API tools faq
paste
Advertisement
xe1phix

Xe1phix-[How-To-Create-A-[Persistent]-[LUKS-Encrypted]-USB-Device-With-[Parrot-Linux]-Cheatsheet.txt

xe1phix
Sep 26th, 2023
1,271
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 6.30 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. ## --------------------------------------------------------------------------------------------------------------- ##
  2. ##    [+] Xe1phix-[How-To-Create-A-[Persistent]-[LUKS-Encrypted]-USB-Device-With-[Parrot-Linux]-Cheatsheet.txt
  3. ## --------------------------------------------------------------------------------------------------------------- ##
  4. ##
  5. ## ---------------------------------------------------------------------------- ##
  6. ##    [?] Xe1phix GitLab: https://gitlab.com/users/xe1phix/projects
  7. ##    [?] Xe1phix Pastebin: https://pastebin.com/u/xe1phix
  8. ##    [?] Xe1phix YouTube: https://youtube.com/@xe1phix/videos
  9. ## ---------------------------------------------------------------------------- ##
  10.  
  11.  
  12.  
  13. ##-======================================================================-##
  14. ##   [+] GParted - Associate The Empty Space With The sda3 Partition:
  15. ##-======================================================================-##
  16. gparted &                                    ## format sdc3 to ext4
  17.  
  18.  
  19. ##-===================================-##
  20. ##   [+] Format The sdc3 Partition:
  21. ##-===================================-##
  22. mkfs.ext4 /dev/sdc3
  23.  
  24.  
  25. ##-==================================================================-##
  26. ##   [+] Encrypt The Newly Created Partition With LUKS Encryption:
  27. ##-==================================================================-##
  28. cryptsetup --verbose --verify-passphrase luksFormat /dev/sdc3
  29.  
  30.  
  31. ##-=================================================-##
  32. ##   [+] Initialize The LUKS Encrypted Partition:
  33. ##-=================================================-##
  34. cryptsetup luksOpen /dev/sdc3 parrot_usb
  35.  
  36.  
  37. ##-==============================================================-##
  38. ##   [+] Create The Ext4 Filesystem, And Label It parrot_usb:
  39. ##-==============================================================-##
  40. mkfs.ext4 -L persistence /dev/mapper/parrot_usb
  41. e2label /dev/mapper/parrot_usb persistence
  42.  
  43.  
  44. ##-=======================================================================-##
  45. ##   [+]  Create A Mount Point, Mount Our New Encrypted Partition There
  46. ##   [+]  Set Up The Persistence.conf File, And Unmount The Partition:
  47. ##-=======================================================================-##
  48. mkdir -p /mnt/parrot_usb
  49. mount /dev/mapper/parrot_usb /mnt/parrot_usb
  50. echo "/ union" > /mnt/parrot_usb/persistence.conf
  51.  
  52.  
  53.  
  54. ##-===========================================-##
  55. ##   [+] Status of The Mapping (parrot_usb):
  56. ##-===========================================-##
  57. cryptsetup status /dev/mapper/parrot_usb
  58.  
  59.  
  60. ##-=======================================================-##
  61. ##   [+]  Dump The Header Information of A LUKS Device:
  62. ##-=======================================================-##
  63. cryptsetup luksDump /dev/sdc3
  64.  
  65.  
  66. ##-======================================================================-##
  67. ##   [+] Show All The Current Logical Volumes, and Their Device Names:                        "
  68. ##-======================================================================-##
  69. lvs -o devices
  70.  
  71.  
  72. ## --------------------------------------------------------------- ##
  73. ##   [?] The Encrypted Logical Volumes Are Mounted At Boot Time
  74. ##   [?] Using The Information From The /etc/crypttab File.
  75. ## --------------------------------------------------------------- ##
  76. cat /etc/crypttab
  77.  
  78.  
  79. ##-=======================================-##
  80. ##   [+] Print the UUID of a LUKS device.
  81. ##-=======================================-##
  82. cryptsetup luksUUID /dev/sdc3
  83.  
  84.  
  85. ##-======================================-##
  86. ##   [+] Add a Nuke Slot to /dev/sdc3:
  87. ##-======================================-##
  88. cryptsetup luksAddNuke /dev/sdc3
  89.  
  90.  
  91. ##-===============================================-##
  92. ##   [+] Check if the Nuke Slot has been added:
  93. ##-===============================================-##
  94. cryptsetup luksDump /dev/sdc3
  95.  
  96.  
  97. ##-=====================================-##
  98. ##   [+] Check if its a LUKS Device:
  99. ##-=====================================-##
  100. cryptsetup isLuks /dev/sdc3
  101.  
  102.  
  103. ##-=====================================================================-##
  104. ##   [+] Store a binary backup of the LUKS Header and keyslot Area:
  105. ##-=====================================================================-##
  106. cryptsetup luksHeaderBackup --header-backup-file luksheader.back /dev/sdc3
  107.  
  108.  
  109. ##-=================================================-##
  110. ##   [+] Print LUKS Header File Type & Attributes:
  111. ##-=================================================-##
  112. file luksheader.back
  113.  
  114.  
  115. ##-====================================================-##
  116. ##   [+] Encrypt The LUKS Header Backup With OpenSSL:
  117. ##-====================================================-##
  118. openssl enc -aes-256-cbc -salt -in luksheader.back -out luksheader.back.enc             ## openssl enc -aes-256-cbc -e -salt -in $key -out $1
  119.  
  120.  
  121. ##-==========================================-##
  122. ##   [+] List Both The Header Backup Files:
  123. ##-==========================================-##
  124. ls -lh luksheader.back*
  125.  
  126.  
  127. ##-===================================================================-##
  128. ##   [+] Cross Examine The Unencrypted Header Vs The Encrypted One:      
  129. ##-===================================================================-##
  130. file luksheader.back*
  131.  
  132.  
  133. ##-===================================================-##
  134. ##   [+] Decrypt The OpenSSL Encrypted LUKS Header:
  135. ##-===================================================-##
  136. openssl enc -d -aes-256-cbc -in luksheader.back.enc -out luksheader.back
  137.  
  138.  
  139. ##-======================================================================-##
  140. ##   [+] Copy This Script To The Persistent Partition For Future Use:
  141. ##-======================================================================-##
  142. cp -v $File /mnt/parrot_usb/
  143.  
  144.  
  145. ##-=================================================================-##
  146. ##   [+] Close The Encrypted Channel To Our Persistent Partition.
  147. ##   [+] And Unmount The Partition.
  148. ##-=================================================================-##
  149. umount /dev/mapper/parrot_usb
  150. cryptsetup luksClose /dev/mapper/parrot_usb
  151.  
  152.  
  153. ##-====================================================-##
  154. ##   [+] Restore a binary backup of The LUKS Header
  155. ##       And Keyslot Area From The Specified File:
  156. ##-====================================================-##
  157. cryptsetup luksHeaderRestore /dev/sdc3 --header-backup-file luksheader.back
  158.  
  159.  
Tags: openssl Linux ParrotSec luks Persistence encryption cryptsetup usb AES-256 LiveUSB
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!