Skip to content

Instantly share code, notes, and snippets.

@john-clark
Last active September 15, 2022 15:45
Show Gist options
  • Save john-clark/5470826 to your computer and use it in GitHub Desktop.
Save john-clark/5470826 to your computer and use it in GitHub Desktop.
ipxe script for wds created by johnrclark3@gmail.com
#!ipxe
set use-cached 1
dhcp || goto dhcpfail
cpuid --ext 29 && set arch x64 || set arch x86
:prompt
prompt --key 0x02 --timeout 2000 Press Ctrl-B to break boot sequence... && goto ipxeshell ||
chain -ar http://${next-server}/boot/strap.asp && goto exit || echo ERROR: Can't chain to http://${next-server}/boot/strap.asp
echo Lets try again...
goto prompt
:dhcpfail
echo this should never happen because we are using data from pxe boot
echo maybe you are using undionly.pxe instead of undionly.kkpxe
:ipxeshell
shell
:exit
exit
<%
dim debug
debug = false
' See if there is an user agent set, if not then it is ixpe
dim user_agent
user_agent = request.servervariables("HTTP_USER_AGENT")
If Left(user_agent,4) = "iPXE" Then
response.contenttype="text/plain"
else
response.ContentType="text/HTML"
response.write("This is a iPXE script.<br><a href=http://ipxe.org/>http://ipxe.org/</a><pre>"&vbcrlf)
End If
'send the header and set some variables
response.write("#!ipxe"&vbcrlf)
cls
archdetect
if debug = true then
pause
end if
'if mac not set then put ipxe variables into asp
dim mac
mac = Request.QueryString("mac")
If mac = "" Then
'this sub will reload strap.asp with query vars
overload_chain_strap
End If
if debug = true then
print_vars
'lets give another chance to shell
shell_prompt(9000)
end if
'only one default right now
wds
%>
<!-- #include file="subs.asp" -->
<%
'Key Keycode
'Ctrl-A 0x01
'Ctrl-B 0x02
'Ctrl-C 0x03
'…
'Ctrl-Z 0x1a
'F5 0x107e
'F6 0x127e
'F7 0x137e
'F8 0x147e
'F9 0x157e
'F10 0x167e
'F11 0x187e
'F12 0x197e
sub pause()
response.write("prompt Press any key to continue."&vbcrlf)
end sub
sub shell_prompt(tics)
response.write("prompt --key 0x02 --timeout " & tics & " Press Ctrl-B to break boot sequence... && shell || goto continue"&vbcrlf)
response.write("exit"&vbcrlf)
response.write(":continue"&vbcrlf)
end sub
sub cls()
response.write("iseq ${cls} serial && goto ignore_cls ||"&vbcrlf)
response.write("set cls:hex 1b:5b:4a"&vbcrlf)
response.write("set cls ${cls:string}"&vbcrlf)
response.write(":ignore_cls"&vbcrlf)
end sub
sub archdetect()
response.write("isset ${arch} && goto skip_arch_detect ||"&vbcrlf)
response.write("cpuid --ext 29 && set arch x64 || set arch x86"&vbcrlf)
response.write(":skip_arch_detect"&vbcrlf)
end sub
sub space()
response.write("set space:hex 20:20"&vbcrlf)
response.write("set space ${space:string}"&vbcrlf)
end sub
sub menuheader(name)
' item --gap -- ---------------- Advanced configuration ---------------- <- example start with dashes
response.write("item --gap "&name &vbcrlf)
end sub
sub menublank()
response.write("item "&name &vbcrlf)
end sub
sub menuitem(name, key, def, label)
'item [--menu <menu>] [--key <key>] [--default] [<label>]
if def = true then
default = "--default"
else
default = ""
end if
if (key) <> "" then
key = "--key " &key &" "
else
key = " "
end if
response.write("item "&key &name &" " &label &" " &default &vbcrlf)
end sub
sub menuchoose(menu, target, default, tout, keep)
' choose [--menu <menu>] [--default <label>] [--timeout <timeout>] [--keep] <setting>
' not sure what menu or keep options are for...
if (default) <> "" then
default = "--default " & default & " "
else
default = ""
end if
if (tout) <> "" then
timeout = " --timeout " &tout &" "
else
timeout = " "
end if
response.write("choose "&default &timeout &target &" && goto ${" &target &"} || goto ${" &menu &"} " &vbcrlf)
end sub
'------------------------------------------
sub wds()
response.write("set filename wdsnbp.com"&vbcrlf)
'response.write("set next-server 192.168.2.121"&vbcrlf) 'set this if your wds is on a different server
response.write("chain -ar tftp://${next-server}/boot/${arch}/${filename} && exit chain || echo chain failed"&vbcrlf)
response.write("echo something went wrong, so here is a shell"&vbcrlf)
response.write("shell"&vbcrlf)
response.end
end sub
sub wimboot(folder,bootwim)
response.write("kernel "&folder&"/wimboot" &vbcrlf) 'wimboot
response.write("initrd "&folder&"/${arch}/media/bootmgr bootmgr" &vbcrlf) 'bootmgr
response.write("initrd "&folder&"/${arch}/media/boot/bcd BCD" &vbcrlf) 'BCD
response.write("initrd "&folder&"/${arch}/media/boot/boot.sdi boot.sdi"&vbcrlf) 'boot.sdi
response.write("initrd "&folder&"/${arch}/"&bootwim&" boot.wim"&vbcrlf) 'boot.wim
response.write("boot" &vbcrlf) 'boot
End sub
sub mountiscsi(fname,drive)
' function call example iscsiboot("xp","86","")
response.write("set keep-san 1"&vbcrlf)
response.write("set initiator-iqn " &fname &vbcrlf)
response.write("set root-path iscsi:\${files-server}::::" &fname &vbcrlf)
response.write("sanhook --drive " &drive & " \${root-path} && echo mounted || goto error"&vbcrlf)
End sub
sub iscsiboot(os,ver,id,drive)
' function call example iscsiboot("8","x64","test")
call mountiscsi(os&ver&id,drive)
response.write("sanboot --drive " &drive &vbcrlf)
end sub
'------------------------------------------
sub print_vars()
print_http_vars("cookie")
pause
print_http_vars("form")
pause
print_http_vars("query")
pause
print_http_vars("server")
pause
print_dhcp_vars
pause
print_ipxe_vars
pause
end sub
sub print_dhcp_vars()
response.write("echo ___DHCP VARS___"&vbcrlf)
For i = 1 To 255
response.write("isset ${" & i & "} && echo option " & i & " = ${" & i & "} ||"&vbcrlf)
Next
end sub
sub print_http_vars(strCase)
dim Item,SubItem
select case strCase
case "cookie"
Response.Write("echo ___COOKIES___"&vbcrlf)
For Each Item in Request.Cookies
Response.Write("echo ")
if Request.Cookies(Item).HasKeys then
for each SubItem in Request.Cookies(Item)
response.write(Item & "(" & SubItem & ") = " & Request.Cookies(Item)(SubItem) &vbcrlf)
next
else
Response.Write(Item & " = " & Request.Cookies(Item) &vbcrlf)
end if
Next
Case "form"
Response.Write("echo ___FORM INPUT___ "&vbcrlf)
For Each Item in Request.Form
Response.Write("echo ")
if Request.Form(Item).HasKeys then
for each SubItem in Request.Form(Item)
response.write(Item & "(" & SubItem & ") = " & Request.Form(Item)(SubItem) &vbcrlf)
next
else
Response.Write(Item & " = " & Request.Form(Item) &vbcrlf)
end if
Next
Case "query"
Response.Write("echo ___QUERIES___"&vbcrlf)
For Each Item in Request.QueryString
Response.Write("echo " &Item& " = " &Request.Querystring(Item) &vbcrlf)
Next
Case "server"
Response.Write("echo ___SERVER VARS___"&vbcrlf)
For Each Item in Request.ServerVariables
Select Case Item
Case "ALL_HTTP","ALL_RAW"
Case Else
if (Request.ServerVariables(Item)) <> "" then
Response.Write("echo "& Item & " = " & Request.ServerVariables(Item) &vbcrlf)
end if
End Select
Next
Case else
response.write("echo ___SERVER VAR CASE NOT FOUND___"&vbcrlf)
end select
end sub
sub print_ipxe_vars
'ipxe variables
Response.Write("echo ___iPXE VARS___"&vbcrlf)
dim iPXEvars, i
iPXEvars = Array("mac","busid","ssid","active-scan","key", _
"ip","netmask","gateway","dns","domain", _
"filename","next-server","root-path","initiator-iqn", _
"keep-san","skip-san-boot","hostname","uuid","user-class", _
"manufacturer","product","serial","asset", _
"username","password","reverse-username","reverse-password", _
"crosscert","trust","cert","privkey","scriptlet","priority", _
"dhcp-server","use-cached","syslog","syslogs", _
"buildarch","platform")
for each i in iPXEvars
response.write("isset ${" & i & "} && echo option " & i & " = ${" & i & "} ||"&vbcrlf)
next
end sub
sub overload_chain_strap()
dim overload
overload = Array("mac=${mac}","busid=${busid}", _
"ssid=${ssid}","active-scan=${active-scan}","key=${key}", _
"ip=${ip}","netmask=${netmask}","gateway=${gateway}", _
"dns=${dns}","domain=${domain}", "hostname=${hostname}", _
"filename=${filename}","next-server=${next-server}", _
"root-path=${rootpath}","initiator-iqn=${initiator-iqn}", _
"keep-san=${keep-san}","skip-san-boot=${skip-san-boot}", _
"uuid=${uuid}","user-class=${user-class}", _
"manufacturer=${manufacturer}","product=${product}", _
"serial=${serial}","asset=${asset}", _
"username=${username}","password=${pasword}", _
"reverse-username=${reverse-username}","reverse-password=${reverse-password}", _
"crosscert=${crosscert}","cert=${cert}", _
"trust=${trust}", "privkey=${privkey}", _
"scriptlet=${scriptlet}","priority=${priority}", _
"dhcp-server=${dhcp-server}","use-cached=${use-cached}", _
"syslog=${syslog}","syslogs=${syslogs}", _
"buildarch=${buildarch}","platform=${platform}")
response.write("chain -ar http://${next-server}/boot/strap.asp?")
for each i in overload
response.write(i & "&")
next
response.write("arch=${arch}"&vbcrlf)
end sub
%>
@john-clark
Copy link
Author

required

Linux box for compiling ipxe,
windows box with iis and wds,
Turn off wds proxy dhcp option,
dhcp server with filename and next server options set.

install

embedme.kkpxe is to be used with ipxe (make undionly.kkpxe EMBED=embedme.kkpxe)
strap.asp should be put on your iis server in a boot folder

About

http://creativecommons.org/licenses/by-sa/3.0/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment