Immediate Self Destruction On Kali Linux in Emergency

By -
During a penetration test , one needs to download and store the confidential datarelated to an organisation . Kali Linux comes with an Option to be Installed with full disk encryption .Hence its advisable to have a full disk encryption enabled on the Kali Linux machine in order to protect the sensitive information .
Full disk encryption is easy to setup in Kali Linux. A detailed doccumentation of how to install a Kali Volume with Full Disk Encryption can be found here .
The Kali installer comes with a straightforward process for setting up encrypted partitions with LVM and LUKS. Once encrypted, the Kali operating system requires a password at boot time to allow the OS to boot and decrypt your drive, thus protecting this data in case your laptop is stolen.
One can manage decryption keys and partitions by using the cryptsetup utility.

Nuking  Kali Linux Installation for emergencies 

Often one might need to destroy all the contents of the encrypted hard-drive in certain scenarios to avoid data leakage of sensitive information. Kali linux makers have introduced the option . Kali Linux now allows to gave a Boot Password the would allow the destruction , rather than decryption of the data on your drive .
This is done by adding the  Nuke Password  to the cryptosystem . This Nuke Passwordwhen used will delete all the keyslots and makes the data on the hard-drive inaccessible .
The Kali Linux has not yet officially introduce the feature in the version releases and hence one must use this feature at their own risk (hackingloops.com holds no liabilities) .
If you wish to try this feature , the following are the build Instructions .
One can start by running the LVM encrypted installation in Kali Linux and set a Decryption Password . Once this is completed , download the crypto setup package source and apply the Kali Linux patch on it .
Proceed as folllows :
root@kali:~# apt-get source cryptsetup
 root@kali:~# git clone https://github.com/offensive-security/cryptsetup-nuke-keys
 root@kali:~# cd cryptsetup-1.6.1/
 root@kali:~/cryptsetup-1.6.1# patch -p1 < ../cryptsetup-nuke-keys/cryptsetup_1.6.1+nuke_keys.diff
 patching file lib/libcryptsetup.h
 patching file lib/luks1/keymanage.c
 patching file lib/setup.c
 patching file src/cryptsetup.c
 root@kali:~/cryptsetup-1.6.1# dpkg-buildpackage -b -uc
This will build and install the cryptosystem packages in order to get the Nuke option implemented .
root@kali:~/cryptsetup-1.6.1# ls -l ../*crypt*.deb
 -rw-r--r-- 1 root root 149430 Jan 4 21:34 ../cryptsetup_1.6.1-1kali0_amd64.deb
 -rw-r--r-- 1 root root 250616 Jan 4 21:34 ../cryptsetup-bin_1.6.1-1kali0_amd64.deb
 -rw-r--r-- 1 root root 105226 Jan 4 21:34 ../libcryptsetup4_1.6.1-1kali0_amd64.deb
 -rw-r--r-- 1 root root 49580 Jan 4 21:34 ../libcryptsetup-dev_1.6.1-1kali0_amd64.deb
 root@kali:~/cryptsetup-1.6.1# dpkg -i ../libcryptsetup*.deb
 root@kali:~/cryptsetup-1.6.1# dpkg -i ../cryptsetup*.deb

Now that our patched cryptsetup package has been installed, we can go ahead and add a “nuke” key to our setup:
root@kali:~# cryptsetup luksAddNuke /dev/sda5
 Enter any existing passphrase: (existing passphrase)
 Enter new passphrase for key slot: (nuke passphrase)
On any subsequent reboots, you will be asked for the LUKS decryption password each time as usual. If for whatever reason, you were to enter the nuke password, the saved keys would be purged rendering the data inaccessible.

#Disclaimer : Hackingloops.com holds no liabilities to this feature . This is just for Information Sharing Purposes . If your sensitive information is inaccessible due to what so ever reason , we are not to be Blamed

Comments

Post a Comment

Popular posts from this blog

HACK EMAIL-ID,USERNAME AND PASSWORD OR ANY USER DETAILS BY USING KALI LINUX.

By -
Image
HACK EMAIL-ID,USERNAME AND PASSWORD OR ANY USER DETAILS BY USING  KALI LINUX . Today,i am going to show you how you can get email-id,username and password or any user details you want by using  KALI LINUX . STEPS FOR SETTING UP YOUR SYSTEM. Download Kali Linux from   here . Extract the contents of Kali Linux iso file which you  downloaded in step and copy it to pendrive or instead of pendrive burn the iso file in cd if you want to make a cd of it. After copying all contents to pendrive or burning the iso file in cd,reboot you system,press F8 on boot-time and select boot from pendrive if you have copied all the files in pendrive,else boot from cd-rom if you burn the iso file in cd. After selecting the boot from device,the kali installation window will open,install accordingly as per your requirement. NOTE:During installation,in mount point of selected installation drive,set mount point to  "/" . Remember the username and password while installation as this will
Read more

Port Fail Vulnerability : Critical VPN Vulnerability

By -
Image
Port Fail Vulnerability : Critical VPN Vulnerability How Port Fail Vulnerability Exposes your REAL IP on SKYPE Using Port Fail Vulnerability it’s possible to disclose the real IP of a Skype accounts you’re interested in. There are a bunch of Skype IP resolvers which can give you the VPN IP address and port number of a Skype user using only their Skype login. Then you need to use the same thing a copyright monitoring company would use — send some UDP packets to the whole internet on the exact port. It’s remarkable but Skype will send you a reply for almost any data! The nping utility from  nmap  package suits our needs very well: # nping --udp -p 13318 --data-string 'hellothere!' -c 1 serv.valdikss.org.ru Starting Nping 0.7.00 ( https://nmap.org/nping ) at 2015-12-20 19:54 MSK SENT (0.0157s) UDP 195.154.127.59:53 > 92.42.31.8:13318 ttl=64 id=10802 iplen=39  RCVD (0.0859s) UDP 185.61.149.121:4272 > 195.154.127.59:53 ttl=54 id=1534 iplen=32    Max rtt: N/A | M
Read more