partition, so we can install the Backtack3 OS onto your SSD. (press enter after each command) mkdir /mnt/bt3 mount /dev/hdc1 /mnt/bt3 mkdir /mnt/bt3/boot

11. Previous versions had an install app in the K-Menu, however the BackTrack3 final did not include this app, due to the developers intending for it only be used as a liveCD. In order to install, we must now copy all files from our "LiveCD Session" to our newly partitioned SSD. Make sure your EeePC is connected to AC power, and type the following command on ONE LINE. Note, this can take awhile, and can seem to get stuck at some places. This is where it is unpacking and moving some big files -- give it some time to continue (might greater than 10 mins) you will know it is finished when the bt~# prompt is back. cp --preserve -R /{bin,dev,home,pentest,root,usr,etc,lib,opt,sbin,var} /mnt/bt3

12. Continue the installation by typing the following commands mkdir /mnt/bt3/{mnt,proc,sys,tmp} mount --bind /dev/ /mnt/bt3/dev/ mount -t proc proc /mnt/bt3/proc/ cp /boot/vmlinuz /mnt/bt3/boot/

13. Set up LILO In order for our BackTrack3 install to boot properly, we need to configure our LILO bootloader. Type the following command: chroot /mnt/bt3 /bin /bash

(no space between /bin & /bash) Now you will need to edit the lilo config file. I prefer to use nano but feel free to use whatever editor you like. nano /etc/lilo.conf

Make your lilo.conf look like this. lba32 boot = /dev/hdc change-rules reset vga = normal image = /boot/vmlinuz root = /dev/hdc1 label = Back|track3

14. Finally, save your changes by executing this command: lilo -v

You are almost done, but before you reboot, first make a backup copy of /etc/xorg.conf. Either via the command line or with Konquerer navigate to /etc/X11 and copy the xorg.conf to your flash drive. You will need this file later. Make sure to replace sdX1 with where ever your flash drive was mounted (see fdisk -l to identify the location of your flash drive) cp /etc/X11/xorg.conf /mnt/sdX1/

Once the installer has completed, and you have backed-up the xorg.conf, shutdown and restart. K / Log Out Then shut down (with restart) shutdown -r now

(Let it go all the way down on its own, don't hold down the power button) Finally remove the USB drive. On next boot you will boot from your harddrive. Login with user:root pass:toor. then type: xconf startx

If everything worked right, your Eee should be booting BackTrack3 from your SSD, and you will soon be terrorizing the neighborhood. (I mean performing penetration tests ><)

House Keeping For the most part, this BackTrack3 install does a pretty good job, however there are some tweaks and fixes we need to make in order to to call this "Finished"

Continue reducing write cycles: Edit your /etc/fstab using your favorite editor (vi, nano, kedit) and add the following lines to the bottom of the file. tmpfs /tmp tmpfs defaults,noatime,mode=0777 0 0 tmpfs /var /tmp tmpfs defaults,noatime,mode=0777 0 0 tmpfs /var/log tmpfs defaults,noatime,mode=0777 0 0 (delete the space between /var and /tmp in the second line) **Note: This places all your log files in a temporary location in system RAM. This means that your logs will not exist after a reboot. If you need to diagnose something, be sure to comment these lines out in order to check logs.

Fix Compiz With BackTrack3 running, Plug in your flash drive. The drive should auto-mount and open a window asking what you would like to do. Select "Open in a new Window". Navigate to /bt3/optional/ then press f4 to open your terminal there. (make sure to notice where your USB drive was mounted example: system:/media/sdc1)

lzm2dir cubez.lzm /

Next replace the running xorg.conf with the one that you backed up earlier. (Make sure to replace sdX1 with where-ever your flash drive was mounted) cp /etc/X11/xorg.conf.back

cp /mnt/sdX1/xorg.conf /etc/X11/

Log out, and restart X startx

At this point, Compiz should be working. Press Ctrl + Alt + Left Arrow. You should see the cube spin.

Use FastTrack to update everything For those who don't know, FastTrack is an "Auto-pwn'ing & Auto-Updating" script that you will probably want to get to know in the future. We are going to use it to prepare our systems perform a debian-style system update. Launch Fastrack (K / Backtrack / Penetration / FastTrack) and have FastTrack update itself. After it updates, you will need to exit and relaunch. Next navigate to the "Fast-Track Updates / Installation Menu / Install Slapt -Get / Install Sapt-Get". After Slapt-get is finished installing, navigate the same path and choose the other option; "Update SlackWare (slapt-get --update -upgrade --ignore-excludes". This will take awhile, but it is downloading, compiling, and installing updated system software. Once this is done, you need to "Install Everything" in FastTrack by going to "Fast-Track Updates / Installation Menu / Install Everything" Once that is done, you need to "Update Everything" in FastTrack by going to "Fast-Track Updates / Update Everything"

Once this is done, you can exit FastTrack.

Fix Kismet Open a terminal window and edit /usr/local/etc/kismet.conf nano /usr/local/etc/kismet.conf

(you can use whatever editor you want: vi, kwrite, etc) Find the line: source=none,none,addone and replace it with: source=madwifi_g,wifi0,madwifi Save kismet.conf (ctrl+x in nano). You will now need to start kismet from the terminal (rather than the K / Backtrack menu) by typing: kismet

Fix Shutdown Bug Some people report that when they shutdown Backtrack, the screen goes blank, but the power light remains on. If you are having this problem, then try the following: Using your favorite editor, add this line to /etc/rc.d/rc.6 modprobe -r snd_hda_intel just before the line: echo "Unmounting local file systems."

Additional Notes To put your card into monitor mode, open a terminal window and type:

airmon-ng stop ath0;airmon-ng start wifi0

That will create a new madwifi interface (ath0) in monitor mode. In order to take your card out of monitor mode, and place it back into managed mode (in order to join a wifi access point) airmon-ng stop ath0 wlanconfig ath create wlandev wifi0 ifconfig ath0 up

Thanks to all the Remote-Exploit guys for a great distro, & Pureh@te, eovnu87435ds, & others for the updates to original article. Last Updated ( Monday, 09 February 2009 )