search

baselsayeh / coldboot-tools

coldboot-tools
24 stars 4 forks source link

Recording to a USB flash drive #3

Closed SeregaEngineer closed 8 months ago

SeregaEngineer commented 8 months ago

Hello. Help me please. I can't create a flash drive, I do the following steps 1) dd if=grldr.mbr of=/dev/sdc conv=notrunc 2) sudo fdisk /dev/sdc 2.1) key n -> default -> +size 100M 2.2) key a -> 1 2.3) n key -> default -> default 2.4) w key

3) sudo mkfs.fat /dev/sdc1 4) sudo mkfs.ntfs /dev/sdc2

5) sudo mount /dev/sdc1 /media 5.1) cd Cold_boot_attack/bios_memimage && sudo cp */media 5.2) sudo umount /media

6) sudo mount /dev/sdc2 /media 6.1) tranсute --size 6000M /media/ram.img 6.2) sudo umount /media

I have tried many options and always get errors like: Error 61: Too many fragments.

Empirically, I found out that the error appears at step: map (hd0,1)/ram.img (hd0)

baselsayeh commented 8 months ago

Hello

Grub4Dos expects the ram image (ram.img) to be contiguous inside the second partition.

Would I suggest is to either

From: SeregaEngineer @.> Sent: Saturday, December 30, 2023 11:34 AM To: baselsayeh/coldboot-tools @.> Cc: Subscribed @.***> Subject: [baselsayeh/coldboot-tools] Recording to a USB flash drive (Issue #3)

Hello. Help me please. I can't create a flash drive, I do the following steps

  1. dd if=grldr.mbr of=/dev/sdc conv=notrunc

  2. sudo fdisk /dev/sdc 2.1) key n -> default -> +size 100M 2.2) key a -> 1 2.3) n key -> default -> default 2.4) w key

  3. sudo mkfs.fat /dev/sdc1

  4. sudo mkfs.ntfs /dev/sdc2

  5. sudo mount /dev/sdc1 /media 5.1) cd Cold_boot_attack/bios_memimage && sudo cp */media 5.2) sudo umount /media

  6. sudo mount /dev/sdc2 /media 6.1) tranсute --size 6000M /media/ram.img 6.2) sudo umount /media

I have tried many options and always get errors like: Error 61: Too many fragments.

— Reply to this email directly, view it on GitHubhttps://github.com/baselsayeh/coldboot-tools/issues/3, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AA2HTCKRLN4LPSGCSXVAALDYL7GYDAVCNFSM6AAAAABBHL5GMSVHI2DSMVQWIX3LMV43ASLTON2WKOZSGA3DANRYGAZDAMY. You are receiving this because you are subscribed to this thread.Message ID: @.***>

SeregaEngineer commented 8 months ago

Thank you very much. After the dump was copied, the entire file system was broken. But I'll try to figure that out