Kon Boot V2 9

Creating a Network Boot Menu including Kon-Boot to Bypass Local Authentication

Grub2Win is completely free, open source software. All modules are digitally signed for your security. Safely boot multiple Windows and Linux systems on both GPT and MBR disks. Supports both 64 and 32 bit EFI firmware as well as BIOS. Installs to Windows 10, 8, 7 and XP. Grub2Win boots native GNU Grub version 2.04 code. Last Active: Jun 24, 2020 Threads: 15 Posts: 65 Reputation: 0 #1. Dec 09, 2018, 21:06 pm. Kon-boot 2.9 commercial has support for. Kon-Boot was created by Piotr Bania (the original and only author). Kon-Boot is currently distributed only through this website and LEAD 82 (LEAD 82 Piotr Bania) company website. Please notice us if you have purchased kon-boot from external illegal websites.

In a former post I referred to Kon-Boot, but didn’t go into much detail. Here, I’ll expand on my use of Kon-Boot and how to set it up for your own network. Specifically, to keep things as easy as possible I add it to my PXE menu, so that you’re simply a reboot and a few keystrokes away from logging on to an otherwise locked machine.

What is Kon-Boot?

Kon-Boot is a bootable shim which bypasses local account authentication on Windows machines. In other words, by booting into Kon-Boot (via floppy, CD, or over the network via PXE) you can bypass local passwords, such as for the built-in Administrator account.

As an aside, note that it cannot bypass domain authentication. This makes sense, as domain-joined machines contact domain controllers for domain user accounts, unless the client machine is offline and has cached credentials.

Kon-Boot is the reason I randomize the local Administrator password without disabling the account. For whatever reason, the author of Kon-Boot didn’t bypass enabled/disabled checks on local accounts, just their passwords.

Creating a PXE Boot Server

I’ll assume you already have a DHCP server on your network. The FOG Project, which I heartily recommend for anyone looking for a free Ghost replacement, has a wonderful page on setting DHCP options for many types of DHCP servers. The same options will apply for us — option 066 (“Next Server”) will be the IP address of the PXE server, and option 067 (“Boot File”) will be “pxelinux.0”. In fact, if FOG itself is interesting, they have great setup guides that will get a FOG menu installed on Ubuntu, to which you can simply add Kon-Boot as an additional option.

Next, you’ll need a trivial file transfer protocol (TFTP) server. For this tutorial, I’ll go through the setup of tftpd-hpa and syslinux on Ubuntu 12.04 Server. I’d recommend making this machine a VM, as the resources required are laughably low. I won’t, however, go into the installation of Ubuntu Server, as there are plenty of fantastic guides for that piece already. If you use the previous link, keep track of the IP address you statically assigned, or make a static DHCP reservation for the PXE server.

Once you’re logged in, there’s a few pieces of software to install.

apt-get install tftpd-hpa syslinux vim-nox openssh-server

This will install the TFTP server, syslinux (think of it as GRUB for PXE), a minimal version of vim to edit text files, and an SSH server. We’ll also need to create the directory structure and copy over some of the syslinux files to the TFTP root directory.

mkdir /var/lib/tftpboot/pxelinux.cfg

Kon Boot V2 99

cp /usr/lib/syslinux/memdisk /var/lib/tftpboot # used to boot a floppy image

cp /usr/lib/syslinux/pxelinux.0 /var/lib/tftpboot # the PXE boot file

cp /usr/lib/syslinux/vesamenu.c32 /var/lib/tftpboot # for the PXE menu

Tf2 remove respawn time. For Team Fortress 2 on the PC, a GameFAQs message board topic titled 'Respawn time = 0'.

You’ll also have a choice between setting a root password and a fair number of sudo commands. For the purposes of this post, I’ll recommend setting a strong password (as an example, this password generator site is xkcd-approved!) for root.

sudo passwd # Enter your user password, then enter a strong password for root, twice

Next, we’ll install the free version of Kon-Boot. Earlier this year, the author came out with a new paid version, but maintained the original version for free download. The major restriction is the free version (v1.1) doesn’t support 64-bit Windows systems, while the paid version (v2.0) does. Go to the Kon-Boot download page, download from the first mirror, and save the zip locally. Inside kon-boot-all.zip you’ll find FD0-konboot-v1.1-2in1.zip (password is “kon-boot”), and in that you’ll find FD0-konboot-v1.1-2in1.img. Save it to another location locally, such as your desktop.

Kon Boot V2 9 Download

If you don’t already have it installed, you’ll also need a program to copy the Kon-Boot floppy image over to the PXE server. I recommend installing WinSCP (skip the “sponsored” version if you prefer) for those on a Windows platform. Imyfone d back 7.2 0.5 registration code.

Copy the FD0-konboot-v1.1-2in1.img file to the /var/lib/tftpboot directory.

Now you’ll need to write the pxelinux configuration file at /var/lib/tftpboot/pxelinux.cfg/default. You can either use the command below, or a text editor like vim or nano to write the text below:

Kon Boot V2 90

echo -n ”

prompt 0
DEFAULT vesamenu.c32
timeout 50

Kon Boot V2 9mm

label local
localboot 0
MENU DEFAULT
MENU LABEL Boot from hard disk
TEXT HELP
Boot from the local hard drive.
If you are unsure, select this option.
ENDTEXT

label Kon-Boot
kernel memdisk
append initrd=FD0-konboot-v1.1-2in1.img
MENU LABEL Kon-Boot Floppy Image
TEXT HELP
Kon-Boot will bypass local authentication for
local administrative purposes.
ENDTEXT

” > /var/lib/tftpboot/pxelinux.cfg/default

If you’ve set up your DHCP server options as mentioned before, you should now be able to boot a client to the network and see the menu we’ve created. You may have to press a specific key during boot or change your BIOS options. For VMware virtual machines, pressing F12 during boot attempts a PXE boot.

Booting into Kon-Boot will take a few moments showing a fancy startup image, and then boot into Windows.

Screenshot from paid version (v2.0)

Now that you’re inside Windows, you can log in as the local Administrator account (or any other local account) without worrying about the password. You can leave the password field blank, or type in any particular password you want. It makes no difference, as the password check is more-or-less replaced with “return true”. Whereas before you’d see this:

Now you’ll be able to log on and take any actions you wish.

What do you think? As I don’t have need for remote access to computers without using domain privileges, I see this as a useful way to log in to infected or suspicious machines locally. In terms of return on investment, I’ve been extremely happy with further customizing my PXE boot menu with SpinRite (drive recovery), Recovery is Possible (live Linux over PXE!), and even Memtest86+.