PDA

View Full Version : knoppix|RE


0xf001
May 9th, 2005, 09:38
hi all!

a new linux live CD appeared out of the dust

knoppix|RE is a live linux CD originally based on knoppix 3.7. It is packed with lots of tools
- kernel mode debugger (kdb)
- user mode debugger (gdb, ddd, fenris, ...)
- disassemblers (bastard, lida, ldasm, ...)
- elfsh, ht editor, biev, ltrace, ...

the goal is to pack tools of the trade preconfigured and running onto the CD, so you have a toolbox with you and do not need to compile/install anything to quickly try sthg out etc.

the CD was completely remastered, the brandnew kernel 2.6.11.8 is used and patched for kdb. the CD includes the full kernel and modules sources (!). Also the kernel can deal with
the latest hardware like sata disks (so far the first live CD which supports them afaik ).

current is still pre alpha status.

If you want please download and give it a try. As I am involved in development I would like to get as much feedback as possible, especially if someone has problems booting it etc ...

To follow are a knowledge database and prepared exercises, ...

The site is temporary setup here: ptth://www.woodmann.net/knoppix-re/
(the iso file itself is hosted on another server)

thanks and enjoy!

0xf001

0xf001
May 9th, 2005, 11:02
please if anyone needs more tools or has other ideas - just feedback here

thanks and regards, 0xf001

Polaris
May 9th, 2005, 12:52
Quote:
[Originally Posted by 0xf001]please if anyone needs more tools or has other ideas - just feedback here

thanks and regards, 0xf001


Well, I wanna suggest (but probably you already thought about this ) to include REC and Boomerang...

Tola
May 9th, 2005, 13:00
mh, linice maybe? i found gdb and its frontends to be completely useless.

0xf001
May 9th, 2005, 15:45
tola,

we think of implementing linice but currently it did not yet make it onto the CD. Therefore kdb is the workaround

polaris: well rec why not. i have never used (but seen) it, so can not say anything about the results it produces, anyway it will not eat much space same for boomerang... will be on the next iso

thanks!

0xf001

Polaris
May 10th, 2005, 02:24
Quote:
[Originally Posted by 0xf001]polaris: well rec why not. i have never used (but seen) it, so can not say anything about the results it produces, anyway it will not eat much space same for boomerang... will be on the next iso

thanks!

0xf001


Both of them can be quite effective if used correctly (aka in cojunction with a powerful disassembler like HT Editor), trust me

Also, I did not find a link, could you point me?

Also, what about a "Gentoo |RE"???

Good job!

JMI
May 10th, 2005, 02:57
Polaris:

Please come in from the forest for a few minutes and warm those grey cell for a bit and then reconsider the content of the #1 post, expecially the part which states:

"The site is temporary setup here: ptth://www.woodmann.net/knoppix-re/
(the iso file itself is hosted on another server)"

Having warmed up a tad, and "reconsidering," and assuming the "link" you were referring to was knoppix-re, I'm sure you'll have your answer, especially if you actually review the contents of the site. Yes, I know "iso" is sort of an oblique reference, but consider the word "download" which is full of promise.

Regards,

Zero
May 10th, 2005, 03:57
Please be warned

This version is alpha, it is 650 MB size.
We will work on the size, as well several tools will be added:

- Boomerang
- REC
- Sandmark
- ... much more
- a Knowledge Base with docs, tuts and more
- removing all redundant stuff to limit the ISO size

I have taken the download link down at the moment due I first have to check my traffic limits

We hurry up on this, be sure. Back hopefully fast with a working download link.

The uploader was a little fast with making this public, however this is understandable... he has done a great job

Polaris
May 10th, 2005, 10:47
Whoa JMI It seems you really like my nick and the background around it

Well, maybe its the incoming summer bringing disease to my little brainz
Or maybe the too much hours of endless debugging...

However, excellent work!!! I am really, really waiting for a stable version!


0xf001
May 12th, 2005, 16:26
JMI, you are _the_ wording artist I enjoy reading your posts that is communication on its top edge

the knoppix|RE has come some steps further btw, the shrinking process grew meaning the iso lost much weight, new tools are coming, the knowledge base is in progress, Zero (besides other things) prepared a new web environment , and knoppix now got totally reversed .... I just want you to keep excited hehe

cheers, 0xf001

Polaris
May 13th, 2005, 01:03
There is any chance of being included into the beta-testing program?

0xf001
August 5th, 2005, 02:12
hi all,

after the getlogin fix of linice it is definately making it's way into knoppix|RE.

and knoppix|RE will be released with a very nice surprise. the status has - except of
the kowledge database and exercises allready reached advanced state.

After a long holiday I will sync with Zero to plan a release time ...

polaris: yes - it works via PM

cheers, 0xf001

andrewg
August 5th, 2005, 18:12
can be found here: hxxp://rr0d.droids-corp.org/

Haven't played with it yet though, was mentioned to me by a friend who had problems getting linice working properly.

Zero
August 8th, 2005, 05:09
I love the Rasta mode

0xf001
August 8th, 2005, 06:21
damn!

that is software how I like it . I try to try it out and compare against linice. coolnessfactor 200% definately should be on our CD hahahaha! we could maybe finish the project in holland to get more inspiration on he rasta mode hahahahahahaaaa!

keep the vibes ,

0xf001

Polaris
August 8th, 2005, 08:08
I can't wait for rasta mode! It'll make my hair go dread??

Polaris
December 27th, 2005, 06:51
Any news about Knoppix|RE ?

Zero
December 27th, 2005, 09:44
Well, 0xf001 should have worked on it to finish it this year
Seems that I have lost the contact to him and he did not answered my last mail
Not sure about this project, but I am ready for it....

0xf001
January 13th, 2006, 14:12
well, 0xf001 was a bit too busy this year

and he waited for particular contributions which did not come, too

ok so .... pls i got polaris contacting me, anybody who _has time_
lets roll it up again!!

the base is done since ages (a year??). i wait for contributions on documentation material, java RE, possible ideas for win RCE stuff, any more ideas.

regards, 0xf001

Zero
January 13th, 2006, 15:21
Quote:
and he waited for particular contributions which did not come, too

ehm... thats me, OK.
Can you upload the latest version to the server please?
I have a look at it as well I will collect finally the material...
Do you need help in making the Live ISO ?

0xf001
January 19th, 2006, 21:47
hi,

ok so let's roll it up again

i will have to rework the whole core, based on a recent knoppix version
(which _agaaaain_ and _stiiiiiiiillll_ they don't boot on my notebook but
i have to rework the kernel so or so ok there are boot options, but... )

while i am doing this ..... please knoppix|RE has no real road map so far. It is
still more of an idea where everything is open. Of course its a dedicated toolset to RCE in the widest terms. I wanted to do one for linux and win executable RCE
initially until zero told me about some java stuff... hehe So any ideas are welcome.

Any tools you came across - let me know, more than I might allready know them can not happen .... and I am sure there are a lot handy things out I never thought about.

Next part is: there is an indexed documentation system in. Don't worry about format or so. Please contact zero for all documentation stuff.
Anyone who knows "hakin9" .... they did a similar approach in the meantime .... but of course we will make the non plus ultra hehe!!!

Polaris, I have no dedicated task for you at the moment. I don't really know how I can split the work on kernel & co.

I would keep doing core (ie iso image, kernel rework, integrate, script ..., desktop design) - "put all together".

You can launch your own subprojects on any distribution, I will merge them.
Don't worry about libraries, formats - get sthg running I will "port" it if needed.

When there are more ideas / contributions I probably can delegate dedicated stuff to selected persons (polaris you are the 1st on my list )

Now uuuunfortunately I have a high pressure real life work situation. So pls for the new core you need to wait a bit. The old ISO is still available if some one is interested.

On my roadmap is:
- new latest kernel, kernel modules, HW support (NOTEBOOKS!!!)
- put in the core sw (disassemblers, debuggers, editors, ...)
- make an bootable and working iso

this might take 1 month or so to be realistic. Oh ok - if one can provide special kernel parameter constellations required for his notebook / disk controllers / LCD blabla -> POST!!!!!!!!

zero - pls tell me again what webserver, indexer, java version you want
i find swish-e / PHP too handy, but .... you ara da boss hehe


regards

--
0xf001

0xf001
January 19th, 2006, 22:55
Ok more structured now

please send me

- links to tools: any RCE related tools, really any. Crypto stuff! Anything! I have my own toolset, I am _sure_ there is interesting stuff out there
you made some little handy scripts for a particular purpose? send them!
even .exe files if necessary and works with wine or so. we can try everything.
source is of course better

- documentation: practical step by step tutorials/introductions for tools. basic terms explanations. approaches you break crypto algos, anything you would like to see in knoppix|RE - zero is the master of documentation. ask him how to contribute on that subject. I think we provide the compressed form with links to details. Unique stuff? "vi as RCE tool" ... let's go!
"using basic unix filters for RCE" .... something like that sounds tasty
(strings, grep, xargs, perl, hexdump, sort, cut, awk, ...)
be creative!

- ideas for desktop integration of tools: whatever idea you might have
(right click file in konqueror shows ELF header or so ...)

- any kernel hack ideas

- finally: any Qt3 capable coderz! I have a tool to launch for knoppix|RE
its called RE|work - and a fusion of all kind of RCE tools in one. When
ready, a real ultra tool
i decided to open it for selected coderz -> I need coders who understand
ELF format (or want to learn it) and can code with Qt, also are not afraid
of lowlevel stuff, but not too much. I wanna merge lida in also somewhen
.... ah and ... I code Qt in C, don't be afraid, C++ is really not necessary
maybe we even found a group like "REcoderz" or so i have pleeenty
of ideas!

- the message of knoppix|RE should be more playful, encouraging one to play with it, maybe even stumping, make it a valuable boot CD, instead of a technical steril thing wich "just works" - therefore are the plenty other .iso's

thank you all in advance!

regards,

--
0xf001

0xf001
January 19th, 2006, 23:29
lil snapshot of RE|work
but knoppix|RE is more priority of course

Polaris
January 20th, 2006, 01:42
Happy to know you are started working on this again! BTW, if you could post your current list of software it would be much easier for other people to propose new stuff...

BTW,

0xf001
January 20th, 2006, 16:22
haha thanks, polaris

i don't think it stops you sending tools but ok:

the main tools included are:
- bastard (disassembler)
- lida (disassember)
- ldasm (disassembler)
- elfsh
- hte (file editor / disassembler)
- kdb or linice (linice is not yet really stable working) -> kernel debuggers
- from kde: khexedit, cmdline: hexedit
- gdb, ddd, ... i also put in rr0d just for fun (of course with da 0xf001 mode )
- fenris (... ... ... ... ... ... )
- ltrace, strace
- biev, elfkickers, lsof
- ...

its hard to list all and everything, the too regular tools you can use for RCE which are on any distro i did not list now all .... so i ask pls to send links
to the "not so usual tools"

thankzzzzz

--
0xf001

0x0804
April 22nd, 2007, 04:10
Hi,

Seems like an interesting project here. Any idea on its status? I have limited experience in knoppix remastering (making custom distro) so I thought I could offer my help on the same if project owners need it. The screen shot of RE|work looks cool.

Cheers

0xf001
April 22nd, 2007, 06:54
heya,

to be honest that project died. i had not so much time to do all alone. i have a now old but still working version which i could share.

there appeared dvl now. it has a bit another purpose, but shares some same ideas.

what i dont like about it, is that it tries to be old and vulnerable. and it has no kernel mode debugger. and it is based on dsl and it wants to be small, too. i would more not care about size, but put all in i want. i am kde fan, so i had a kde with OSX look there etc. that eats resources. i need a kate, and a khexedit, its so comfortable

however. I was thinking to resurrect that project. a bit competition is always good

the point is - i dont "just want to take a distro and add packages". no, i changed the underlaying architecture totally, made a custom kernel etc.

please post or PM how much time you have. together we could make it

i find yet dvl for reversing tasks insufficient for my way of how i want to work. it has no real integration etc ... however a new dvl will come soon, and it should be damn cool from what i heared.

thanks, 0xf001

PS: nice nick!

0x0804
April 22nd, 2007, 12:19
Hey 0xf001,

Check your PM. I would like to give the existing ISO a spin. How can I get it?

Lets get this started...

Cheers
0x0804

Zero
April 22nd, 2007, 12:21
Knoppix|RE has died but was put back to life with Damn Vulnerable Linux. The King is dead, long live the king.
http://www.DamnVulnerableLinux.org

The upcoming release is still based on damn small linux, but in 8 weeks we will offer a release which contains ALL your whishes! All RCE tools, targets to play with, and so on

0xf001
April 22nd, 2007, 12:31
hehe,

true Zero. When I get support I would let it resurrect ... lets see ...

i have ideas / requs which dont fit so much to the concept of dvl. like i would like to
have 2.4 and 2.6 kernel available for example. the bigger stuff like kernel sources, a kernel with debug info, kernel level debugger ...

cheers, 0xf001

Zero
April 22nd, 2007, 12:35
Dear Mr. 0xf001,

we will acquire you for the DVL project. We will not pay any money, you have to work as a slave. Thank you for your interest.

Why 2 distros? Wait for my PM, then I tell you that the new DVL is exactly what Knoppix|RE was planned to be!

0xf001
April 22nd, 2007, 12:40
Lol,

no problems Zero, i want to, do, and will support DVL! That is no question.

But still if I could make a distro fully like my taste, that is somehow a bit a kind of ... dream

cheers, 0xf001

Zero
April 22nd, 2007, 12:42
OK