First of all, congratulations to BT4 development team, BT4 is the best linux distribution for security.

Do you remember how to customize BT3 with LZM modules??

Well, in BT4 we don’t have LZM modules, this version of BackTrack use squashfs and you need to uncompress ALL BT4 into a temporal directory(15 GB free space), then make any change that you like and compress again to gain a BT4 customized. Could be, you remember how easy was with BT3, when you make a LZM module and add this to the LiveCD.

In this HOW-TO I will teach how to get an approximation similar to BT3. At the final of the HOW-TO I put a videotutorial.

First, the advantages that we get are:

• ·         Install debian/ubuntu/BT4 package.
• ·         You don’t need to uncompress all the LiveCD structure, so you don’t need 15 GB of free space.
• ·         Compress files with an excellent ratio.
• ·         You can install BT4 into a USB drive, make any modification and finally burn a DVD with your BT4 customized
• ·         Conserve changes without other partition. You only need one partition, fat32 or ext2 or ext3.
• ·         You can share your modules (not a complete BT4 with 1.5 GB), and will be 100% functional with other BackTrack 4.
• ·         Install any program even this is not into repositories.
• ·         Make a module with your preferences, i.e. get Firefox plugins installed or modified KDE preferences.

Disadvantages :

• ·         I am not sure if all new package created will work, I supposed yes.
• ·         Other disadvantages??  you can put them in comments.

Well, let’s begin.

First you need to install BT4 into a HDD or USB drive, in LiveCD mode, you choose. I prefer HDD because I think that is faster than the USB (BT3 was faster in HDD), and I prefer USB drive because I get portability. The election is yours, and you don’t need any other partition.

You choose the method to install BT4, but we must be like a LiveCD. I give a method in the videotutorial installing BT4 only with linux commands. I think that is easy, but you choose how to install it. Make sure that your installed BT4 is booting and working well.

Once your BT4 is installed and working well we need the next files:

http://aldorm.net23.net/index.php/downloads/category/6-bt4-modules?download=13%3Ainitrd.gz.loop

http://aldorm.net23.net/index.php/downloads/category/6-bt4-modules?download=14%3Adeb2squashfs-bt4_20100124.squashfs

First copy deb2squashfs-bt4_20100124.squashfs to the casper/ directory into the installed BT4. In the next code my USB drive is mounted on /mnt/sda1

I recommend rename the file filesystem.squashfs; the reason, BT4 read all files contained in casper/ directory in order, like ls command shows the files . Then, if BT4 first read and uncompress deb2squashfs-bt4_20100124.squashfs, could be, when reads and uncompress filesystem.squashfs BT4 will replace some files. May be, with this module will not happen anything, but with your next modules may occur. So:

Actually this is enough to create modules, but BT4 is not designed to read many modules, so you only can use 7 modules in your current BT4 installation. Then we need to replace initrd.gz by initrd.gz.loop into boot/ directory, to get all modules that you want (the real limit is 256, enough for me). If you prefer make a copy of your original initrd.gz

Well, that’s all, now you can create modules and read modules for BT4, but let’s see how to do it:

Boot your “customized” and installed BT4 from your USB (or HDD).

We have new commands:

I am going to explain most commands with an example:

 Create a module from QEMU packages

First we need install vim-full package

We install qemu package because we are going to use all DEB files needed by this package. All DEB files were downloaded into /var/cache/apt/archives/ directory.

Now we are going to convert all those files to a module, a SQUASHFS module. :

If you get a message like a warning, ignore it. This is not a problem.  (The reason: The name of a package contains “:”, I don’t know why this file name is more difficult to process, for example you may create a module from vim-full package)

I suggest create file with the next name:  package-name_bt4_YYYYMMDD.squashfs

We have created our first module!!!

Now just copy to casper/ directory, but BT4 mount the USB drive as read only. So just execute rwcdrom.

rwcdrom    =     mount –o remount,rw /media/cdrom

And how Bugs Bunny  said: That’s all folks

Boot your customized BT4 LiveCD(actually LiveUSB).

Ok, that’s great but what is happen??

All this new commands are scripts that I created, you can view the code and modify it.

All process is summary in the next steps:

• 1.       We  download all DEB files when we install a package from repositories
• 2.       The script create a temporal directory (/tmp/root) that contains a root directory structure
• 3.       The script uncompress all DEB file into the temporal directory
• 4.       The script creates DEB files that only contains configuration scripts
• 5.       The script create a copy of S95aldorm into /etc/init.d and /etc/rcS.d
• 6.       The script creates the squashfs file from temporal directory
• 7.       We copy the created file to BT4 LiveCD structure, into casper directory.
• 8.       When BT4 is initialized, reads and loads all squashfs files in casper/ directory (in order)
• 9.       S95aldorm is executed and installs all DEB files previously created (this files are located in /var/cache/apt/aldorm)
• 10.   BT4 now is running with your modifications

If you are running BT4 with your new module you can see its contain with the next command:

Into this directory you can add/remove/modify any file, for example a virtual machine with some system installed, or a configuration file for qemu.

In this example I will create only a text file.

Now just create the squashfs file from directory. Don’t try to replace the original file at same time that create the squashfs, first create the file and then replace it.

You read all the HOW-TO, but you are not sure?? Probe it, the next module was created from qemu package following this tutorial. Just download an copy this file to casper/ directory.