KPLive 0.1 Beta

KPLive is a Live CD based on Minimal Linux Live on which it is possible to mount NTFS partitions, create files/folders on these partitions and manage their attributes. The main purpose of this iso is to restore the backups of the Windows registry created by KpRm. To simplify hive restoration, I included a script (kprm_restore_hives) that automates all commands and generates a report (C:\kprm_restore_[date].txt). The Live CD also contains busyboxes and therefore a large number of standard commands are available.

 

The Live CD offers these features:

  • read/write NTFS partitions (ntfs-3g + fuse)
  • view/modify/create file/folder attributes for Windows (attr + ntfs_attr)
  • restore registry backups created by KpRm (kprm_restore_hives)
  • search/replace infected Windows drivers with the script drivers.sh of noahdfear (noahdfear_drivers.sh)
  • connect to the internet
  • statically install new programs (e. g. a text-based browser,...) (static_get)
  • start on bios/efi
  • ...

 

How to restore Windows hives?

  • Make a bootable key or CD
  • Start on the support
  • Validate the different steps by pressing ENTER or SPACE (let yourself be guided)
  • Possibly change keyboard (American by default)
    • loadkeys fr (french)
    • loadkeys fr_CH (French Switzerland)
    • loadkeys de (German)
    • ...
  • Write kprm_restore_hives
  • Choose the right backup and press ENTER
  • A report is created under C:\kprm_restore_[date].txt

 

See a demonstration video: https://peertube.mastodon.host/videos/watch/4c4c0a59-a793-43c4-a6a3-644b4df52ec6

WebSite: https://kernel-panik.me/tool/kplive/

Source Code: https://github.com/KernelPan1k/KpLive

 

Downloads 309
Weekly downloads 75
Publisher kernel-panik
By kernel-panik
Created on 10 August 2019
Last update 12 August 2019
Category Utilities
Operating system Cross-platform

More