23
June
June
Backtrack 5, meet Amazon EC2
9 comments Posted in: Backtrack 5 AMITagged with: Backtrack5 AMI Amazon EC2
I'm proud to announce the immediate availability of some unofficial BackTrack 5 AMIs.
Amazon's EC2 offers the ability to rapidly launch instances on an as-needed basis, and along with these AMIs allows for remote pentesting from Amazon's cloud. However, be sure to follow Amazon's terms of service, and ensure your activity is authorized.
Links to launch the AMIs can be found on the BT5 AMIs page. That page will always link to the most current information available, whereas blog posts (like this one) may be out of date.
There's some information that you may want or need to get started which is outlined below, but first; here's a table of images.
| AMI ID | Region | Launch |
|---|---|---|
| ami-04be456d | us-east-1 |  |
| ami-67742622 | us-west-1 | |
| ami-140d3c60 | eu-west-1 | |
| ami-565d2504 | ap-southeast-1 | |
| ami-5c08a25d | ap-northeast-1 | |
First of all, for the time being I'm only release the Gnome x86 build of Backtrack 5. If there's demand, I might consider building KDE of 64-bit images as well. If you're interested, please leave a comment so I can prioritize what's most demanded. Please keep in mind, I'm doing this as an unofficial project in my free time, so it may take some time to set up the remaining instances.
There are a few tweaks from the official BT5 releases which I want to draw your attention to.
SSH
SSHD is enabled by default. This is necessary so that you can actually connect with your instance remotely. It supports only SSH Key authentication, and will import your SSH key as configured through EC2 when launching the instance. The default root password is still 'toor', and I still recommend changing it, but it's not used for initial authentication. You'll find your ssh key in /root/.ssh/authorized_keys after first boot. Due to a design constraint, the key will be added twice but notice it's the same key; no one else has access to your instance unless they have your private key.VNC
If you prefer to use the Gnome GUI, you can launch VNC. It's pre-installed, and typing 'startvnc' will start it up. Upon first use you'll be prompted to create a VNC password which is unique to your instance. For added security, VNC listens only on loopback and the script uses screen 1 on port 5901. You'll need to set up an SSH tunnel or modify VNC's configuration to listen remotely. When you run 'startvnc' you'll be given an example commandline to use in creating an SSH tunnel.Kernel
To interoperate with EC's underlying Xen virualization platform, some tweaks were needed from the standard Backtrack 5 kernel configuration. Since I was recompiling the kernel anyhow, I bumped it to version 2.6.39. The EC2 requirements make it likely that installing a kernel update from the Backtrack 5 repositories will cause the machine not to boot, so proceed cautiously. If you care to recompile your own kernel you can do so, just be sure to include the required options per Amazon's documentation. (http://ec2-downloads.s3.amazonaws.com/user_specified_kernels.pdf) In essence, any kernel that supports Xen DomU mode and PVGrub boot should work fine with EC2.Cloud-init
In order to pull down SSH keys on bootup, and set up the new AMI to run under EC2, these images make use of the Cloud-Init package. (https://launchpad.net/~cloud-init-dev) This package is commonly used in other AMIs (including official Debian and Ubuntu AMIs as well as Amazon's own images) so you may be familiar with it. This also supports supplying start-up configuration data via a YAML syntax in EC2's user-data field.That's it! I did my best to stay as true to the Backtrack teams initial work, and keep from breaking any functionality in these images. I hope the community finds them useful. Feel free to leave a comment or contact me at jeff@offenseindepth.com with any feedback and I'll do my best to help out.
9 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.
1. thx 4 everything.
August 21, 2011 at 11 06 PM2. bt5r1 has just been released. would love 2 c u update the amis.
I'm planning to release updated images for BackTrack5. I'm a bit busy this week, and it'll take some time to build an appropriate kernel and package everything. I'm hoping to have them done by next week, but can't make any promises.
I'll post here when they're released.
August 22, 2011 at 8 51 AMThanks for everything...waiting for BT5R1 AMI !!!
November 7, 2011 at 5 42 PMHow about running it on a "Large" instance type? What are the steps for doing that?
November 15, 2011 at 5 44 AMLarge instances are 64 bit. The image is specifically for 32 bit instance types, so it won't currently run on large. Sorry!
I'm hoping to build images for BT5 R1 sometime, but haven't found the time yet. I may consider x64 images then, but this takes people away from the micro instances which are available for free in many cases, and have a lot of value to many people, so I'll probably be sticking with 32-bit platforms primarily.
November 15, 2011 at 10 58 AMCould you post instructions on how you got Backtrack EC2-ready? Perhaps I can find the required time to make a 64-bit version of Backtrack suitable for EC2. Thanks!
November 17, 2011 at 3 04 PMSadly, there was some trial and error involved, and I didn't really document my final process so it'd take walking through it again to identify the steps properly.
The tricky part is just that the kernel needs to support booting under Xen. I started with BT5's shipped kernel config, and added a few options. Amazon documents these pretty well, and this doc should help.
http://ec2-downloads.s3.amazonaws.com/user_specified_kernels.pdf
Beyond that, it's really just a matter of installing cloud-init (so authorized SSH keys are imported on first boot and host keys are are generated) and setting up the VNC stuff.
November 17, 2011 at 5 25 PMPleaseeee create a AMI for the new BT5 RC2 !! Thank you and GREAT WORK!
February 25, 2012 at 3 59 PMI cannot load these AMI's. Can you please check the link again?
June 19, 2012 at 3 24 PM