Trinity Rescue Kit v 0.4 HOWTO
3. Changing NT/Win2k passwords
-kernel 2.4.17
-bash shell
-18 MB ramdisk
-numerous binaries
-network support (most common network cards supported). Use findnic.sh to try
all modules.
-SCSI support (again, most common adapters are supported, not all because of
size limitations)
-DHCP support. If no DHCP server is available, you can always use garp (see
further)
-mount all possible partitions on every disk on your local computer
(mountallfs.sh). Supported file systems: fat, fat32, ntfs, iso9660, Reiserfs,
ext2, ext3. Modular are samba and nfs
-do automatic virus scanning with f-prot (which first gets you the latest updates if you
have an internet connection over your lan) (virusccan.sh)
-tools to change NT and Win2k passwords and repair NTFS partitions (chntpw and
ntfsfix)
-keyboard support for all languages (defaults to belgian azerty)
-lilo splash screen (not really a feature)
-numerous bug fixes since v0.3
-mountallfs.sh mounts all possible partitions on all possible disks.
The mount points are equal to the device special file, so if you have a
filesystem on /dev/hda1, it will create a directory /hda1 and mount it there.
This script will give you numerous error messages, because there is no way to
know beforehand if a filesystem exists on a partition. I haven 't been able to
pipe it yet to /dev/null (the mount command must use something else than stderr
or stdout). Also beware that Windows 2000 NTFS partitions (NTFS 5) get mounted
as read-only. See further in this document how to mount them read/write.
Verify what is mounted by typing "mount"
-findnic.sh searches for your network card by trying all modules in
/lib/modules/2.4.16/kernel/drivers/net/ . Once more, this is a very verbose
script.
Type "lsmod" and "ifconfig -a" to verify if your card runs.
With shift+pgup you can see what went over your screen (a nice bash feature).
Next, type "dhcpcd eth0" to get an ip-address over your ethernet
If you don 't have a dhcp-server, you can use "garp" to assign
yourself a free ip-address. You will have to manually configure your default
gateway (e.g. route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.5.254) and dns
servers in /etc/resolv.conf
-virusscan.sh uses the free Linux antivirus version of F-prot (from Datafellows). It attempts to get the latest updates at ftp.f-prot.com, unpacks it and scans all local disks. Off course, you first need networking support and local filesystems mounted.
3. Changing NT/Win2k passwords
This is quite tricky, you cannot miss any of these steps or you 'll end up
with a pooched filesystem!
I'm also not responsable for any damage you may suffer from this procedure.
It has worked for me so far, but I can 't give any guarantees. Use it as a last
resort
-After mounting all partitions with "mountallfs.sh", your NTFS partitions will be mounted read-only. To have it mounted read/write, type "mount -o remount,rw /yourntfsmountpoint".
-You need some free space on another non NTFS partition, because editing on
NTFS is very dangerous and it won 't work anyway to make changes to your SAM. You
can create a new ramdisk (default size of 16Mb) by typing "mke2fs
/dev/ram1", make a mount point, say f.i. /ram, "mkdir /ram" and
mount it there "mount /dev/ram1 /ram.
There! A nice ramdisk to copy your files into (you need enough RAM off course)
-Copy your SAM, system and SECURITY file to another filesystem (fat or ext2). These files are located in WINNT/system32/config/
-Go to the dir you just copied your files to
-Type "chntpw SAM system SECURITY" or just "chntpw" to see a help screen
-Follow instructions
-Copy SAM, system and SECURITY back to their original location
-Unmount the ntfs partition
-Very important! Run ntfsfix of the partition you just unmounted! If it was /hda1, do ntfsfix /dev/hda1. Ntfsfix does some repairs like emptying your LOG file and setting the chkdsk flag. Let checkdisk run when you reboot into NT/Win2K
-Your Windows should boot after checkdisk, with the new password in place.
Find version 0.3 and 0.4 of the Trinity Rescue Kit over here The file is about 10 Meg. Write it with any burning software that can write ISOs.
For support questions, please mail to me, Tom Kerremans, trk@telenet.be
5. Development HOWTO
See this separate page
-kernel 2.4.17
-debugged startup scripts
-lots of error messages minimized
-volume name changed to TRK
-lilo splash screen (bootmessage PCX)
-clean up initrd (there is actually some space left now!)
-bigger ramdisk (18Mb, most systems have enough ram left)
-Reiserfs with more internal checking
-keyboard support for all countries. The most common have small scripts (e.g.
for German, just type "de")
-put f-prot in path (/usr/sbin/f-prot)
-virusscan.sh: changed virusscan updater from ftp.f-prot.com
to ftp.frisk.is, which has better response time
and is faster.
-virusscan.sh: fetch both SIGN.DEF and SIGN2.DEF for f-prot (takes a bit longer
to download)
-virusscan.sh: only scan local harddiscs (hd* and sd*) for viruses, no need to
do f.i. /bin
-development howto written (rough version)
Lots of these things are still untested, please send me
bugreports.
-problems on exotic SCSI configurations (sometimes even with ordinary Adaptec
2940 adapters, reference to Han Holl). Stops booting after message "VFS: Mounted root (ext2 filesystem)."
It seems init doesn 't start
-still too much error messages when loading network modules or mounting
filesystems with my scripts(which are otherwise insignificant).
-not all disc controllers are supported due to size limitations
-PCMCIA: forgot to include cardmgr, something I will definitely do for next
version
-scripts are non-interactive and have no options
-development howto kind of messy