Jump to content











Photo
- - - - -

booting vista/2008/w7 from usb sub folder


  • Please log in to reply
175 replies to this topic

#26 cdob

cdob

    Gold Member

  • Expert
  • 1469 posts

Posted 30 March 2010 - 03:17 PM

I am trying to patch bootmgr using grub4dos write command.

Write to a (RAM) disk. Compare http://www.boot-land...?...ost&p=84534

title bootmgr

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

chainloader (rd)+1

root ()


#27 was_JFX

was_JFX

    Frequent Member

  • Advanced user
  • 483 posts
  •  
    Germany

Posted 30 March 2010 - 03:21 PM

OMG over a half year nobody noticed :)

The address E28 is correct, but the EB 1A is for setupldr not bootmgr. :)

Your right with EB 03 if this jump is taken and nointegritychecks is enabled it will work.

Thanks

#28 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 30 March 2010 - 08:09 PM

SOLUTION - boot multiple boot.wim files from a single USB flash!

Here is grub4dos entry to modify file bootmgr to boot using \boot\bc1 instead of \boot\bcd

must use Vista RTM SP0 version of bootmg (note: the write command permanently patches the file bootmgr)

title WinPe BCD (boots using /sources/boot.wim)
write --offset=0xE28 /bootmgr \xEB\x03
write --offset=0x54B6c /bootmgr \x44
chainloader /bootmgr


title WinPe BC1 (boots using /sources/boot1.wim)
write --offset=0xE28 /bootmgr \xEB\x03
write --offset=0x54B6c /bootmgr \x31
chainloader /bootmgr


To make BCD or BC1 you run a script as follows (example for BC1):

copy \boot\bcd \boot\bc1
bcdedit /store \boot\bc1 /set {bootmgr} nointegritychecks YES
bcdedit /store \boot\bc1 /create {ramdiskoptions} /d "Ramdisk options"
bcdedit /store \boot\bc1 /set {ramdiskoptions} ramdisksdidevice boot
bcdedit /store \boot\bc1 /set {ramdiskoptions} ramdisksdipath \Boot\boot.sdi
bcdedit /store \boot\bc1 /set {default} device ramdisk=[boot]\sources\boot1.wim,{ramdiskoptions}
bcdedit /store \boot\bc1 /set {default} osdevice ramdisk=[boot]\sources\boot1.wim,{ramdiskoptions}


If you want to boot using /sources/boot2.wim and /boot/bc2 then change \x31 to \x32 and bc1 to bc2 and boot1.wim to boot2.wim

Now you can have many boot.wim files (pev2/3) on the same USB stick and boot from a grub4dos menu! just name them boot.wim, boot1.wim, boot2.wim, etc.

You could also rename files, so for instance, you could have a Vista install DVD and a Win7 install DVD on the same USB flash drive by having two boot.wim files, and renaming say vistaUlt.wim to install.wim file before running the boot.wim for the Vista Ultimate boot.wim??,

Anyone know how to rename files in grub4dos???


I used RMPrepUSB (of course :) ) and the Install Grub Bootlaoder button to install grldr.

#29 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 31 March 2010 - 09:20 AM

must use Vista RTM SP0 version of bootmg (note: the write command permanently patches the file bootmgr)



Check cdob's post just above yours, you can map the bootmgr to (rd) and then the change won't be permanent.

Anyone know how to rename files in grub4dos???

There isn't a specific command, AFAIK.
You can write to the filesystem, but it is NOT recommended.

I will throw on the table, once again :), this hint (reserved to programmers):
GRUB (and grub4dos) is a minimal kind of OS, it can run programs.
If it can run Space Invaders, it can well run a program to rename something:
http://www.boot-land...?showtopic=7329

:)
Wonko

#30 ireneuszp

ireneuszp

    Frequent Member

  • Advanced user
  • 191 posts
  •  
    Poland

Posted 31 March 2010 - 08:49 PM

title WinPe BCD (boots using /sources/boot.wim)
write --offset=0xE28 /bootmgr \xEB\x03
write --offset=0x54B6c /bootmgr \x44
chainloader /bootmgr

title WinPe BC1 (boots using /sources/boot1.wim)
write --offset=0xE28 /bootmgr \xEB\x03
write --offset=0x54B6c /bootmgr \x31
chainloader /bootmgr

I have this error:
Posted Image

#31 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 31 March 2010 - 08:56 PM

I have this error:
Posted Image

why does grub4dos print 1x31 and not \x31 ???

Also this does not work on ntfs volume, it must be fat32 or fat16.

The first command seems to have worked so I think you have bad line in menu.lst???

Also try real device not qemu?

#32 sbaeder

sbaeder

    Gold Member

  • .script developer
  • 1338 posts
  • Location:usa - massachusettes
  •  
    United States

Posted 31 March 2010 - 09:11 PM

I have this error:

Were you using an ISO image in Qemu? As was mentioned (by our good friend WONKO), look at post #26 My guess is that if you use a USB, it is write-able, but if not, then the trick of mapping to memory and patching memory is what is needed :)

#33 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 31 March 2010 - 09:17 PM

I will throw on the table, once again :), this hint (reserved to programmers):
GRUB (and grub4dos) is a minimal kind of OS, it can run programs.
If it can run Space Invaders, it can well run a program to rename something:
http://www.boot-land...?showtopic=7329

:)
Wonko


Space Invaders is written to access BIOS and has no OS calls and does not access any filesystem AFAICS. I need to access filesystem to rename a file (the master OS wim file needs to be called install.wim so I need to rename say vistaUltSP1.wim to install.wim).

#34 ireneuszp

ireneuszp

    Frequent Member

  • Advanced user
  • 191 posts
  •  
    Poland

Posted 31 March 2010 - 09:24 PM

why does grub4dos print 1x31 and not \x31 ???

Also this does not work on ntfs volume, it must be fat32 or fat16.

The first command seems to have worked so I think you have bad line in menu.lst???

Also try real device not qemu?

why does grub4dos print 1x31 and not \x31 ???
I don't know
I tested it on FAT32 usb
Posted Image

in menu.lst I have
title WinPe BCD

write --offset=0xE28 /bootmgr \xEB\x03

write --offset=0x54B6c /bootmgr \x44

chainloader /bootmgr



title WinPe BC1

write --offset=0xE28 /bootmgr \xEB\x03

write --offset=0x54B6c /bootmgr \x31

chainloader /bootmgr



title WinPe BC2

write --offset=0xE28 /bootmgr \xEB\x03

write --offset=0x54B6c /bootmgr \x32

chainloader /bootmgr

:)

File: BOOTMGR
CRC-32: 6442a4ad
MD4: 54c1656f51092265a7c460d30dffedd9
MD5: 9e24b834dc6fc0634c28004721df9d82
SHA-1: 24e936174d3b3fbd7a0ab7d24989988798c5e4b8

On real device I have the same error

#35 maanu

maanu

    Gold Member

  • Advanced user
  • 1134 posts
  •  
    Pakistan

Posted 31 March 2010 - 09:32 PM

just for the record , following works

map --mem /I386/SETUPLDR.BIN (rd)
write --offset=0x2060 (rd)+1 \xEB\x1A
write --offset=0x2a516 (rd)+1 \\I386\\txtsetup.sif\0\0\0
write --offset=0x2a5f6 (rd)+1 \\I386\\system32\\\0\0\0
chainloader (rd)+1

following does not

map --mem /I386/SETUPLDR.BIN (rd)
write --offset=0x2060 \xEB\x1A
write --offset=0x2a516 \\I386\\txtsetup.sif\0\0\0
write --offset=0x2a5f6 \\I386\\system32\\\0\0\0
chainloader (rd)+1

i hope you have spotted the difference ,

edit ; also , dont we support to map BOOTMGR to memory (rd) also to patch it on the fly ?

quoting chenall ,

write 0x60000 0

map --mem /IMAGES/WIN.IMG (fd0)

map --hook

map --mem (fd0)/BOOTMGR (rd)

##if exist /boot/bcd (bcd is correct, only missing BOOTMGR),Then boot with this BCD file.

find --set-root --ignore-cd --ignore-floppies /BOOT/BCD && write 0x60000 1234

checkrange 1234 read 0x60000 && chainloader (rd)+1

checkrange 1234 read 0x60000 && map --unmap=0

checkrange 1234 read 0x60000 && boot

##not find /BOOT/BCD on harddisk,then use (fd0)/boot/bcd

find --set-root --ignore-cd --ignore-floppies /WINDOWS/SYSTEM32/winload.exe

map () (hd30)

map --hook

write 0x60004 0

write 0x60000 0

dd if=(hd30)+1 of=(md) bs=1 count=4 skip=0x1b8 seek=0x60000

map (hd30) (hd30) && map --hook

cat --length=0 ()-1

dd if=(md) of=(md) bs=1 count=8 skip=0x8290 seek=0x60008

cat --locate=\xD0\x3F\x06\0 --replace=*0x60000 (fd0)/boot/bcd

cat --locate=\0\x7E\0\0 --replace=*0x60008 (fd0)/boot/bcd

chainloader (fd0)/bootmgr


#36 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 31 March 2010 - 09:43 PM

my MD5 is 24B0294E6866186685BA5F0E03DAAF2F

438,840 bytes

Are you using Vista SP0 (RTM) version? Maybe your version is shorter in length?

#37 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 31 March 2010 - 10:19 PM

I tried patching bootmgr in memory but it didn't work - see attempts below.
menu 1 and 2 --> bootmgr reports cannot find \boot\BCD
menu 3 - OK




title 1 bootmgr with --mem (not work)
map --mem /bootmgr (rd)
write --offset=0xE28 (rd)+1 \xEB\x03
write --offset=0x54B6c (rd)+1 \x44
chainloader (rd)+1
root ()

title 2 bootmgr no --mem (not work)
map /bootmgr (rd)
write --offset=0xE28 (rd)+1 \xEB\x03
write --offset=0x54B6c (rd)+1 \x44
chainloader (rd)+1
root ()

title 3 WinPe patch file (bcd) (works)
find --set-root /bootmgr
write --offset=0xE28 /bootmgr \xEB\x03
write --offset=0x54B6c /bootmgr \x44
chainloader /bootmgr

#38 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 01 April 2010 - 07:09 AM

The other way? (floppy image)

http://www.boot-land...showtopic=10884

:)
Wonko

#39 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 01 April 2010 - 08:28 AM

I don't know what you mean by 'floppy image'? Can you explain (without just giving links to other threads) for me please, as I am not experienced in booting floppy images?

Bear in mind that I cannot use Ram disk as bootmgr needs to find bcd and load boot.wim image...

#40 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 01 April 2010 - 09:43 AM

Just as it is possible for NT/2K/XP/2003, it is possible to create a Vista/2008/7 boot floppy.

You'll have to follow a link anyway, I am not going to re-write what is already written:
http://www.multibooters.co.uk/
http://www.multiboot....uk/floppy.html

Basically you create a floppy image containing:
/BOOTMGR

/boot/BCD

Then you map it in grub4dos (the image can be compressed).

Something like:
title Bootmgr on floppy

map --mem /myfloppy.ima (fd0)

map --hook

root (fd0)

chainloader /bootmgr
(you don't even need the floppy image to be bootable or to be invoking BOOTMGR)

You do know how to create a floppy image, don't you? :)

:)
Wonko

#41 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 01 April 2010 - 12:48 PM

OK, so then in my case it would look for \sources\boot.wim (as determined from the BCD) on the 'hard disk' which would be my UFD.
Trouble is I would have to patch the floppy image on the fly and it still doesn't solve the issue of needing to change the Windows Install.wim file name to make the Install DVDs work.

One way I thought of was to boot to DOS (FAT32) and have a menu.

1. Install Vista 32-bit
2. Install Vista 64-bit
2. Install Win7 32-bit
etc

then if say option 1 was chosen, I could ...
ren \sources\installv.wim install.wim
Then run Grub4DOS and point it at a menu.lst which had a 0 timeout entry to patch the bootmgr and boot the boot1.wim file which would be the Vista install boot.wim - it would then use install.wim as the source for installing Vista source files to the hard disk.

#42 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 01 April 2010 - 12:54 PM

OK, so then in my case it would look for \sources\boot.wim (as determined from the BCD) on the 'hard disk' which would be my UFD.
Trouble is I would have to patch the floppy image on the fly and it still doesn't solve the issue of needing to change the Windows Install.wim file name to make the Install DVDs work.

Why? :)

You make as many floppy images as many .wim's you have.
And you don't have to patch anything.

Or you put in the floppy image a number of BOOTMGR's hexedited and renamed, and corresponding renamed BCD's

Or you hexedit on the fly the BOOTMGR on the floppy to point to differently named /BCD's

:)
Wonko

#43 ireneuszp

ireneuszp

    Frequent Member

  • Advanced user
  • 191 posts
  •  
    Poland

Posted 01 April 2010 - 08:10 PM

my MD5 is 24B0294E6866186685BA5F0E03DAAF2F

438,840 bytes

Are you using Vista SP0 (RTM) version? Maybe your version is shorter in length?

My mistake, I used different version bootmgr :)
With version bootmgr from Vista SP0 (RTM) all runs :)

Great thanks for help

#44 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 01 April 2010 - 08:19 PM

My mistake, I used different version bootmgr :)
With version bootmgr from Vista SP0 (RTM) all runs :)

Great thanks for help

No Problem -glad it is working. Don't forget that it will permanently change the bootmgr file each time you run a menu item.
It also fails if you use an NTFS USB stick - presumably due to bug/problem with grub4dos writing to a file under NTFS?????

you can also use

title WinPe BC1
write --offset=0xE28 /bootmgr \xEB\x03
write --offset=0x54B6c /bootmgr 1
chainloader /bootmgr

title WinPe BC1
write --offset=0xE28 /bootmgr \xEB\x03
write --offset=0x54B6c /bootmgr 2
chainloader /bootmgr


which makes it a bit more readable instead of \x31 and \x32. Of course you can only use one byte at this address. Do not exceed one byte or you will permanently corrupt the bootmgr file!

#45 tinybit

tinybit

    Gold Member

  • Developer
  • 1175 posts
  •  
    China

Posted 01 April 2010 - 09:51 PM

It also fails if you use an NTFS USB stick - presumably due to bug/problem with grub4dos writing to a file under NTFS?????


Did you use an old version? Check this in ChangeLog_GRUB4DOS.txt:

2009-12-01 (chenall)fixed a bug which caused dd/write to write onto the wrong sector of the disk(fsys_ntfs.c).

This is a serious bug. You have to switch to the newer versions if you would use dd/write on files in NTFS partitions. Recommend to use the latest of 0.4.5a series.

#46 cdob

cdob

    Gold Member

  • Expert
  • 1469 posts

Posted 01 April 2010 - 09:55 PM

Or write a unicode string to make it more (less) readable.

title bootmgr "BC1"

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

#write unicode BC1

write --offset=0x54B68 (rd)+1 B\x00C\x001\x00

chainloader (rd)+1

root ()



title bootmgr "\\Boot\\BC1"

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

#write unicode \Boot\BC1

write --offset=0x54B5C (rd)+1 \\\x00B\x00o\x00o\x00t\x00\\\x00B\x00C\x001\x00

chainloader (rd)+1

root ()


#47 ireneuszp

ireneuszp

    Frequent Member

  • Advanced user
  • 191 posts
  •  
    Poland

Posted 02 April 2010 - 02:49 PM

I tried patching bootmgr in memory but it didn't work - see attempts below.
menu 1 and 2 --> bootmgr reports cannot find \boot\BCD
menu 3 - OK

title 1 bootmgr with --mem (not work)
map --mem /bootmgr (rd)
write --offset=0xE28 (rd)+1 \xEB\x03
write --offset=0x54B6c (rd)+1 \x44
chainloader (rd)+1
root ()

title 2 bootmgr no --mem (not work)
map /bootmgr (rd)
write --offset=0xE28 (rd)+1 \xEB\x03
write --offset=0x54B6c (rd)+1 \x44
chainloader (rd)+1
root ()

title 3 WinPe patch file (bcd) (works)
find --set-root /bootmgr
write --offset=0xE28 /bootmgr \xEB\x03
write --offset=0x54B6c /bootmgr \x44
chainloader /bootmgr

I tested also patching bootmgr in memory and it runs OK

title WinPe BC1 [with write x31]

write --offset=0xE28 /bootmgr \xEB\x03

write --offset=0x54B6c /bootmgr \x31

chainloader /bootmgr



title WinPe BC1 [with write 1]

write --offset=0xE28 /bootmgr \xEB\x03

write --offset=0x54B6c /bootmgr 1

chainloader /bootmgr



title WinPe BC1 [map --mem /bootmgr (rd) with write x31]

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

write --offset=0x54B6c (rd)+1 \x31

chainloader (rd)+1

root ()



title WinPe BC1 [map --mem /bootmgr (rd) with write 1]

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

write --offset=0x54B6c (rd)+1 1

chainloader (rd)+1

root ()



title WinPe BC1 bootmgr "BC1"

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

### write unicode BC1

write --offset=0x54B68 (rd)+1 B\x00C\x001\x00

chainloader (rd)+1

root ()



title WinPe BC1 bootmgr "\\Boot\\BC1"

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

### write unicode \Boot\BC1

write --offset=0x54B5C (rd)+1 \\\x00B\x00o\x00o\x00t\x00\\\x00B\x00C\x001\x00

chainloader (rd)+1

root ()



title

root



title WinPe BC2 [with write x32]

write --offset=0xE28 /bootmgr \xEB\x03

write --offset=0x54B6c /bootmgr \x32

chainloader /bootmgr



title WinPe BC2 [with write 2]

write --offset=0xE28 /bootmgr \xEB\x03

write --offset=0x54B6c /bootmgr 2

chainloader /bootmgr



title WinPe BC2 [map --mem /bootmgr (rd) with write x32]

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

write --offset=0x54B6c (rd)+1 \x32

chainloader (rd)+1

root ()



title WinPe BC2 [map --mem /bootmgr (rd) with write 2]

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

write --offset=0x54B6c (rd)+1 2

chainloader (rd)+1

root ()



title WinPe BC2 bootmgr "BC2"

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

### write unicode BC1

write --offset=0x54B68 (rd)+1 B\x00C\x002\x00

chainloader (rd)+1

root ()



title WinPe BC2 bootmgr "\\Boot\\BC2"

map --mem /bootmgr (rd)

write --offset=0xE28 (rd)+1 \xEB\x03

### write unicode \Boot\BC1

write --offset=0x54B5C (rd)+1 \\\x00B\x00o\x00o\x00t\x00\\\x00B\x00C\x002\x00

chainloader (rd)+1

root ()
:)

#48 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 02 April 2010 - 03:26 PM

can't seem to find 4.5 ?? where can I find the latest stable version (can only find up to 4.4??)

#49 ireneuszp

ireneuszp

    Frequent Member

  • Advanced user
  • 191 posts
  •  
    Poland

Posted 02 April 2010 - 03:29 PM

can't seem to find 4.5 ?? where can I find the latest stable version (can only find up to 4.4??)

here is
http://grub4dos-chen...-2010-03-29.zip

http://code.google.c.../downloads/list

:)

#50 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 02 April 2010 - 03:37 PM

yes - works with 4.5a so this means we don't have to patch the real file which is much better! :)

P.S. Would this means the bcdedit /store \boot\bc1 /set {bootmgr} nointegritychecks YES line can be omitted or is it still required ???




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users