Results 1 to 10 of 10

Thread: cracking an encrypted hard drive

  1. #1
    Junior Member
    Join Date
    Jul 2009
    Posts
    37

    Default cracking an encrypted hard drive

    im having a little trouble with this "challenge" my buddy gave me, he uses red hat (2.6 kernel) and the whole hard drive is encrypted except /boot/, which i could find out with backtrack by opening up the hard drive.. my question is what are the steps one would go through to get root on this machine, or some kind of trick to decrypt the hard drive, and view its files...total noob here on encryption but i thought i could find an experienced user here in the specialist section

  2. #2
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Do you know what kind of encryption he's using? Sounds like luks, but could be something else. Most likely you're SOL.

  3. #3
    Junior Member
    Join Date
    Mar 2006
    Posts
    28

    Default

    Step 1: Install a keystroke logger
    Step 2: Wait for you friend to log on
    Step 3: Profit

    Full hard drive encryption is tough to deal with. Technically it is also vulnerable to password cracking attacks, but most encryption packages make it very expensive, (time consuming), to make a guess, and there just aren't many good tools out there to even try simple password guesses.

  4. #4
    Junior Member
    Join Date
    Jul 2009
    Posts
    37

    Default

    thats what i was thinking, when you guess passwords at the login screen, it takes about 5 seconds, so brute forcing would be time consuming even i could get a dictionary to automatically be typed in...

    what im going toward is fighting the boot loader, he uses grub, and i can freely edit the grub config file, so would there be some kind of argument that gets me a shell right at boot time?

  5. #5
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by b3r00tb4ck View Post
    thats what i was thinking, when you guess passwords at the login screen, it takes about 5 seconds, so brute forcing would be time consuming even i could get a dictionary to automatically be typed in...

    what im going toward is fighting the boot loader, he uses grub, and i can freely edit the grub config file, so would there be some kind of argument that gets me a shell right at boot time?
    You'll get the grub shell, but that's not going to help you. The way the system works is the /boot partition is formatted ext3 or 4. The / partition is an encrypted container, which inside that container is a normally formatted system. Unless you know the encryption key, you're not going to see anything in there. The only thing in /boot is the kernel and the boot loader.

  6. #6
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    If he's using Truecrypt, you can use Evil Maid. It hooks the Trucrypt function that asks user for the passphrase, so that the hook records whatever passphrase is provided to this function.

    Game. Set. Match
    Thorn
    Stop the TSA now! Boycott the airlines.

  7. #7
    Junior Member
    Join Date
    Jul 2009
    Posts
    37

    Default

    i'm just gonna say SOLVED, i gave it back lol no use starting out with entire hard drive encryption if i'm gonna learn cryptography

    thanks for the help!

  8. #8
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    If your interested in cryptography might I suggest Bruce Schneier's Applied Cryptography.

  9. #9
    Member floyd's Avatar
    Join Date
    Mar 2009
    Posts
    231

    Default

    Quote Originally Posted by b3r00tb4ck View Post
    thats what i was thinking, when you guess passwords at the login screen, it takes about 5 seconds, so brute forcing would be time consuming even i could get a dictionary to automatically be typed in...

    what im going toward is fighting the boot loader, he uses grub, and i can freely edit the grub config file, so would there be some kind of argument that gets me a shell right at boot time?
    start a live cd and you will have the same access to the encrypted drive.

    Or you could just install coreboot with Grub Invaders and tell him that you wiped his hard disc . No, just kidding, don't mess with his bios
    Auswaertsspiel

  10. #10
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by hhmatt81 View Post
    If your interested in cryptography might I suggest Bruce Schneier's Applied Cryptography.
    Excellent book indeed.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •