Geekly Articles each Day
📜 ⬆️ ⬇️

Downloading Kaspersky Rescue Disk 10 over the network

The article offered for familiarization will tell you how to make a downloadable (pxe-bootable) option from the popular computer virus treatment tool. The material will be useful to system administrators, employees of service centers and, perhaps, someone else who often has to reanimate computers infected with viruses.

The article is relevant for the version of Kaspersky Rescue Disk 10.0.31.4 (the latest version at the time of publication).

Formulation of the problem


')
The task is reduced to several points:
  1. Adapt Kaspersky Rescue Disk 10 (hereinafter referred to simply as KRD10) to boot from the network.
  2. Provide a local mirror of updates from which it would be possible to periodically update the anti-virus database without downloading a fresh iso-image each time.
  3. Change some of the default antivirus settings. For example, checking archives sometimes takes a lot of time, and every time it is tedious to remove the same checkbox in the settings before the scan.
  4. Automate the implementation of the above points as much as possible, reducing the number of buttons required to a minimum.

System requirements



Server requirements:You can read more about how to deploy a network boot in fifteen minutes.

Client requirements:

Prepare.sh script



The prepare.sh script is run once to prepare everything you need, namely:
The latter is necessary for the reason that in Ubuntu from the repositories, squashfs-tools are installed by default without xz-compression support. If you have any version of squashfs-tools already installed, there is no need to remove them from the system, there will be no conflict.

Listing prepare.sh:
#!/bin/sh #   krd10_src="http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso" retranslator_src="http://utils.kaspersky.com/updater/retranslator_5.0.0.9/Linux/retranslator-5.0.0-9.tar.gz" squashfs_src="http://jaist.dl.sourceforge.net/project/squashfs/squashfs/squashfs4.2/squashfs4.2.tar.gz" #    echo && echo "STEP 1 : Do you have zlib, lzma, g++ and patch?" apt-get -q -y install zlib1g-dev liblzma-dev lzma g++ patch #    echo && echo "STEP 2 : I need to download some files..." # KRD10 wget -nc -c $krd10_src if [ "$?" -ne "0" ]; then echo echo "Can't download Kaspersky Rescue Disk 10 iso image!" echo exit 1 fi #     wget -nc -c $retranslator_src if [ "$?" -ne "0" ]; then echo echo "Can't download RETRANSLATOR!" echo exit 1 fi #  squashfs-tools wget -nc -c $squashfs_src if [ "$?" -ne "0" ]; then echo echo "Can't download SQUASHFS package!" echo exit 1 fi #  echo && echo "STEP 3 : Let's see what's inside..." tar -xzf retranslator-5.0.0-9.tar.gz tar -xzf squashfs4.2.tar.gz #    echo && echo "STEP 4 : Patching config files..." #      patch -p0 -i retranslator.patch #  Makefile (   XZ-) patch -p0 -i squashfs.patch #  squashfs4.2 echo && echo "STEP 5 : Building squashfs4.2 with XZ support..." make -C ./squashfs4.2/squashfs-tools/


Patch retranslator.patch
 --- ./retranslator/retranslator.bak 2010-07-14 02:51:11.000000000 +1100 +++ ./retranslator/retranslator.conf 2012-01-08 18:30:56.438109054 +1100 @@ -35,23 +35,23 @@ # # Optional specification of components to be retranslated. # -RetranslateComponentsList=AVS, CORE, BLST, Updater +RetranslateComponentsList=EMU,KDB,QSCAN,RD # # Optional specification of OS filter. # -#os2=Win;Mac;Linux +os2=Linux # # Optional specification of instruction set filter. # -#instrset=kernel:i386,x64;user:i386; +instrset=kernel:i386;user:i386; # # Optional specification of application filter. # -#application=WKS 6.0.4.1424; +application=RD 10.*.*.*; # # Optional specification of build filter. @@ -182,5 +182,5 @@ # this level if you are reporting bugs in the product. Do not forget to turn # it off afterwords. Debug messages have 'D' mark in the log file. # -ReportLevel=9 +ReportLevel=3


Patch squashfs.patch
 --- ./squashfs4.2/squashfs-tools/Makefile.bak 2011-03-01 06:04:15.000000000 +1000 +++ ./squashfs4.2/squashfs-tools/Makefile 2012-03-13 12:20:20.823261029 +1100 @@ -26,7 +26,7 @@ # To build using XZ Utils liblzma - install the library and uncomment # the XZ_SUPPORT line below. # -#XZ_SUPPORT = 1 +XZ_SUPPORT = 1 ############ Building LZO support ##############


If everything went without errors, then in the folder ./squashfs4.2/squashfs-tools/ there will be two executable files - mksquashfs and unsquashfs, and in the folder ./retranslator, a ready-to-work local mirror of the anti-virus databases will appear.

Script make_rescue.igz.sh



This is the main script, the result of which are three files: the kernel “rescue”, the ramdisk “rescue.igz” and the configuration file “menu.cfg” for pxelinux.

Listing make_rescue.igz.sh:
 #!/bin/sh #   ,     ,     crontab. cd $(cd $(dirname $0) && pwd) #  . krd10_iso="http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso" #   tftp (      pxelinux.0  ..), #    . tftproot_dir="/storage/tftproot" #    tftproot_dir,    . dest_dir="apps/kaspersky" #  download_iso="1"  ,       KRD10. #   ,   . download_iso="0" #  update_liveos="0"      KRD10    . update_liveos="1" #  compress_lzma="1"     . #    , - . compress_lzma="0" #   KRD10    . echo && echo "STEP 1 : Downloading iso image..." if [ "${download_iso}" = "1" ]; then if [ -e "kav_rescue_10.iso" ]; then mv -f kav_rescue_10.iso kav_rescue_10.iso.bak fi wget -nv ${krd10_iso} else echo "This step was skipped." fi #    echo && echo "STEP 2 : Downloading anti-virus bases..." #     (sed      " "   ). if [ -e "retranslator/bases/bases/av/kdb/i386/old/kdb.stt" ]; then old_base=`cat retranslator/bases/bases/av/kdb/i386/old/kdb.stt | sed 's/\x0D$//'` else old_base="did not update yet" fi ./retranslator/retranslator #    . new_base=`cat retranslator/bases/bases/av/kdb/i386/old/kdb.stt | sed 's/\x0D$//'` echo "Old base version : ${old_base}" echo "New base version : ${new_base}" #    (  ,  -  )  . base_ver=`echo ${new_base} | sed 's/.*;//'` #  iso . echo && echo "STEP 3 : Mounting iso image..." mkdir iso && mount -o loop kav_rescue_10.iso iso/ #    disk_ver=`cat iso/rescue/KRD.VERSION | sed 's/; $//'` echo "Disk version : ${disk_ver}" #  rescue.igz. echo && echo "STEP 4 : Decompressing rescue.igz..." mkdir tmp cp iso/boot/rescue.igz ./tmp/rescue.lzma mkdir initrd cd initrd && lzcat -S lz ../tmp/rescue.lzma | cpio -i --no-absolute-filenames && cd ../ #   ! echo && echo "STEP 5 : Patching some files..." #    ,     LiveCD #   ,     7. patch -p0 -i init.patch patch -p0 -i dmsquash-live-root.patch #  ,        . echo && echo "STEP 6 : Patching LiveOS..." if [ "${update_liveos}" = "1" ]; then #    xz-!  -  squashfs-root. ./squashfs4.2/squashfs-tools/unsquashfs iso/rescue/LiveOS/squashfs.img #    ,  . mkdir mnt && mount -o loop -t auto squashfs-root/LiveOS/ext3fs.img mnt #   -  (.   config.xml.patch ). patch -p0 -i config.xml.patch #      ./mnt   #      . umount mnt && rm -rf mnt ./squashfs4.2/squashfs-tools/mksquashfs squashfs-root squashfs.img -comp xz rm -rf squashfs-root else echo "This step was skipped." fi #     " ". echo && echo "STEP 7 : Building livecd.squash..." mkdir -p livecd/rescue/help cp iso/rescue/help/*.txt livecd/rescue/help/ cp -r iso/rescue/help/English livecd/rescue/help cp -r iso/rescue/help/Russian livecd/rescue/help cp iso/rescue/KRD.VERSION livecd/rescue/ cp iso/livecd livecd/ #     ,  ,    ... if [ "${update_liveos}" = "1" ]; then mkdir livecd/rescue/LiveOS && mv squashfs.img livecd/rescue/LiveOS/ # ...    "". else cp -r iso/rescue/LiveOS livecd/rescue fi #     ! mkdir -p livecd/rescue/bases/Stat cp retranslator/bases/index/u0607g.xml livecd/rescue/bases/Stat/ cp retranslator/bases/bases/av/kdb/i386/*.ini livecd/rescue/bases/ cp retranslator/bases/bases/av/kdb/i386/*.kdc livecd/rescue/bases/ cp retranslator/bases/bases/av/kdb/i386/*.kdl livecd/rescue/bases/ cp retranslator/bases/bases/av/kdb/i386/*.xml livecd/rescue/bases/ mv livecd/rescue/bases/kdb-i386-0607g.xml livecd/rescue/bases/kdb-0607g.xml cp retranslator/bases/bases/av/kdb/i386/old/kdb.stt livecd/rescue/bases/Stat/ cp retranslator/bases/bases/av/kdb/i386/old/kavbase.mft livecd/rescue/bases/ cp retranslator/bases/bases/av/emu/i386/* livecd/rescue/bases/ cp retranslator/bases/bases/av/qscan/i386/u/* livecd/rescue/bases/ # WindowsUnlocker    . mkdir livecd/rescue/bases/data cp retranslator/bases/AutoPatches/rd/rd-0607g.xml livecd/rescue/bases/ cp retranslator/bases/AutoPatches/rd/windowsunlocker livecd/rescue/bases/data/ # . ./squashfs4.2/squashfs-tools/mksquashfs livecd initrd/livecd.squash #   rescue.igz. echo && echo "STEP 8 : Building rescue.igz..." if [ "${compress_lzma}" = "1" ]; then #  lzma  echo "Lzma compress enabled." cd ./initrd && find . | cpio -o -Hnewc | lzma -c > ../rescue.igz && cd ../ else #  lzma  echo "Lzma compress disabled." cd ./initrd && find . | cpio -o -Hnewc > ../rescue.igz && cd ../ fi #   ,   . echo && echo "STEP 9 : Moving image and cleaning temp dirs..." if [ ! -d ${tftproot_dir}/${dest_dir} ]; then mkdir -p ${tftproot_dir}/${dest_dir} fi cp -f iso/boot/rescue ${tftproot_dir}/${dest_dir}/ mv -f rescue.igz ${tftproot_dir}/${dest_dir}/ rm -rf tmp rm -rf livecd rm -rf initrd umount iso && rm -rf iso #    pxelinux.    ,  ... echo && echo "STEP 10 : Pxelinux config..." echo "LABEL kaspersky_rescue_disk_10" > ${tftproot_dir}/${dest_dir}/menu.cfg echo "MENU LABEL Kaspersky Rescue Disk ${disk_ver}-${base_ver}" >> ${tftproot_dir}/${dest_dir}/menu.cfg echo "KERNEL ${dest_dir}/rescue" >> ${tftproot_dir}/${dest_dir}/menu.cfg echo "APPEND initrd=${dest_dir}/rescue.igz root=live rootfstype=auto vga=791 init=/init kav_lang=ru udev liveimg doscsi nomodeset quiet splash" >> ${tftproot_dir}/${dest_dir}/menu.cfg echo "TEXT HELP" >> ${tftproot_dir}/${dest_dir}/menu.cfg echo "Disk version : ${disk_ver}" >> ${tftproot_dir}/${dest_dir}/menu.cfg echo "New base version : ${new_base}" >> ${tftproot_dir}/${dest_dir}/menu.cfg echo "Old base version : ${old_base}" >> ${tftproot_dir}/${dest_dir}/menu.cfg echo "Rescue.igz build date : `date +%H:%M/%d.%m.%y`" >> ${tftproot_dir}/${dest_dir}/menu.cfg echo "ENDTEXT" >> ${tftproot_dir}/${dest_dir}/menu.cfg echo && cat ${tftproot_dir}/${dest_dir}/menu.cfg


Patch init.patch
 --- ./initrd/init.bak 2012-03-11 23:30:56.000000000 +1100 +++ ./initrd/init 2012-03-12 00:09:33.165699617 +1100 @@ -270,7 +270,7 @@ # [ $main_loop -gt $RDRETRY ] \ # && { flock -s 9 ; emergency_shell "No root device \"$root\" found"; } 9>/.console_lock if [ $main_loop -gt $RDRETRY ]; then - CDROM_DEVICES="/dev/sr*" + CDROM_DEVICES="/livecd.squash" for i in $CDROM_DEVICES do /sbin/dmsquash-live-root $i @@ -288,7 +288,7 @@ unset RDRETRY if ! ismounted "/run/initramfs/live"; then - CDROM_DEVICES="/dev/sr*" + CDROM_DEVICES="/livecd.squash" for i in $CDROM_DEVICES do /sbin/dmsquash-live-root $i


Patch dmsquash-live-root.patch
 --- ./initrd/sbin/dmsquash-live-root.bak 2012-03-11 23:30:56.000000000 +1100 +++ ./initrd/sbin/dmsquash-live-root 2012-03-12 00:07:12.531467569 +1100 @@ -28,47 +28,47 @@ overlay=$(getarg rd.live.overlay overlay) # CD/DVD media check -[ -b $livedev ] && fs=$(blkid -s TYPE -o value $livedev) -if [ "$fs" = "iso9660" -o "$fs" = "udf" ]; then - check="yes" -fi -getarg rd.live.check check || check="" +#[ -b $livedev ] && fs=$(blkid -s TYPE -o value $livedev) +#if [ "$fs" = "iso9660" -o "$fs" = "udf" ]; then +# check="yes" +#fi +#getarg rd.live.check check || check="" -if [ -n "$check" ]; then - [ -x /bin/plymouth ] && /bin/plymouth --hide-splash - checkisomd5 --verbose $livedev || : - if [ $? -ne 0 ]; then - die "CD check failed!" - exit 1 - fi - [ -x /bin/plymouth ] && /bin/plymouth --show-splash -fi +#if [ -n "$check" ]; then +# [ -x /bin/plymouth ] && /bin/plymouth --hide-splash +# checkisomd5 --verbose $livedev || : +# if [ $? -ne 0 ]; then +# die "CD check failed!" +# exit 1 +# fi +# [ -x /bin/plymouth ] && /bin/plymouth --show-splash +#fi # determine filesystem type for a filesystem image -det_img_fs() { - local _img="$1" _loop=$(losetup -f) _fs - losetup $_loop $_img; _fs=$(det_fs $_loop); losetup -d $_loop - echo $_fs -} +#det_img_fs() { +# local _img="$1" _loop=$(losetup -f) _fs +# losetup $_loop $_img; _fs=$(det_fs $_loop); losetup -d $_loop +# echo $_fs +#} for arg in $CMDLINE; do case $arg in ro|rw) liverw=$arg ;; esac; done # mount the backing of the live image first mkdir -m 0755 -p /run/initramfs/live -if [ -f $livedev ]; then - # no mount needed - we've already got the LiveOS image in initramfs - # check filesystem type and handle accordingly - case `det_img_fs $livedev` in - squashfs) SQUASHED=$livedev ;; - auto) die "cannot mount live image (unknown filesystem type)" ;; - *) FSIMG=$livedev ;; - esac -else - mount -n -t $fstype -o ${liverw:-ro} $livedev /run/initramfs/live +#if [ -f $livedev ]; then +# # no mount needed - we've already got the LiveOS image in initramfs +# # check filesystem type and handle accordingly +# case `det_img_fs $livedev` in +# squashfs) SQUASHED=$livedev ;; +# auto) die "cannot mount live image (unknown filesystem type)" ;; +# *) FSIMG=$livedev ;; +# esac +#else + mount -n -t auto -o ro $livedev /run/initramfs/live if [ "$?" != "0" ]; then die "Failed to mount block device of live image" exit 1 fi -fi +#fi # overlay setup helper function do_live_overlay() {


The config.xml.patch patch changes only two settings: first, it turns on file checking “by format”, and, second, it turns off the archive check:
 --- ./mnt/etc/kl/config.xml.bak 2012-02-07 09:03:33.000000000 +1100 +++ ./mnt/etc/kl/config.xml 2012-03-13 12:45:20.000000000 +1100 @@ -795,8 +795,8 @@ <tDWORD name="ExcludeByMask">0</tDWORD> <tDWORD name="MandatoryScanPeriod">7</tDWORD> <tDWORD name="RootkitScan">1</tDWORD> - <tDWORD name="ScanArchived">1</tDWORD> - <tDWORD name="ScanFilter">1</tDWORD> + <tDWORD name="ScanArchived">0</tDWORD> + <tDWORD name="ScanFilter">0</tDWORD> <tDWORD name="ScanFixed">1</tDWORD> <tDWORD name="ScanMail">0</tDWORD> <tDWORD name="ScanMailBases">0</tDWORD>


Pxelinux setup



Upon completion of the script, the file $ {tftproot_dir} / $ {dest_dir} /menu.cfg will have something like this:
 LABEL kaspersky_rescue_disk_10 MENU LABEL Kaspersky Rescue Disk 10.0.31.4-201206200949 KERNEL apps/kaspersky/rescue APPEND initrd=apps/kaspersky/rescue.igz root=live rootfstype=auto vga=791 init=/init kav_lang=ru udev liveimg doscsi nomodeset quiet splash TEXT HELP Disk version : 10.0.31.4 New base version : 8154585;201206200949 Old base version : 8151532;201206190812 Rescue.igz build date : 22:23/20.06.12 ENDTEXT


It remains to add this line to your pxelinux.cfg / default (of course, changing the path to your own):

INCLUDE apps/kaspersky/menu.cfg

And to make it completely clear, I’ll give you part of my pxelinux.cfg / default
 DEFAULT vesamenu.c32 PROMPT 0 TIMEOUT 100 ONTIMEOUT local MENU TITLE -= PXE Boot Menu =- MENU BACKGROUND menu.jpg MENU COLOR border 30;44 #00000000 #00000000 none MENU COLOR unsel 37;44 #90ffffff #00000000 std MENU COLOR sel 7;37;40 #70ffffff #20ff8000 all MENU COLOR hotsel 1;7;37;40 #e0ffffff #20ff8000 all LABEL local MENU LABEL Boot from local drive localboot 0 LABEL memtest86p MENU LABEL MemTest86+ v4.20 KERNEL memdisk APPEND initrd=apps/memtest.bin INCLUDE apps/drweb/menu.cfg INCLUDE apps/kaspersky/menu.cfg


My menu looks like this:

image

Loading process:

image

Hooray, everything works:

image

Conclusion


Finally it remains to add the task to the crontab. If you want to update the image daily, say, at eight in the morning, the config will be like this:

 SHELL=/bin/sh 00 8 * * * /storage/projects/kaspersky_rescue_disk_10/make_rescue.igz.sh > /storage/projects/kaspersky_rescue_disk_10/results.log 2>&1

Do not forget to change the way to your own!

PS download the archive with all the scripts and patches here .

Source: https://habr.com/ru/post/140002/

More articles:


All Articles