May 31, 2009
Customizing the BackTrack 4 PreFinal ISO
Customizing the BackTrack 4 PreFinal ISO
OffSec Team
One of the downsides of leaving the linux live scripts and moving to non lzma enabled squashfs, is that we loose the wonderful and convenient setup for modifying the BackTrack LiveCD on our own. We use to be able to pop in a LZM file into the “optional” directory, and that’s it – but no more.
Actually, customizing a casper based ISO isn’t that difficult, just different. I put up this quick guide on how to edit your own livecd and add various tools, drivers and scripts to it.
First, install BT4 and get a copy of the BT4 iso. As root, create the build environment, and chroot into it:
mkdir -p /root/BUILD
mv bt4.iso /root/BUILD
cd /root/BUILD/
mkdir mnt
mount -o loop bt4.iso mnt/
mkdir extract-cd
rsync --exclude=/casper/filesystem.squashfs -a mnt/ extract-cd
mkdir squashfs
mount -t squashfs -o loop mnt/casper/filesystem.squashfs squashfs
mkdir edit
cp -a squashfs/* edit/
cp /etc/resolv.conf edit/etc/
cp /etc/hosts edit/etc/
cp /etc/fstab edit/etc/
mount --bind /dev/ edit/dev
chroot edit
You are now in the livecd environment, and can alter the build in any way you like. This is where you add your scripts, drivers and whatnots. At minimum, i’de suggest updating your iso with the current repo, which can be done with :
apt-get update
apt-get upgrade
apt-get clean exit
Once all the changes are made, close the build and create an iso out of it :
umount edit/dev
chmod +w extract-cd/casper/filesystem.manifest
chroot edit dpkg-query -W --showformat='${Package} ${Version}n' > extract-cd/casper/filesystem.manifest
REMOVE='ubiquity casper live-initramfs user-setup discover xresprobe os-prober libdebian-installer4'
for i in $REMOVE
do
sed -i "/${i}/d" extract-cd/casper/filesystem.manifest-desktop
done
cp extract-cd/casper/filesystem.manifest extract-cd/casper/filesystem.manifest-desktop
sed -i '/ubiquity/d' extract-cd/casper/filesystem.manifest-desktop
rm -rf extract-cd/casper/filesystem.squashfs
mksquashfs edit extract-cd/casper/filesystem.squashfs
rm extract-cd/md5sum.txt
(cd extract-cd && find . -type f -print0 | xargs -0 md5sum > md5sum.txt)
find /boot /usr/lib/grub/ -iname 'stage2_eltorito' -exec cp -v {} extract-cd/boot/grub ;
cd extract-cd
mkisofs -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 4
-boot-info-table -V "BT4" -cache-inodes -r -J -l -o ~/bt4-mod.iso .
That’s it! The new iso is created at /root/bt4-mod.iso.
Bask in the glory of your customised Backtrack build!
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec
Research & Tutorials
CVE-2024-12029 – InvokeAI Deserialization of Untrusted Data vulnerability
CVE-2024-12029: A critical deserialization vulnerability in InvokeAI’s /api/v2/models/install endpoint allows remote code execution via malicious model files. Exploit risk for AI art servers.
Jul 17, 2025
0
Research & Tutorials
What is Phishing? Introduction to Phishing Demo (for Beginners)
Learn how phishing attacks work and how to spot them. Watch OffSec’s animated video to protect yourself from scams, spoofed sites, and social engineering.
Jul 15, 2025
2 min read
Research & Tutorials
CVE-2025-27636 – Remote Code Execution in Apache Camel via Case-Sensitive Header Filtering Bypass
Discover the critical Apache Camel vulnerability (CVE-2025-27636) that allows remote code execution via case-sensitive HTTP header manipulation in the exec component. Learn how attackers exploit this flaw and how to mitigate it.
Jul 10, 2025
2 min read