Samiux's Blog

Open Source is a great idea and it has changed the world! Open Source forever ....

While you do not know attack, how can you know about defense? (未知攻,焉知防?)

Do BAD things .... for the RIGHT reasons -- OWASP ZAP

It is easier to port a shell than a shell script. -- Larry Wall

Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris. -- Larry Wall

为天地立心，为生民立命，为往圣继绝学，为万世开太平。 -- 王炜

Saturday, March 10, 2012

HOWTO : Encrypt/Decrypt BackTrack 5 R2 with Passphrase

Credit to : Infosec Ramblings and Hak5.org

Step 1 :

The hard drive partitioning is as the following :

/dev/sda1 for /boot
/dev/sda5 for /

Assume the hard drive is band new.

fdisk /dev/sda

n

p

1

+4G

n

e

2

n

l

p

w

* where +4G is set to 4GB for the /dev/sda1 as /boot. You can set it to +1024M or smaller.

Step 2 :

cryptsetup -y -c aes-xts-plain -s 512 luksFormat /dev/sda5

cryptsetup luksOpen /dev/sda5 haktop

* where haktop is the device label

Step 3 :

mkfs.ext2 /dev/sda1

mkfs.ext4 /dev/mapper/haktop

Step 4 :

Install BackTrack 5 R2 as is. However, select custom partitioning. Do not format the partitions. Select /dev/mapper/haktop as ext4 and / while select /dev/sda1 as ext2 and /boot.

Make sure the bootloader is installed at /dev/sda.

Step 5 :

Once the installation is completed, select "Continue testing" and do not reboot the system.

mkdir /mnt/haktop



mount /dev/mapper/haktop /mnt/haktop/

mount /dev/sda1 /mnt/haktop/boot



chroot /mnt/haktop/



mount -t proc proc /proc

mount -t sysfs sys /sys/

Step 6 :

Get the UUID of sda5 by opening another terminal :

blkid /dev/sda5

Copy down the UUID of the /dev/sda5.

nano /etc/crypttab

haktop /dev/disk/by-uuid/<UUID Key> none luks

Step 7 :

nano /usr/share/initramfs-tools/scripts/local-top/cryptroot

Locate the following :

# Try to get a satisfactory password $crypttries times

   count=0

   while [ $crypttries -le 0 ] || [ $count -lt $crypttries ]; do

Change to :

count=0

echo "Unlocking the disk $cryptsource ($crypttarget)"

while [ $crypttries -le 0 ] || [ $count -lt $crypttries ]; do

Locate the following :

if [ -z "$cryptkeyscript" ]; then

   cryptkey="Unlocking the disk $cryptsource ($crypttarget)\nEnter passphrase: "

if [ -x /bin/plymouth ] && plymouth --ping; then

Change to :

if [ -z "$cryptkeyscript" ]; then

   cryptkey="Enter passphrase: "

if [ -x /bin/plymouth ] && plymouth --ping; then

Step 7a :

update-initramfs -u

fix-splash

Now, reboot the system. The bootup will halt at the wallpaper of BackTrack 5. Just press F8 and deleted the prompted "****" and then enter your passphrase to boot the system.

Or, you can just key in the passphrase when the bootup process is stopped at the wallpaper.

Step 8 : (Optional)

If you do not want to press F8, you can delete the "splash" from the following line.

nano /boot/grub/grub.cfg

Locate the following :

linux /vmliunx-3.2.6 root=/dev/mapper/haktop ro text splash vga=791

To make it look likes :

linux /vmliunx-3.2.6 root=/dev/mapper/haktop ro text vga=791

Then, you will be prompted for entering your passphrase on every boot up.

Step 9 :

After the system is boot up, it is required to create swap file.

dd if=/dev/zero of=/swapfile1 bs=1M count=8192

* Where count=8192 is 8GB

mkswap /swapfile1

chown root:root /swapfile1

chmod 0600 /swapfile1



swapon /swapfile1



nano /etc/fstab



/swapfile1 swap  swap  defaults  0  0

Then reboot the system.

See Also : HOWTO : Encrypt/Decrypt BackTrack 5 R2 with USB stick

That's all! See you.