Backtrack penetration testing notes

BackTrack -- Have you hugged your firewall today?

Procedures for Running BackTrack From a USB Drive

Note: This page is correct for the Beta releases of BackTrack2. If you would like to install BackTrack2 Final to USB or install Backtrack3 to USB, please see this page.

14 December 2007 -- Hopefully this page will be useless in the very near future! Today released a public beta of Backtrack3 designed for USB booting. We haven't tried it yet but hopefully it will obviate the need for everything on this page. Stay tuned....

BackTrack is the successor to Auditor and is distributed by Both are Linux distributions that come packaged with security tools including network analyzers, password crackers, wireless tools and fuzzers. The moral and ethical implications of such a distribution are not up for debate here. We assume you have good reason to use such a distribution and will leave the arguments for another forum. We should note that, as far as we can tell, Auditor is no longer available because Auditor and Whax was morphed into Backtrack. There are other security distributions out there such as Nubuntu.

By the way, the community tends to use BackTrack, Backtrack, BackTrack2, BackTrack|2, Back|Track2 and other nomenclature interchangeably. For clarity, we will use BackTrack here.

Traditionally BackTrack boots from a CD. What Linux folks call a "Live CD". This is extremely handy in that it leaves your hard drive (and any installed software/OS) completely untouched yet allows you to use your hardware (processor, wireless cards, Ethernet cards, video, USB ports etc.) with a fully functional OS. In the case of BackTrack, this OS is a variant of SLAX Linux. You can install BackTrack to a hard drive if you so choose. Then it operates just like any other hard drive-based OS.

There are several minor annoyances with a Live CD. Many of the items below only apply to laptop configurations but that is usually the most common configuration for someone running a security CD, especially with the proliferation of 802.11 networks. In no particular order:

So what other options are there? Assuming you don't actually want to install the Live CD to your hard drive (or mess with a dual boot configuration) you currently only have a couple options. Again, this focuses mainly on the laptop user. You could get a second hard drive, install to that and swap out hard drives as required. Nowadays this is a fairly cost effective solution but it might not be that convenient depending on your laptop. Usually swapping drives involves several screws, a fragile connector and a carrier that is specific to the make/model of laptop.

A much more convenient and cheaper alternative is to boot the Live CD from a USB memory stick. Call it a thumb drive, memory stick, USB stick, USB flash drive.... whatever. They are very cheap (as I write this you can get a 1 GB stick for around $10 USD) and are quite portable. This means that you can use the stick in any machine -- laptop or desktop -- that supports booting from USB.

Obviously this option requires a BIOS that will boot from USB. We will leave that as an exercise to the reader. If you've read this far, we assume you know what this means!

I don't claim to be a genius. However, I have tried using the onboard installer in Backtrack to install it to a USB stick: 'It no worky.' I have successfully installed to a hard drive with no issues. A USB stick, at least with my laptop/hardware/stick, is a different animal. I know some people have had success installing to flash drive this way. I tried several different angles with this and my laptop did not like it. I suspect it was a boot-loader issue.

I tried several different attacks at getting the distro to boot from a USB stick. So let's cut to the chase. Here is what I did to get it working. After google-ing around, I've found several other people that have used close variations of this method and some really oddball methods that I didn't seem to need. I make no guarantees this will work for your application. I don't know why this is not a one-click task from the BackTrack Live CD. It is with some other Live CD distros. Apparently people are quite happy to use CDs for running the OS. I'm a USB flash person. If the steps below seem like a lot of work to you, I suggest you lobby the folks to make this process easier in the next release.

One final note. You might take a look at They have lots of neat ideas and even some custom installers there.

-=- Disclaimer -=-

This is a fast hack. I make no claims that there are not easier or better ways to accomplish this. I welcome corrections or comments. It worked for me. Your mileage may vary.

Choose Your Weapon -- Picking the Right USB Flash Drive

A 1GB USB flash drive works fine for this. You can't go smaller without major hacking on the CD distribution. I suppose if you worked hard enough you could cram it into a 512K stick but what's the point? I don't see a need to go bigger. I use a 1 GB stick and have plenty of room for saving changes and storing things like Kismet dumps.

Any brand and model you like will work fine. I won't go into the (often pedantic) arguments about access speed, maximum write cycles and whatnot. Whatever makes you happy.

Preparing the Stick

Get ready. This is tricky.

Step 1. Remove the packaging from the USB Flash Drive.

Whew! Glad that's over.

Seriously. Most USB flash drives come formatted as FAT which is fine. I usually reformat mine to FAT32. Do NOT format them as NTFS. I also suggest you not format them in one of the Linux variants such as EXT2 or EXT3. There is no need and it will limit your ability to work with the stick on a Windows or Macintosh box.

If the stick has some form of management or encryption software on it when it comes from the factory (e.g. U3) delete it. Don't give it a second thought. Delete it.

You should be able to use Windows XP to format these smaller devices as FAT32. XP won't let you format a larger drive as anything other than NTFS but a 1 GB stick should not be a problem. If you have a linux box handy, I really recommend gparted which allows you to do much more than just format. And it's available as a Live CD!

In the future I might add some more details in here about formatting. However, since this should be a quick job (if it's required at all) even on a Windows box, I'll move on for now.

Loading and Configuring The Files

Note: This page is correct for the Beta releases of BackTrack2. If you would like to use BackTrack2 Final, please see this page.

BackTrack is distributed as a ISO-9660 filesystem image. There are lots of ways to extract the files out of the image. Again, I trust that you can manage this however you'd like. I just burn it to a CD-RW but you can mount loopback devices or use your favorite piece of software to manipulate the .iso file directly.

1. Once you have all the files out of the .iso image, simply copy all files and directories to the flash drive. From this point forward, all references will be to the files on the USB flash drive, not the CD or the .iso file. You can remove the Live CD if you were copying files off it directly.

2. Copy all the files out of the boot directory into the root (top level) directory of the flash drive. COPY (NOT MOVE) THESE FILES. LEAVE THE ORIGINAL FILES IN THE boot DIRECTORY.

3. Go into the /tools/WIN directory and locate the file named syslinux.exe. Move it to the root directory of the flash drive.

4. Look in the root directory for the file isolinux.cfg. Rename it to syslinux.cfg

5. Use your favorite text editor and open the file you just changed, syslinux.cfg. Remove all boot/ directory references in the file. So...

      kernel boot/vmlinuz becomes kernel vmlinuz


      initrd=boot/initrd.gz becomes initrd=initrd.gz

Basically anywhere you see the text boot/ within this file, just remove it.

6. If you have not done the previous steps on a Windows machine, mount the flash drive on a Windows machine now. Note which drive letter Windows assigns to the flash drive (e.g. D: or E:).

7. Shell out to a DOS prompt on the Windows machine. The easiest way is click Start/Run and enter CMD

8. Change directory to the flash drive. This should put you in the root of D: or E: or whatever the drive letter was in Step 6.

9. Execute the syslinux.exe file with the drive letter from Step 6 appended to it. Example, assuming the flash drive was mounted as drive E: you would execute

      E:\>syslinux.exe e:

10. Safely dismount the USB flash drive. You're done. Just make sure the BIOS on your target system is set to boot from the USB device.


  1. Saving configs in the November Beta appears to break things. I didn't have this problem with the October Beta. As documentation is scarce, I don't know what would have caused this problem or if it is a problem specific to me. This would be your file. In my case, my Wireshark stopped working due to something that changed between the two versions.
  2. Would someone please fix the backspace in the BackTrack Vi editor? Please? Editing is just about impossible and I noticed it wasn't fixed in the November beta. I don't know if this is a keyboard mapping issue or what but I've seen it on several different machines.

Copyright 2007

Vectors at