Encrypted in full
Once there was an idea to hide the data away from human eyes, I picked up various encryption systems and found a huge minus in them, they advertise their presence (need to be installed) and make the fact that the cryptocontainer is clear (empty section or file with a cryptocontainer)
Those. in both cases, “thermorectal cryptanalysis TM ” is possible upon the presence of encrypted information on the computer.
What led me to write a small script.
It can be run even from the LiveCD, it does not create encrypted files or partitions, but of course it has the following problems:
Below is the code, use it at your own risk, in which case I am not responsible for damage to your data.
Who cares look under the cat.
')
The essence of all gestures is to create a cryptocontainer on the used disk in an unused area using only the built-in commands of the standard Ububntu LiveCD.
I tested it only in a sandbox (on a separate section with a size of 200MB I created a 50MB cryptocontainer with an offset of 50MB) MD5 sums of files on the physical partition (20MB) and in the cryptocontainer (10 MB) came together with the originals.
We do everything under the root (sudo su).
device, place (Offset), the size is replaced with its own. The size and offset from the beginning of the disk everywhere specified inmegabytes bytes.
modprobe cryptoloop
modprobe aes
mkdir ~ / mnt1
mount -t tmpfs ~ / mnt1
dd if = / dev / urandom of = ~ / mnt1 / file bs = 1M count = size
losetup -e aes / dev / loop2 ~ / mnt1 / file
// enter the password
mkfs -t ext2 / dev / loop2
dd if = / dev / loop2 of = device bs = 1M seek = place count = size
losetup -e aes / dev / loop1 <device> -o <place> --sizelimit <size>
// enter the password
mount / dev / loop1 <mount point>
mkfs -t ext2 <mount point>
modprobe cryptoloop
modprobe aes
mkdir ~ / mnt1
mkdir ~ / mnt2
mount -t tmpfs ~ / mnt1
dd of = ~ / mnt1 / file if = device bs = 1M skip = location count = size
losetup -e aes / dev / loop2 ~ / mnt1 / file
// enter the password
mount / dev / loop2 ~ / mnt2
losetup -e aes / dev / loop1 <device> -o <place> --sizelimit <size>
// enter the password
mount / dev / loop1 <mount point>
umount / dev / loop2
dd if = / dev / loop2 of = device bs = 1M seek = place count = size
umount / dev / loop1
If anyone knows a simpler solution I ask in the comment. And once again I warn you, this method is dangerous for your data, use it only in extreme cases. Also in the script there may be errors and inaccuracies, so I do not advise using it on very important data.
PS: As a continuation of this method in a small container created in this way, you can put a full-fledged program for encryption, for example, the same Truecrypt. Or come up with something of their own using a similar principle, but more convenient and safer.
UPD: Early was young and stupid, everything is done much easier than was originally presented, actually corrected the article.
Those. in both cases, “thermorectal cryptanalysis TM ” is possible upon the presence of encrypted information on the computer.
What led me to write a small script.
It can be run even from the LiveCD, it does not create encrypted files or partitions, but of course it has the following problems:
- control the integrity of the data will have to manually;
Below is the code, use it at your own risk, in which case I am not responsible for damage to your data.
Who cares look under the cat.
')
The essence of all gestures is to create a cryptocontainer on the used disk in an unused area using only the built-in commands of the standard Ububntu LiveCD.
I tested it only in a sandbox (on a separate section with a size of 200MB I created a 50MB cryptocontainer with an offset of 50MB) MD5 sums of files on the physical partition (20MB) and in the cryptocontainer (10 MB) came together with the originals.
We do everything under the root (sudo su).
device, place (Offset), the size is replaced with its own. The size and offset from the beginning of the disk everywhere specified in
Create
modprobe cryptoloop
modprobe aes
losetup -e aes / dev / loop1 <device> -o <place> --sizelimit <size>
// enter the password
mount / dev / loop1 <mount point>
mkfs -t ext2 <mount point>
We mount
modprobe cryptoloop
modprobe aes
losetup -e aes / dev / loop1 <device> -o <place> --sizelimit <size>
// enter the password
mount / dev / loop1 <mount point>
Unmount
umount / dev / loop1
Note
If anyone knows a simpler solution I ask in the comment. And once again I warn you, this method is dangerous for your data, use it only in extreme cases. Also in the script there may be errors and inaccuracies, so I do not advise using it on very important data.
PS: As a continuation of this method in a small container created in this way, you can put a full-fledged program for encryption, for example, the same Truecrypt. Or come up with something of their own using a similar principle, but more convenient and safer.
UPD: Early was young and stupid, everything is done much easier than was originally presented, actually corrected the article.
Source: https://habr.com/ru/post/59247/
All Articles