FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Home  »  Linux  »  Install multiple OS Without Cds

by 10 comments


Orig published 2006. If you are looking for a current solution I would recommend: Pendrivelinux.com, Ultra Boot CD, Linux Live USB Creator, or my personal favorite UNetbootin
unetbootin screenshot

I had a CD-RW drive but being a computer security researcher I had no desire to spend money for blank cd-recordables. What follows is how I managed to install various operating systems on my computer (1 hard drive) without having to burn to a CD the ISO and then boot from that.

The original reason I wrote this article was just to expand my knowledge of network/computer security on unix/BSD/linux operating systems. The plan was to create a multi-OS pc that I could boot into 1 of several OS's, then from another PC I would attempt to hack into the computer.. mostly just scanning to get baselines and get a feel for the differences. I figured the best way to do that would be to have a multi-boot system. Unfortunately for me I didn't have any blank CDs to record ISO's on, and I also didn't have a floppy 3.5 disk. So that is how my journey into this subject-matter started.


Summary

  1. Download the iso file
  2. Mount the iso file as a loop back device on a temporary directory /mnt/cdrom
  3. Save the content of /mnt/cdrom, which has the distro expanded in a recognisible form, into a temporary directory. (using dd to "burn" the iso to HD instead of CD)
  4. Reboot and use Grub, sourced from any other Linux, to boot up the kernal and initrd files of this temporary directory, thereby activate its installer if it has one or to conduct the installation from the fire-up GUI.

NOTE: Please keep in mind that there are many different ways to achieve this same result using various loop and ramdisk methods... this is ongoing for me so any help would be appreciated!

Download the iso file

I have been into the computer security scene since 1990, but I realized that I had very little experience with the various LInux, Unix, and alternative Operating systems out there. I first partitioned my 120GB harddrive into 10 partitions, the 2nd partition is a small swap and the last partition is extra large because it holds all the ISO images.. I then wrote a small shell script to automatically download (I love wget, but curl most!) the following.

  • OpenBSD
  • IpCOP
  • Libranet
  • Arch-Linux
  • Fire
  • Local Area Security
  • Packet Master
  • Devil-Linux
  • FreeBSD
  • Knoppix
  • Helix
  • Gentoo
  • Yoper-Linux
  • NetBSD
  • RedHat
  • Slackware

The script also downloaded Installation manuals and md5 checksums.. (let me know if I should post... its pretty unsophisticated ;)

I installed Slackware (personal favorite) on hda1 using my last blank CD-R, note that I do not have a separate boot partion. (Should I?). I also installed grub on the MBR. I love grub, if you read through the man pages and all info you can find about grub, you can learn a whole lot. Grub has much more features and capability than lilo, even though lilo comes installed by default with slack.

I organize my kernel situation as follows... In my /boot directory, I mkdir KERNEL, CONFIG, MAP, INITRD and that is a good way for me to keep my kernels and everything organized.. Another good way is a separate dir for each new kernel.

Since Arch-Linux is a solid distro, my personal favorite, I'll use that as a first example.

Here is the Arch-Linux section of my shell script

goge Arch-Linux
$w http://puzzle.dl.sourceforge.net/sourceforge/archlinux/arch-0.6.iso
$w http://unc.dl.sourceforge.net/sourceforge/archlinux/arch-0.6.md5sum
$w http://www.archlinux.org/docs/en/guide/install/arch-install-guide.html
md55
cat arch-0.6.md5sum
md5sum arch-0.6.iso
md55

Mount the iso file

The first thing to do is to mount the downloaded ISO image so we can use it as if it were an actual CD.

mount -t iso9660 -o ro,loop=/dev/loop0 cdimage /mnt/cdrom

Where cdimage= the ISO image. EX: /usr/local/src/ISO/Linux/Arch-Linux/arch-0.6.iso

This mounts the iso as /mnt/cdrom.

Next you need to copy /mnt/cdrom to a separate partition for the booting process. So mkfs.ext2 /dev/hda9. ( I prefer reiserfs or even XFS to ext but if you use something other than ext2 you could run into some problems because some of the installation kernels and initrds don't include support for reiserfs and so can't recognize the files. Although you could use mkinitrd to create a new initrd with reiserfs support, that might be pushin it IMO... ;) I use the 9th partition consistently for this. I know there is a "right" way to copy the /mnt/cdrom files so everything stays the way it is supposed too, using tar or cpio, but I'm lazy so I just do cp -rp.

(What is the tar or cpio commands to copy with correct permissions etc??)

So you mount the 9th partition as whatever, say /mnt/hd and then copy the files. Now what?

Reboot and use Grub

Now edit your /boot/grub/menu.lst file to include the specific options to boot arch-linux installation.

A good idea is to find the isolinux.cfg file somewhere on the distro cd, this will tell you what to include in the menu.lst. Here is the section in my menu.lst

title Arch Install
  root (hd0,8)
  kernel /isolinux/vmlinuz load_ramdisk=1 prompt_ramdisk=0 root=/dev/rd/0
  initrd=/isolinux/initrd.img

This should be self-explanatory. The root (hd0,8) is pointing to partition 9. So the rest of the commands start from partition 9.

When you experience problems, remember you can always edit the grub boot options by typing 'e' and then edit the section. Also, a good idea is to include several variations in your menu.lst so you can easily try other ways to boot efficiently. And, remember to read up on all the installation guides that come with your distro, specifically, hard-disk installs.

There are special cases, Gentoo, has a semi-new compressed filesystem called squashfs. BTW, this is AWESOME, so check it out. It has to be compiled into the kernel, so some work is in order, but use this recompile to optimize your kernel. You can get the squashfs patch for almost any kernel. I use the latest stable 2.6 kernel. Squashfs is incredible and although I don't think you need it to install from ISO, you do need it to expand the livecd.squashfs filesystem that comes with the cd. Heres a sample Gentoo section from my menu.lst

title Gentoo Install
  root (hd0,8)
  kernel /isolinux/gentoo root=/dev/ram0
  initrd=/isolinux/gentoo.igz init=/linuxrc acpi=off looptype=squashfs loop=/livecd.squashfs cdroot vga=791 splash=silent

A nother' tip is the shell that is provided if you experience problems, typically busybox or ash. The key tools to get you going from here is mount and chroot. Sometimes you will need to manually create a simulated file system and then chroot into it. For instance, you might have to create boot, etc, bin, directories on the target partition.

I generally install each OS onto the next partition (careful of the logical partition) and add it to my menu.lst after install. A good idea is after installation, copy the kernel and initrd(if there is one) to the slackware(or whatever) boot partition on hda1. I copy kernels to /boot/KERNEL/ and initrd's to /boot/INITRD, then menu.lst is more organized...

You then need to add an updated section to your menu.lst (just comment out the install section for later) Here is the finished arch-linux section from menu.lst

title Arch Linux 6
  root (hd0,2)
  kernel /boot/vmlinuz26 ro root=/dev/hdc3

This doesn't use my convenient boot/KERNEL/vmlinuz26 as you can tell by setting the root to partition 3. ***NOTE: Make a backup of MBR using dd and save to floppy, also backup the partition table to floppy, using cfdisk or parted. And boot disks (I use 1 with grub, and 1 with slack, and tomsbootdisk) will invariably come in handy. Tomsbootdisk is recommended, and make the grub boot disk when you install grub. install to floppy.

The final result after some fun experimenting, is when I boot, I have a cool grub boot screen come up with the option to boot into whatever OS I want, this is handy for multiple reasons. One good thing to do after this is to port scan and vuln scan each OS, after you update of course. Write this stuff down and you will know the weaknesses/strengths of the various OS's.

I can boot a custom Firewall, snort, or multiple honeypots using this procedure, as well as a graphical kde environment with a kernel optimized for graphics and my processor/architecture, or an environment devoted to forensics or even an environment suitable for programming.

P.S. Some of the cooler alternative operating systems are BeOS 5, EOS, ER_OS, V2_OS, and my personal favorite Menuet. Menuet is 100% assembly graphical operating system that fits on a floppy. Its money!

This should be a good enough example to get you started, this kind of thing should be learned and not just copied... Knowing how to do this stuff could prove to be exceptionally useful... ;)

I'm currently doing research into the following areas.

  • MBR code, especially passing off control to different addresses.
  • The difference (in code) of the various bootloaders out there... I have around 20 so far.
  • How to use grub with the stage1_5 iso9660 to be able to read iso filesystems.. this leads to the possibility of moving the iso file to a specific area on the hard drive and load the iso file as if it were a device..
  • How to pass control from the boot-loader, to the boot-manager, to the boot-loader on the iso filesystem. This is my #1 goal. Make it look to the iso filesystem that besides the fact that its a file and not a cd, that a previous boot-loader didn't chain-load to it. IOW, that it is a fresh boot that received its control directly from the BIOS. stupid f'in BIOS! How easy it is to boot from a CD-server serving iso files as cd's, on a nearby pc.
  • How to use the ability of boot-loaders to register and load code into memory much like loop devices, to load and register the code for an iso filesystem, in a looping fashion.
  • How to use vmware to install an iso using the "use actual harddisk" method, how to use this on a partition, safely, and how to transfer entire partition images byte by byte.

I am doing a lot of code hacking and if I don't find an easy (for all linux skill levels) solution soon with one of the boot-loaders, I am looking at having to write one myself.. something I REALLY STRONGLY do not want to do. Any suggestions are welcome.

Also, looking at how the pre-root root, that grub loads and then mounts the kernel from it, how can I add the loop option to tthe mount command used. This happens all transparently for th euser, so I know I have to hack it out.. But is it possible to use a looped fs? without a mounted HD? with a mounted HD that the original looped iso is mounted on?

Also looking at using the ramdisk initrd to load some type of custom program that allows me to mount a looped fs on the pre-root, (or root).

Looking at GRUB2 code has helped a lot. I also like the Ranish Partition Manager..

ONCE AND FOR ALL, lilo just can't compare AT ALL to grub or Ranish Partition Manager. I bet people only use it because of the "first love" syndrome. eh?

At any rate, I'm learning a lot, and many of the results I will find I will post here eventually, because they are HUGE lee important for the security community.

A couple months ago, I stumbled across two incredible programs that I have used over and over again in awe. After getting over my greediness of wanting to keep them to myself.. here you go.. enjoy!

The home page for these tools EasyBoot and UltraISO.

Some Uses Ive Explored:

  • Copying all my system CD's and install CD's to my HD.
  • Modifying my XP Restore CD's to be current and streamlined with XP SP2 and include my favorite windows programs.
  • Creating a custom grub boot CD with extra and unique capabilities.
  • Viewing the construction of all major Operating System's Boot Loader Code and related code.

Suggestions for use:

  1. Read the product documentation thoroughl
  2. Get a good hexeditor/viewer
  3. Read a bunch of threads in the forum
  4. Begin use

Phrack #63

Hey the last issue of phrack (#63) has a really relevant article to this topic..

You can check it out at www.phrack.org or download it here and read it at your leisure :)

Phrack Issue About grub hacking

==Phrack Inc.==
 
              Volume 0x0b, Issue 0x3f, Phile #0x0a of 0x14
 
|=-----------------=[ Hacking Grub for fun and profit ]=-----------------=|
|=-----------------------------------------------------------------------=|
|=---------------=[ CoolQ <qufuping@ercist.iscas.ac.cn> ]=---------------=|
|=-----------------------------------------------------------------------=|
 
--[ Contents
 
    0.0 - Trojan/backdoor/rootkit review
 
    1.0 - Boot process with Grub
        1.1 how does Grub work ?
        1.2 stage1
        1.3 stage1.5 & stage2
        1.4 Grub util
 
    2.0 - Possibility to load specified file
 
    3.0 - Hacking techniques
        3.1 how to load file_fake
        3.2 how to locate ext2fs_dir
        3.3 how to hack grub
        3.4 how to make things sneaky
 
    4.0 - Usage
 
    5.0 - Detection
 
    6.0 - At the end
 
    7.0 - Ref
 
    8.0 - hack_grub.tar.gz

If you need to hack the physical security of a computer.. there isnt really a much better way of doing it than what is referenced in the phrack article and in the posts above. There is also the possiblity of breaking the physical security at 1 computer and booting up your custom files.. and then use your custom loaded OS to configure devices network-wide.. using BOOTP/DHCP/tftp/etc. protocols.. A lot of networked printers and devices would rapidly fall to this method... configure the newly captured printers/devices to open a backdoor back into the local network remotely for you automatically, even after your custom OS is unloaded.. with the increase use of wireless devices and PnP devices like USB, protecting the physical security will become much more important in the future.

Ive also noticed that booting a pc could be as easy as a usb key, or using a usb upstream/downstream hub to self-boot, just think of all the memory cards and other proprietary type access points there are..

If I can boot your machine, your security is about none. Scarry.

Sounds like fun

Tags

December 22nd, 2012

Comments Welcome

  • ninad

    Hi

    Can you write partition scheme you used in detail

    Thanks
    Ninad

  • Yohan

    Hi, have you tried on Debian/Ubuntu LiveCD ?? would appreciate if you could assist.

    the error :-
    /bin/sh: can't access tty: job control turned off

    my grub config :-
    kernel /casper/vmlinuz append file=/preseed/ubuntu.seed boot=casper xforcevesa initrd=/casper/initrd.gz ramdisk_size=1048576 root=/dev/ram looptype=squashfs loop=/casper/filesystem.squashfs cdroot=/dev/sda5 quiet splash cpus=2 --
    initrd /casper/initrd.gz

  • Samson

    Hi! Where is actually your explanation of making Multiboot OS because I don't see any but just some of introduction of software.

    I try the using easyboot for multiboot OS but unsuccessfully. I want win98,winXP,VISTA in one DVD, so when I boot the easyboot CD I can choose witch OS I want to install on my hard drive.

    Can you help me please? Your Response would be highly appreciated.

  • Caco

    You mentioned IPCOP.Do you think it's possible to dual boot Gentoo and IPCOP? IPCOP installation erases data on target hard disk and creates its own partitions...Any suggestion?

  • blackbelt_jones

    "Save the content of /mnt/cdrom, which has the distro expanded in a recognisible form, into a temporary directory. (using dd to “burn” the iso to HD instead of CD)"

    This article could use more guidance in the matter of how to use dd here.

  • makfree

    hi!
    repl for Samson:

    try this adress http://www.magiciso.com/tutorials/miso-create-multi-os-cd.htm

    Create Windows 98/ME/NT/2K/XP/2003 all in one installation DVD

  • Mark

    What I'd like to find is a way to setup grub on the MBR of a Compact Flash card so I can have multiple Firewall distributions on one CF card and pick from the grub menu which one to go to. The problem is that most of these firewall distributions like monowall and pfsense are shipped out as a raw 'img' file that you dd to the CF card. Even if they do have a livecd style iso image, that's designed assuming the firewall is going to be alone on the HDD so there's no provision to setup a grub.

  • James

    I have 2 PCS multibooting with IPCOP and Ubuntu.

    hda1  sda1 boot
    hda2  sda2 varlog,
    hda3 sda3-----Extended
    hda4 sda4 ipcop
    hda5 sda5 swap
    hda6 sda6 ubuntu

    when installing ipcop use vmlinuz fdisk when installing from memory ..

  • anon

    >being a struggling computer security researcher I had no money for blank cd-recordables.
    uhh.. i hope you are much older now

  • http://www.askapache.com/ AskApache

    @anon

    Haha! That was just my excuse for being able to justify learning to do this the hard way, which is really what I was after in order to learn a few things and achieve the multi-boot system I wanted. Was it worth the time and energy? Yes and No.

Popular Articles
My Online Tools

Related Articles
Newest Posts
Twitter


  • @askapache · Jul 21
    Magic spells for sending thoughts across time? Books
  • @askapache · Jul 20
    TV is just a relic of the previous generation. We just don't know it yet.
  • @askapache · Jul 20
    I will never go back on my ideals, no matter the cost. I'll never let the economic vultures steal my dreams. I'd rather give up the ghost
  • @askapache · Jul 18
    I don't want a better seat, I want control of the engine
  • @askapache · Jul 14
    No matter how good u r, there will always be someone 2x, 5x, 100x better. This is true for me and everyone. No direction but forward.
  • @askapache · Jul 12
    Heads up, I'll DDoS the f out of askapache next week, to see how resilient it really is :) - will try to overflow disk, net, and ip stack
  • RUN GCC! This is a typical shirt I wear, from the  t.co/46LYbFr4k2  shop. A clerk at the LQ recognized it!  t.co/jjmT0dkCPu 
  • Merlin the Magician  t.co/iMmRbanUi4 
  • ROGUE CODE - Latest novel from @markrussinovich  t.co/apkn0LoPIt 
  • RTFM - surprisingly very helpful and way more comprehensive than it looks! @redteamfieldman #pwnAllTheThings  t.co/xiaJ5g0aC9 
  • Dear Hacker - Letters to the Editor of 2600, from Emmanuel Goldstein  t.co/JCfLab7FAJ 
  • The Mythical Man-Month - Essays on Software Engineering, by Frederick P. Brooks, Jr.  t.co/ilWN5GHElr 
  • "where wizards stay up late" - The Origins of the Internet. Favorite book detailing the birth of the net and IMPs  t.co/gY9VTGJgZz 
  • ZERO DAY - read before Trojan horse  t.co/pPMLGDJv8P 
  • Trojan Horse, a novel!  t.co/Hf8EtYaZVa 
  • The Hacker Playbook - very nice high level overview of attacks  t.co/lHwNVWi61u 
  • Clean Code - A Handbook of Agile Software Craftsmanship  t.co/hnJX0x1qIc 
  • Secrets of the JavaScript Ninja - By my absolute favorite JS hacker John Resig!  t.co/tZ42ljmcCl 
  • Hacking Exposed 7: Network Security Secrets & SolutionsMy all time favorite, basic but thorough and accurate.  t.co/jycW0RDVtZ 
  • Empty words will be no surrogate for cold resolve. Pain is nothing.  t.co/qXjpRxbjCw 

Hacking and Hackers

The use of "hacker" to mean "security breaker" is a confusion on the part of the mass media. We hackers refuse to recognize that meaning, and continue using the word to mean someone who loves to program, someone who enjoys playful cleverness, or the combination of the two. See my article, On Hacking.
-- Richard M. Stallman






[hide]

It's very simple - you read the protocol and write the code. -Bill Joy

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, just credit with a link.
This site is not supported or endorsed by The Apache Software Foundation (ASF). All software and documentation produced by The ASF is licensed. "Apache" is a trademark of The ASF. NCSA HTTPd.
UNIX ® is a registered Trademark of The Open Group. POSIX ® is a registered Trademark of The IEEE.

| Google+ | askapache

Site Map | Contact Webmaster | License and Disclaimer | Terms of Service

↑ TOPMain