You might have noticed BackTrack 4 Beta is out for a few days. Since it brings some interesting new features I planned to upgrade/reinstall my BT3 USB to the latest edition.

For the Linux users there is a quick install guide that enumerates the different commands needed to setup the system.
Having at that precise moment only a Windows system laying around I had to follow another procedure. The easiest way is the following:

1. First format your partition as FAT32. Windows refuses to format partitions bigger than 30GB in FAT32 (to force users to use NTFS). It's only a GUI limitation so you can still use the CLI to format d: /fs:fat32.
2. Now download Unetbootin. It's a kind of assistant to install ISO's to your USB disk. (Thanks for the tip Security4all)
3. In Unetbootin choose Disk image and specify the path to the BT4b iso file.
4. In the Type I had to choose manual as Unetbootin didn't detect my disk as USB disk.
5. Just press the OK button and wait.

I noticed there was no bootloader installed on the USB disk so I had to to this manually. It's fairly simple:
Browse to the disk located on your computer and execute the d:\boot\bootinst.bat script. The script will try to autodetect the drive letter and will ask a confirmation. Double check it and confirm.

Now boot your system from the USB disk and here it is: BackTrack 4 beta.

Been playing with BackTrack3beta USB edition. It looks very nice at the first sight. More info will come later.

Howto randomize your MAC addresses.

IFACES=$(ifconfig  | grep HWadd | awk '{ print $1 }')
# IFACES=$(ls /sys/class/net | grep -v -e sit -e lo)
for iface in ${IFACES}; do
  echo "-- Changing the MAC addr of iface: ${iface}"
  macchanger -a ${iface} ;
  sleep 1s;
done;

You might think it's not a bad idea to put that script in /etc/rc.d/rc.local to have it start at boot. But then you notice it might be too late because your normal MAC-address is already broadcasted over the wire/air.
rc.local is in fact called as last script during boot time. This means that /etc/rc.d/rc.inet1, the script that brings up your interfaces and start a dhcp client, has already run. When sending DHCP requests you also send your MAC-address and thus show the network who you really are. Even for an ethical hacker this isn't something you'd want.

To solve this there are, as usual, different ways.
BackTrack has a built-in setting for configuring your interface settings. The file /etc/rc.d/rc.inet1.conf has a variable HWADDR[0]="00:01:23:45:67:89" to let you set a non-default MAC-address. (With [0] the number of the interface).

Personally I'd like to have a non-static MAC, something that doesn't leave traces on my machine.
So I put my random-mac-script before rc.inet1 is called.