beta-tester

KERNEL http://192.168.1.1/nfs/kaspersky-rescue-x86/boot/grub/k-x86_64 i used now and it works as well.

64-bit kernel recommended (k-x86_64). 32-bit kernel used for compatibility with old computers. oops, sorry in reallity it is the x86_64 version ISO, but i still not corrected the names in my project file

Yury N. thank you very much. i tested it. with the current ISO i can PXE boot out of the box, without overlaying a custom init file... very nice. here the pxelinux options i used: LABEL kaspersky-rescue-x86 MENU LABEL Kaspersky Rescue Disk KERNEL http://192.168.1.1/nfs/kaspersky-rescue-x86/boot/grub/k-x86 INITRD http://192.168.1.1/nfs/kaspersky-rescue-x86/boot/grub/initrd.xz APPEND netboot=nfs://192.168.1.1:/srv/nfs/kaspersky-rescue-x86 ro dostartx -- lang=us setkmap=us TEXT HELP Boot to Kaspersky Rescue Disk ENDTEXT

--- original/init 2018-05-23 14:59:15.000000000 +0200 +++ custom/init 2018-12-22 09:09:04.863630200 +0100 @@ -493,7 +493,7 @@ echo "--- ${cureth}: link=${linkstate}, mac=${mac}" # If the link is up, then try (even if another interface already has a dhcp address) - if [ "${linkstate}" != 'no-link' ] + if [ "${linkstate}" != 'no-link' ] then good_msg "Attempting to get a DHCP address on ${cureth}..." [ -n "${DHCPHOSTNAME}" ] && hostnameopt="-H ${DHCPHOSTNAME}" @@ -639,7 +639,7 @@ for curfile in ${FILENAMES} do filename="${curfile}" - filecksm=$(echo ${curfile} | sed -e 's!.dat!.md5!' -e 's!.srm!.md5!') + filecksm=$(echo ${curfile} | sed -e 's!.dat!.sha512!' -e 's!.srm!.sha512!') urldatafile="${BASEADDR}/${filename}" urlchecksum="${BASEADDR}/${filecksm}" good_msg "Downloading ${urldatafile} ..." @@ -665,13 +665,13 @@ sysresccd_panic "Cannot download the \"${filename}\" boot file." fi - md5now=$(/bin/busybox md5sum ${BOOTPATH}/${filename} | cut -d ' ' -f1) - md5exp=$(cat ${BOOTPATH}/${filecksm} | cut -d ' ' -f1) - if [ "${md5now}" = "${md5exp}" ] + sha512now=$(/bin/busybox sha512sum ${BOOTPATH}/${filename} | cut -d ' ' -f1) + sha512exp=$(cat ${BOOTPATH}/${filecksm} | cut -d ' ' -f1) + if [ "${sha512now}" = "${sha512exp}" ] then - good_msg "Successfully downloaded and md5 checked \"${filename}\"" + good_msg "Successfully downloaded and sha512 checked \"${filename}\"" else - sysresccd_panic "Filesystem image ${filename} is corrupt: md5sum incorrect" + sysresccd_panic "Filesystem image ${filename} is corrupt: sha512sum incorrect" fi done } @@ -710,7 +710,7 @@ for curfile in ${FILENAMES} do filename="${curfile}" - filecksm=$(echo ${curfile} | sed -e 's!.dat!.md5!' -e 's!.srm!.md5!') + filecksm=$(echo ${curfile} | sed -e 's!.dat!.sha512!' -e 's!.srm!.sha512!') urldatafile="${tftpurl}/${filename}" urlchecksum="${tftpurl}/${filecksm}" good_msg "Downloading ${urldatafile} ..." @@ -730,13 +730,13 @@ sysresccd_panic "Cannot download the files: tftp failed. May be due to lack of memory" fi - md5now=$(/bin/busybox md5sum ${BOOTPATH}/${filename} | cut -d ' ' -f1) - md5exp=$(cat ${BOOTPATH}/${filecksm} | cut -d ' ' -f1) - if [ "${md5now}" = "${md5exp}" ] + sha512now=$(/bin/busybox sha512sum ${BOOTPATH}/${filename} | cut -d ' ' -f1) + sha512exp=$(cat ${BOOTPATH}/${filecksm} | cut -d ' ' -f1) + if [ "${sha512now}" = "${sha512exp}" ] then - good_msg "Successfully downloaded and md5 checked \"${filename}\"" + good_msg "Successfully downloaded and sha512 checked \"${filename}\"" else - sysresccd_panic "Filesystem image ${filename} is corrupt: md5sum incorrect" + sysresccd_panic "Filesystem image ${filename} is corrupt: sha512sum incorrect" fi done } @@ -758,13 +758,13 @@ sysresccd_panic "Cannot find the \"${SUBDIR}/${LOOPDAT}\" boot file." fi - md5now=$(/bin/busybox md5sum ${BOOTPATH}/${SUBDIR}/${LOOPDAT} | cut -d ' ' -f1) - md5orig=$(cat ${BOOTPATH}/${SUBDIR}/${LOOPMD5} | cut -d ' ' -f1) - if [ "$md5now" = "$md5orig" ] + sha512now=$(/bin/busybox sha512sum ${BOOTPATH}/${SUBDIR}/${LOOPDAT} | cut -d ' ' -f1) + sha512orig=$(cat ${BOOTPATH}/${SUBDIR}/${LOOPSHA512} | cut -d ' ' -f1) + if [ "$sha512now" = "$sha512orig" ] then - good_msg "Successfully checked md5 sum of ${BOOTPATH}/${LOOPDAT}" + good_msg "Successfully checked sha512 sum of ${BOOTPATH}/${LOOPDAT}" else - sysresccd_panic "md5sum checksum is invalid on the root filesystem image" + sysresccd_panic "sha512sum checksum is invalid on the root filesystem image" fi # load system rescue modules (srm files) @@ -818,7 +818,7 @@ searchdevices="${devtype}" ;; esac - + echo "${searchdevices}" return 1 } @@ -945,7 +945,7 @@ good_msg " sha512 0x${sha512now} is valid for '${cursrm}'" else checksum_mismatch='1' - bad_msg " sha512 0x${sha512now} is invalid for '${cursrm}' (expected 0x${sha512orig})" + bad_msg " sha512 0x${sha512now} is invalid for '${cursrm}' (expected 0x${sha512orig})" fi fi done @@ -988,7 +988,7 @@ # --------------- Cache other files cp -a ${BOOTPATH}/${SUBDIR}/version ${CACHEDIR}/ 2>/dev/null - cp -a ${BOOTPATH}/${SUBDIR}/${LOOPMD5} ${CACHEDIR}/${LOOPMD5} 2>/dev/null + cp -a ${BOOTPATH}/${SUBDIR}/${LOOPSHA512} ${CACHEDIR}/${LOOPSHA512} 2>/dev/null # ---------------- Cache all squashfs filesystems for curfile in ${CACHEFILES} @@ -1042,7 +1042,7 @@ good_msg "Copying extra directories for caching..." if ! cp -a ${BOOTPATH}/${SUBDIR}/???linux ${BOOTPATH}/${SUBDIR}/bootdisk \ ${BOOTPATH}/${SUBDIR}/ntpasswd ${BOOTPATH}/${SUBDIR}/usb_inst* \ - ${BOOTPATH}/${SUBDIR}/boot ${BOOTPATH}/${SUBDIR}/efi ${CACHEDIR}/ + ${BOOTPATH}/${SUBDIR}/boot ${BOOTPATH}/${SUBDIR}/efi ${CACHEDIR}/ then rm -rf ${CACHEDIR}/???linux ${CACHEDIR}/bootdisk ${CACHEDIR}/ntpasswd rm -rf ${CACHEDIR}/usb_inst* ${CACHEDIR}/boot ${CACHEDIR}/efi @@ -1292,7 +1292,7 @@ fi fi done - + if ! mount -n --move ${TFTPBOOT_DIR} ${NEWROOT}${TFTPBOOT_DIR} then bad_msg "Cannot move [${TFTPBOOT_DIR}] -> [${NEWROOT}${TFTPBOOT_DIR}]" @@ -1353,7 +1353,7 @@ curconfig="dhcp" fi - echo "mac_${cureth}=\"${curmac}\"" >> ${NEWROOT}/etc/conf.d/net + echo "mac_${cureth}=\"${curmac}\"" >> ${NEWROOT}/etc/conf.d/net echo "config_${cureth}=\"${curconfig}\"" >> ${NEWROOT}/etc/conf.d/net done echo "Writing network configuration in ${NEWROOT}/etc/conf.d/net:" @@ -1368,6 +1368,8 @@ # manage services rm -f ${NEWROOT}/etc/init.d/crypto-loop rm -f ${NEWROOT}/etc/init.d/drbd + + cp /etc/resolv.conf ${NEWROOT}/etc/ } sysresccd_stage3_rootsys() # mount the root partition on ${SQUASHFSMNT} @@ -1757,7 +1759,7 @@ BACKSTORE_MEM='/memory' BACKSTORE_DAT='sysrcd.bs' LOOPDAT='kernel.dat' -LOOPMD5='kernel.dat.md5' +LOOPSHA512='kernel.dat.sha512' INITPROG='/sbin/init' CONSOLE='/dev/console' CACHEDIR='/cache'

thank you very much! can you already tell, when the next version will be available?

is no Kaspersky Lab Employee available to answer/comment? maybe Yury N. ?

out of pure interest, does KRD2018 support volumes encrypted by Microsoft BitLocker? (i never tried out if it is possible)

hello MagnusKnight , i am not sure, but AutorunReg sounds to me, that there is an autorun registry entry on you systems. those autorun entries can contains filenames and commandline opperations as well. those autorun entried will be executed everytime your system boot or when a user logged in. when the autorun entry is a commandline opperation, then it is fileless, because no specific/additional file is envolved, that can be "quarantained". remember, in a commandline you can put a lot of opperations and can contain a full trojan/virus script or at least commands to download and execute other software.

in the current Kaspersky Rescure DVD 2018 there is an init file included, that, if PXE booted, looks for md5 checksum files only, but the ISO only contains sha512 check sum files. to be able to PXE boot a Kaspersky Rescue DVD, i have to provide a modified init file, where all "md5" & "MD5" are replaced by "sha512" & "SHA512". on the ISO the init file is located at: /boot/grub/initrd.xz -> /initrd/init Kaspersky Rescure 2018 is used in my tiny RPi-PXE-Server project.