Tag: yumi

zitstif-multibootmbr-usb-yumi-2.0.0.9-2017-07-11-19-img (zitUSB)

by on Jul.15, 2017, under Posts

Today I present to you a very useful tool that I would like to share with you. If you work in information technology or dabble around with it, this tool may be of great use to you. Inspired by http://www.hackfromacave.net/katana/, I have made my own multi-booting USB flash drive. This is not a replacement for Katana but just merely an alternative. I present to you: zitstif-multibootmbr-usb-yumi or zitUSB for short (URL to download is toward the bottom of the post).

This flash drive image not only has multiple distros on it, but has an array of useful tools for any ‘hacker’, computer enthusiast, network admin, technician, etc. Here is the root of the flash drive:

For those of you willing to look at the `tree` of this drive, here you go: http://zitstif.no-ip.org/usb/tree.txt

Here’s a list of the distros/bootable OSes:

For clarification: WDO is Windows Defender Offline, kav_rescue is kaspersky AV live CD, the Windows 7 Home Premium is basically any version of Windows 7 (via a method like this),  and there’s multiple versions of Clonezilla because I have ran into compatibility issues with certain systems.

TAKE NOTE THAT YUMI-2.0.0.9 IS ON THE ROOT OF THE DRIVE, USE THIS VERSION FOR ADDING OR REMOVING DISTROS! IF YOU USE ANY VERSION DIFFERENT TO ADD OR REMOVE DISTROS, YOU WILL POTENTIALLY MAKE YOUR FLASH DRIVE UNBOOTABLE!

I made an image of my flash drive using clone-zilla-2.4.2-61-i686-pae, however that version or any newer version should work in creating your flash drive.

A quick side note: I was able to boot off of this drive using a Macbook (13-inch, Late 2009). I first had to use Plop and then told the Macbook to boot off of USB. However, in the Yumi menu, the keyboard did not work and I had to use an external keyboard.

Requirements:

  • 1 Flash drive that is 32GB of larger
  • A computer with working USB ports
  • clone-zilla-2.4.2-61-i686-pae or newer and know-how for using clonezilla to restore an image (look here if needed)
  • patience to download an 18GB file
  • To use: a computer that supports CSM or legacy mode, system must also be x86 or x64, ARM is NOT SUPPORTED

Hashes:

zitstif-multibootmbr-usb-yumi-2.0.0.9-2017-07-11-19-img.rar
MD5: 0988fb81652742a595748ac723c8a787
SHA-1: 8adeb884baeff97a5c09721ae64ff6a5d88a96df

RAR content hashes (MD5):

ffe3d783099ca73716e2b640bfd831e7 blkdev.list

40bab056938e4c10321a605a093b32a6 blkid.list

e78a6e82dfbcd592ec3f3cac3845a734 dev-fs.list

ff0a4ce532aa9be376f4e49bc35fe572 sdd-pt.sf

d9aecb1e6f8b6be75219b313998ec8e0 sdd-chs.sf

890485aa018405d04fadcd3a51d71fd4 sdd-pt.parted

0989aa9d66fe2fbade298f8c6f1236db sdd-pt.parted.compact

ed356b009be474fef10efc60939de511 sdd-hidden-data-after-mbr

e2dbab6ba17e25d3ff12a179da13732e sdd-mbr

f0873661b3057fc74d65acaaf063ac64 sdd1.vfat-ptcl-img.gz.aa

b0bcbb15f49c38e2deaf9087bc2da5b0 sdd1.vfat-ptcl-img.gz.ab

0ebfd956346a0c1c6d72a1d385ef3b7a sdd1.vfat-ptcl-img.gz.ac

009174f7ddcc057f49e9dfc54da58d91 sdd1.vfat-ptcl-img.gz.ad

b303b75755c0815bbdcc69cb09540dfd sdd1.vfat-ptcl-img.gz.ae

7a466b46e75d7f2e58580a937b9fff74 info-lshw.txt

8eab9cdcaa09d256b20084b2e8839e15 info-dmi.txt

bdf55074c4e8720d2fa7c0a3bca7909b info-lspci.txt

4501bf778509426fba474f19fa0d0cf4 info-packages.txt

85396fcb9cb6ae3247dfdf0c34242ae4 parts

b1e4a422a5f04875f35577bf8856d688 disk

db0a67b885cff5a95ec3d745b0b33294 info-saved-by-cmd.txt

c5c44e45b2eed964753fbb6060caba23 clonezilla-img

Download:

File is hosted on Google Drive and MEGA.NZ. The URLs are available in a TXT file: http://zitstif.no-ip.org/usb/url.txt

sha1sum 654fc8f2d47ac3c4b8e31103ef819222f910a87e url.txt

Feel free to leave any feedback.

#8/3/2017 Due to limitations of MEGA.NZ, I have the file also hosted on Google Drive.

#7/22/2017 Currently trying to find another hoster outside of MEGA.NZ because MEGA.NZ limits how much you download at a time. (After downloading about 5GB, you have to wait about 5 hours until you can download more or you have to pay for a premium account. I’m currently looking into archive.org but I’m running into issues.) 

 

Leave a Comment :, , , , , , , , , , , , , , more...

Stuff to throw in your C:\Windows\System32 directory and %PATH% variable

by on Feb.27, 2015, under Posts

Ah… WINKEY+R and cmd.exe, two awesome means of launching programs and commands within a Windows environment. In my humble opinion, WINKEY+R is probably one of the best keyboard shortcuts to know,  especially if you work in the tech industry. I mention this because I find myself using this keyboard shortcut a lot and it’s nice just to call out the name of a program rather than hunting around for it in a GUI. Need to see trace route for google.com? WINKEY+R then tracert www.google.com. Need to do a force shutdown? WINKEY+R then shutdown -s -t 0 -f . The list goes on but today we will be adding to this list because we all know that there are a myriad of utilities out there that don’t come with Windows installations by default and it’s nice to have them sitting in your System32 directory or in your %PATH% variable to quickly execute. I will warn you that some of the utilities I will recommend may make it easier for your system to be used as a pivot point if your system gets compromised. Additionally some of these tools may be detected as ‘viruses’ by anti-virus programs. Lastly, this article isn’t a comprehensive list of ALL the utilities that could be added or desired. It’s merely a means of getting you started. With that being said, let’s continue.

Cygwin:

For those of you who want to give your Windows system more a UNIX/Linux feel, I strongly recommend installing Cygwin and customizing your install to have all the Unix based goodies that your little heart desires. Once you’ve done this, add the /bin/ directory to your %PATH% variable. Now you can use egrep instead of findstr. Also you can now use wget, curl, ssh utilities suite, netcat, perl and other powerful scripting languages from cmd.exe! (Provided you have selected to install these during the customization part of your Cygwin install.)

https://www.cygwin.com/

Sysinternals Tools:

Mark Russinovich deserves a medal of some sort. Practically every tool he makes for Windows is a must have if you work on Windows systems. So feel free to download and copy all of these .exe files to your System32 directory:

https://technet.microsoft.com/en-us/sysinternals/bb842062.aspx

I personally use autoruns.exe all the time as a much greater alternative to msconfig and hijackthis.

Putty software suite:

If you forgot to install the ssh utilities under Cygwin, don’t worry and put these in your System32 directory:

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html


Other useful tools to have:

Here’s a list of some other tools that are very useful to have in your System32 directory:

Bluescreenview – great utility for getting information on BSODs

coretemp – (pretty self explanatory)

cpuz– very useful tool for getting information about your CPU, Motherboard, and RAM

fciv – Microsoft’s hash checksum utility

gpuz – like cpuz but for graphics cards

p95 –useful tool to benchmark your system

rufus -Create bootable USB drives with picky distros (not all work with YUMI)

Speccy -great alternative to msinfo32 that is better in some departments

usbdeview -useful for getting information about usb devices that have been plugged into your system

vncviewer

YUMI – create multi linux distro and OS bootable flash drives (see: http://zitstif.no-ip.org/?p=973 )

Of course this list isn’t complete but I strongly feel that this is a good start. If you feel inclined to suggest some tools/utilities to add to the list feel free to leave a comment or send me an email.

Leave a Comment :, , , , , , , , , , , , , , , , , , , more...

Creating Your Own USB Katana Sword

by on Sep.20, 2014, under Posts

JP Dunning (https://twitter.com/r0wnin) is the creator of the Katana: Portable Multi-Boot Security Suite. Upon visiting www.hackfromacave.com, it appears that this projects have come to a halt. It is true that you can still obtain the Katana toolkit via torrents (http://securityiskey.blogspot.com/2012/08/katana-3-beta-torrent.html for those are interested). However, I can’t recommend downloading this toolkit as of now because a lot the Linux distributions within the Katana toolkit have been superseded by newer distributions. Another issue with Katana is that it’s kind of a pain to customize and add and remove distributions.

With that being said, this post’s objective is to inform those who how to create a multi-booting USB flash drive toolkit that is easily customizable for end user’s specific needs. For this we will be heavily relying on YUMI (http://www.pendrivelinux.com/yumi-multiboot-usb-creator/). Using YUMI is pretty straight forward and I don’t believe there is a strong need for myself to create a tutorial (https://www.google.com/#q=YUMI+tutorial).

To create our “Home Made Katana”, you will need:

-Time
-32GB Flash drive (smaller may work but I recommend 32GB or larger)
-YUMI ( http://www.pendrivelinux.com/yumi-multiboot-usb-creator/ )
-HomeMadeKatana.zip ( https://ia601401.us.archive.org/15/items/HomeMadeKatana/HomeMadeKatana.zip )

HomeMadeKatana.zip file hash
MD5: dc5b97133c9e6ca9a848b26b234f2210
SHA-1: 8a13ce78c380a05f60602a40790bf77021d52de9

NOTE: TOOLS IN THIS ARCHIVE WILL SET OFF AV SYSTEMS

The root directory of this zip file contains:

Disk Investigator
HxD
KatanaToolKit.exe
odbg201
PortableApps
Speccy
SysinternalsSuite
windows-binaries-from-Kali
zittools

I pulled the PortableApps directory and the KatanaToolKit.exe from the Katana:
Portable Multi-Boot Security Suite. I meant to add herdProtect portable scanner but forgot to. Feel free to add this if you want: http://www.herdprotect.com/installers/herdProtectScan_Portable.exe .

To create our “Home Made Katana”, do as follows:

1.) Backup any data you want on your flash drive
2.) Wipe the flash drive
3.) Download YUMI
4.) I recommend the following distributions/bootable tools:

Caine
Clonezilla (Backup + Clone Tool)
DBAN
Deft (Forensics)
GParted
Hiren’s Boot CD
Kali
Kon-Boot Floppy Image
Mint Linux
Offline NT Password & Registry Editor
Ophcrack Vista/7
Ophcrack XP
Tails
Ultimate Boot CD
Windows 7
Windows 8
Windows Defender Offline

5.) Download and extract HomeMadeKatana.zip to the root of the flash drive.

You may ask yourself why would I recommend putting Windows 8 on your flash drive? I recommend this because newer systems are now using UEFI and a lot of systems are shipping without optical drives. For instance if you need to reset a Windows 8 local account password ( http://pcsupport.about.com/od/windows-8/a/reset-password-windows-8.htm ), having Windows 8 on your “Home Made Katana” would be of great use.

An additional note that should be taken into consideration when dealing with newer UEFI computers. To boot into Linux distros or even to boot from USB or optical drives with software that doesn’t necessarily support secure booting you will need to turn the secure boot option off and/or enable legacy booting and/or enable compatibility support module (CSM).

In retrospect, what we have done is create a mutlibootable and powerful flash drive with utilities for penetration testers, IT gurus and network administrators. In addition, I would also recommend getting a USB Rubber Ducky (https://hakshop.myshopify.com/collections/usb-rubber-ducky) especially if you’re into penetration testing. If you have any questions, comments or input feel free to post a comment below.

Leave a Comment :, , , , , , , , , , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!