58 - Trinity Rescue Kit - boot from USB
Unique hits
The Trinity Rescue Kit is a bootable live CD that can be used to disinfect a system. It can also start a SAMBA server to allow you to pull files off of the system you boot from across the network.
Here are some of the features:
-easily reset windows passwords with the improved winpass tool
-simple and easy menu interface
-5 different virus scan products integrated in a single uniform commandline with online update capability
-full ntfs write support thanks to ntfs-3g
-winclean, a utility that cleans up all sorts of unnecessary temporary files on your computer.
-clone computers over the network via multicast.
-wide range of hardware support (kernel 2.6.35 )
-contributed backup utility called "pi", to automate local machine backups
-easy script to find and mount all local filesystems
-self update capability to include and update all virusscanners + local changes you made to TRK.
-full proxyserver support.
-run a samba fileserver (windows like filesharing)
-run a ssh server
-recovery and undeletion of files with utilities and procedures
-recovery of lost partitions
-evacuation of dying disks
-full read/write and rpm support
-UTF-8 international character support (select keyboard language from the scrollable textmenu at startup)
-2 rootkit detection utilities
-most software updated to recent versions
-literally thousands of changes and bugfixes since version 3.3
-elaborated documentation, including manpages for all commands (also TRK 's own)
Here is how to add it to your grub4dos USB drive.
1. If you don't already have one, prepare a grub4dos bootable USB drive using RMPrepUSB. Make sure you choose FAT32 as this is the most compatible for linux OS's (and for DOS) and use the Install grub4dos button on RMPrepUSB to install a recent version of grub4dos (older versions may not work!).
2. Download the v3.4 ISO file from the TRK website download page (I used build 372)
3. Mount the ISO file using ImDisk or CloneDrive or any other ISO mounting utility
4. Copy the whole \trk3 folder to your USB drive
5. Copy these three files from the root of the mounted ISO file volume to the USB drive's \trk3 folder
initrd.trk
kernel.trk
memtest.x86
6. Create a file on the USB drive called \trk3\menu.lst and cut and paste the text below into it and save the file (check the extension is .lst and not .txt!):
echo PLEASE CHECK THIS DRIVE'S VOLUME LABEL = %VOL% (or you will get an error!)
debug -1
pause --wait=4
debug 1
title 0 : Run Trinity Rescue Kit 3.4 (default mode, with text menu)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 1 : TRK 3.4 in failsafe mode (No menu, VGA, noacpi, noapic)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose acpi=off noapic pci=conf1 vga=1 vollabel=%VOL%
initrd /trk3/initrd.trk
title 2 : TRK 3.4 running from RAM (best >= 512mb, 256mb min)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 trkinmem trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 3 : TRK 3.4 - Run 'mclone' in client mode (!)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 mclone vollabel=%VOL%
initrd /trk3/initrd.trk
title 4 : TRK 3.4 in simple VGA mode (debugging of kernel output)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=1 pci=conf1 splash=off trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 5 : TRK 3.4 with Belgian keyboard (use menu for other)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 keyb_be trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 6 : TRK 3.4 - Virus scan all drives (Clamav, non interactive)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 virusscan vollabel=%VOL%
initrd /trk3/initrd.trk
title 7 : TRK 3.4 - Try more pcmcia and usb nics (when not detected)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 pcmcia trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 8 : TRK 3.4 - Try more SCSI drivers (when disks not detected)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 scsidrv trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 9 : TRK 3.4 with a secure shell server enabled
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 sshd vollabel=%VOL%
initrd /trk3/initrd.trk
title 10: TRK 3.4 - Execute local scripts on harddrive of PC
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 locscr vollabel=%VOL%
initrd /trk3/initrd.trk
title 11: TRK 3.4 as bootserver to boot other TRK clients
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 trkbootnet trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 12: TRK 3.4 - Fileshare all drives as guest, no security
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 smbguest trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 13: TRK 3.4 - Single user mode (no menu)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 runlevel 1 vollabel=%VOL%
initrd /trk3/initrd.trk
title 14: TRK 3.4 - Acpi=off, noapic PCI=bios (Alternate boot 1)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose acpi=off noapic pci=bios trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 15: TRK 3.4 - Acpi=off, noapic PCI=any (Alternate boot 2)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose acpi=off noapic trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 16: TRK 3.4 - PCI=conf2 (Alternate boot 3)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf2 trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 17: TRK 3.4 - Verbose startup for debugging (no menu)
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 debugging vollabel=%VOL%
initrd /trk3/initrd.trk
title 18: TRK 3.4 - SSH, boot- and guest fileserver, run from RAM
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 sshd trkinmem smbguest trkbootnet trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 19: TRK 3.4 - Run from RAM, run mclone as client
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 trkinmem mclone vollabel=%VOL%
initrd /trk3/initrd.trk
title 20: TRK 3.4 with proxyserver support enabled
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 proxy trkmenu vollabel=%VOL%
initrd /trk3/initrd.trk
title 21: TRK 3.4 - All devices set to read-only
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 allro vollabel=%VOL%
initrd /trk3/initrd.trk
title 22: Memory tester: Memtest86+ v1.65
kernel /trk3/memtest.x86
7. Now add the lines below into a new file on the root of the USB drive called \menu.lst (or add to your existing menu.lst file if you already have one on the USB drive):
title Trinity Rescue v3.4
# You must set the drive volume label on the next line
set VOL=RMPREPUSB
configfile /trk3/menu.lst
8. Finally, change the word highlighted in the menu.lst file so that the volume label of your own USB drive is used instead and save the file (i.e. replace the text RMPREPUSB with your own USB drive's volume label).
WARNING: The volume label is case sensitive - used the same case letters! For instance, if in My Computer the USB drive is listed as MYUSB then edit the line to say set VOL=MYUSB using uppercase letters.
Note: You can get the volume label directly from the USB volume like this:
# get first character of the current volume label as VOL variable - the number 30704 will be different for each drive you make! See Tutorial 86 for the details on how to get magic number!
# this will only work if the volume label is the first entry in the sector.
cat --length=1 (hd0)30704+1 | set VOL=
9. You can now try booting from your USB drive to see if it works (or try running using QEMU first to check it works - just press F11 in RMPrepUSB to try it).
If the boot stops at the highlighted text, check the volume name is set correctly!
This is the menu from the \trk3\menu.lst file.
Booting Trinity from an NTFS USB grub4dos drive
TRK3 does not boot correctly from an NTFS drive and the partnew iso technique also does not work. You can however make a FAT16 image and mount that using partnew as follows:
IMPORTANT: the fourth partition entry on the NTFS multiboot drive should be unused.
1. Use a spare USB flash drive
2. Use RMPrepUSB to format it as a 150MB FAT16 stick - set the VOLUME LABEL=TRK3
3. Copy the \trk3 folder from the ISO to the USB stick (\trk3 folder must be on the FAT16 USB drive)
4. Insert your NTFS multiboot drive into another USB port
5. In RMPrepUSB, select the FAT16 USB drive - click Drive->File, choose TRK3P1.IMG on the NTFS drive as destination file, choose P1 for the start, P1 for length, 0 for file start byte
This makes an image file of the FAT16 partition on the NTFS drive.
6. Add the following menu to your NTSF menu.lst file
title 0 : Run Trinity Rescue Kit 3.4 (default mode, with text menu)
#enable parttype output
debug 1
# check and then make empty table entry in 4th position in ptn table
parttype (hd0,3) | set check=
debug off
set check=%check:~-5,4%
if "%check%"=="0x00" partnew (hd0,3) 0 0 0
if not "%check%"=="0x00" echo WARNING: PTN TABLE 4 IS ALREADY IN USE! && pause && configfile /menu.lst
debug 1
partnew (hd0,3) 0x0 /TRK3P1.IMG
kernel /trk3/kernel.trk ramdisk_size=65536 root=/dev/ram0 vga=788 splash=verbose pci=conf1 trkmenu vollabel=TRK3
initrd /trk3/initrd.trk
7. There should also be a \trk3 folder on the NTFS drive which has the kernel.trk and initrd.trk files in it (as described above). The volume label of the NTFS drive does not matter and does not need to be changed.
USB DRIVE CONTENTS
==================
\menu.lst
\grldr
\TRK3P1.img
\trk3\kernel.trk
\trk3\initrd.trk