Hak5 1016 – Virtualized USB booting with QEMU, Steganalysis with Scalpel, x11vnc, screen for windows

This time on the show, carving hidden files with scalpel, booting USB drives in Linux from QEMU and VNC tips for BackTrack and Android. All that and more this time on Hak5!

Download HD Download MP4

Int0x80’s Scalpel Segment

Booting USB drives from within Linux with Qemu

Earlier in the season I talked about using the plop bootloader to boot USB thumbdrives from Virtual Box in Windows. Well, today thanks to an email from Rob we’ll be doing something similar in Linux.
Rob wrote:

Hey Guys and Gal,
I saw the *fix* for Virtualbox booting a USB drive with plop and loved it. Plop is how I boot USB on my Macbook Pro. Nice tip, but here’s another way to test your USB keys, fire up a terminal and launch ‘ sudo qemu -hda /dev/sdx ‘ where x is the drive letter of your USB drive under Linux. Qemu will launch a VM with the key as a hard drive. Hope someone gets some use out of this.

Thanks Rob!
We’ll begin by opening a terminal. The shortcut since I’m using Gnome is CONTROL+ALT+T.

Now if you don’t already have qemu installed you can get it by entering “”sudo apt-get install qemu””. I’ve already done this so it will just say it’s already installed.

So now that QEMU is installed we’ll need to figure out what device our thumbdrive is. One way to figure this out is to enter “”ls /dev/sd*”” before and after plugging in your flash drive and seeing what changed. So I’ll type “”ls /dev/sd*”” and hit enter and I can see I have “”sda”” and “”sdb”” and if I plug my thumbdrive in now, wait a moment for it to pop up, and now enter “”ls /dev/sd*”” again I’ll see that “”sdc”” shows up.
Another way to figure this out is to enter “”dmesg”” and look for the attached device.

Ok so with all that figured out we’re ready to finally boot off our thumb drive. Just type “”sudo qemu -hda /dev/sdc”” and hit enter.
And there you go, your thumb drive is booting from within Linux using QEMU. Here I can see Puppy Linux is starting up. Yay! Now I have Linux running inside of Linux! That’s almost as fun as dividing by zero! That’s so meta… ha! So do you have comments or questions? Email me at [email protected] or drop a line in the comments section.

If you’re into Hak5 you’ll love our new show by hosts Darren Kitchen and Shannon Morse. Check out HakTip!

Whether you’re a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more

And let’s not forget to mention that you can follow us on Twitter and Facebook, Subscribe to the show and get all your Hak5 goodies, including the infamous WiFi Pineapple over at HakShop.com. If you have any questions or suggestions please feel free to contact us at [email protected].


  • Bob Wya

    I reckon “sudo blkid” – or “blkid” as root user – run in a terminal is an easier way to see what attached storage device (partitions) you have in a system. (“parted” is also a good terminal utility for checking attached storage devices!) The output of these tools is more readable by human beings than /dev/ id’s!!

  • 0xphk


    simply put the bin folder containing all the useful ported Unix utils to your %PATH% variable, so ls, touch, grep & co are available to your command shell in windows and not limited to the cygwin bash shell only.
    there is a ls port for win which also supports color profiles to make the text output a little nicer.

    cheers phk

  • Spencer

    Did you already have puppy linux on your computer or does it download with qemu? I got this error and i am not sure what i did wrong ;(

    Could not initialize KVM, will disable KVM support
    qemu: pci_add_option_rom: failed to find romfile “pxe-rtl8139.bin

    Does it search your whole computer for the romfile or is it supposed to be in a certain spot?

  • Paramasivan

    Ya It’s working for me… But I got an error even though it worked properly..

    [email protected]:/media/BackupDisk/books/Working OS# qemu -hda /dev/sdb
    pci_add_option_rom: failed to find romfile “pxe-rtl8139.bin”

  • Matt

    Looking back at some of the old HAK5 videos, and I just noticed there is a lineman handset in the background!

    I’m thinking someone here was a phreaker 😉

  • EleanoreCMinnifield

    Nice weblog here! Additionally your web site rather
    a lot up very fast! What host are you the usage of? Can I am
    getting your associate hyperlink on your host?
    I desire my web site loaded up as quickly as yours lol

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>