API tools faq
paste
Advertisement
xe1phix

Xe1phix-[XFS]-Luks-Encrypted-USB-Cheatsheet-[v4.8.52].sh

xe1phix
Nov 11th, 2022 (edited)
1,183
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 5.72 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2. ##-=======================================================-##
  3. ##   [+] Xe1phix-[XFS]-Luks-Encrypted-USB-Cheatsheet.sh
  4. ##-=======================================================-##
  5.  
  6.  
  7.  
  8. echo "## ======================================================================= ##"
  9. echo "     [+] Initialize the LUKS encryption on the newly-created partition."
  10. echo "## ======================================================================= ##"
  11. cryptsetup --verbose --verify-passphrase luksFormat /dev/sdd1
  12. cryptsetup luksOpen /dev/sdd1 LUKS
  13.  
  14.  
  15. echo "## ======================================================= ##"
  16. echo "     [+] Create An XFS Filesystem, and label it LUKS:"
  17. echo "## ======================================================= ##"
  18. mkfs.xfs -L persistence /dev/mapper/LUKS
  19.  
  20.  
  21. echo "## ======================================================================= ##"
  22. echo "      [x] Create a mount point"
  23. echo "      [x] Mount our new encrypted partition"
  24. echo "      [x] Set up the persistence.conf file"
  25. echo "      [x] Unmount the partition. "
  26. echo "## ======================================================================= ##"
  27. mkdir -v --mode=0755 /mnt/LUKS
  28. mount /dev/mapper/LUKS /mnt/LUKS
  29. echo "/ union" > /mnt/LUKS/persistence.conf
  30.  
  31.  
  32. echo "## ============================================ ##"
  33. echo "      [+] Status of the mapping (ParrotSec) "
  34. echo "## ============================================ ##"
  35. cryptsetup status /dev/mapper/LUKS
  36.  
  37. echo "## ======================================================== ##"
  38. echo "      [+]  Dump the header information of a LUKS device."
  39. echo "## ======================================================== ##"
  40. cryptsetup luksDump /dev/sdd1
  41.  
  42.  
  43. echo "##-=======================================================-##"
  44. echo "      [+] Show All The Logical Volumes & Device Names"
  45. echo "##-=======================================================-##"
  46. lvs -o devices
  47.  
  48.  
  49. echo "## ------------------------------------------------------------------------ ##"
  50. echo "      [?] The Encrypted Logical Volumes Are Mounted At Boot Time        "
  51. echo "          Using The Information From The /etc/crypttab File.          "
  52. echo "## ------------------------------------------------------------------------ ##"
  53. cat /etc/crypttab
  54.  
  55.  
  56. echo "## ========================================== ##"
  57. echo "      [+] Print the UUID of a LUKS device."
  58. echo "## ========================================== ##"
  59. cryptsetup luksUUID /dev/sdd1
  60.  
  61.  
  62. echo "## ======================================== ##"
  63. echo "      [+] Add a Nuke Slot to /dev/sda1: "
  64. echo "## ======================================== ##"
  65. cryptsetup luksAddNuke /dev/sdd1
  66.  
  67. echo "## ================================================= ##"
  68. echo "      [+] Check if the Nuke Slot has been added:"
  69. echo "## ================================================= ##"
  70. cryptsetup luksDump /dev/sdd1
  71.  
  72. echo "##-======================================-##"
  73. echo "      [+] Check If It's A LUKS Device:"
  74. echo "##-======================================-##"
  75. cryptsetup isLuks /dev/sdd3
  76.  
  77.  
  78. echo "## ------------------------------------------------------------------------ ##"
  79. echo "      [?] Stores a binary backup of the LUKS header and keyslot area."
  80. echo "## ------------------------------------------------------------------------ ##"
  81. cryptsetup luksHeaderBackup --header-backup-file luksheader.back /dev/sdd1
  82.  
  83. cryptsetup luksHeaderBackup --header-backup-file /mnt/LUKS/luksheader.back /dev/sdd1
  84.  
  85.  
  86. echo "## ====================================================== ##"
  87. echo "     [+] Restores a binary backup of the LUKS header "
  88. echo "     [+] and keyslot area from the specified file."
  89. echo "## ====================================================== ##"
  90. cryptsetup luksHeaderRestore /dev/sdd1 --header-backup-file luksheader.back
  91.  
  92.  
  93. echo "## ==================================================== ##"
  94. echo "      [+] Print LUKS Header File Type & Attributes: "
  95. echo "## ==================================================== ##"
  96. file luksheader.back
  97.  
  98.  
  99.  
  100. echo "## ======================================================= ##"
  101. echo "      [+] Encrypt The LUKS Header Backup With OpenSSL:"
  102. echo "## ======================================================= ##"
  103. openssl enc -aes-256-cbc -e -salt -in $Key -out $File
  104. openssl enc -aes-256-cbc -salt -in luksheader.back -out luksheader.back.enc
  105.  
  106.  
  107.  
  108. echo "## ============================================= ##"
  109. echo "      [+] List Both The Header Backup Files: "
  110. echo "## ============================================= ##"
  111. ls -lh luksheader.back*
  112.  
  113.  
  114. echo "## =================================================================== ##"
  115. echo "     [+] Cross Examine The Unencrypted Header Vs The Encrypted One"
  116. echo "## =================================================================== ##"
  117. file luksheader.back*
  118.  
  119.  
  120. echo "## ===================================================== ##"
  121. echo "     [+] Decrypt The OpenSSL Encrypted LUKS Header:"
  122. echo "## ===================================================== ##"
  123. openssl enc -d -aes-256-cbc -in luksheader.back.enc -out luksheader.back
  124.  
  125.  
  126. echo "## ====================================================================== ##"
  127. echo "     [+] Copy This Script To The Persistent Partition For Future Use:"
  128. echo "## ====================================================================== ##"
  129. cp -v infosectalk-Brown/GnuPG-CryptoPartyWorkshop/XFS-LUKSEncryptedUSB.sh /mnt/LUKS/
  130.  
  131.  
  132.  
  133. echo "## =================================================================== ##"
  134. echo "     [+] Unmount the partition. "
  135. echo "     [+] Close the encrypted channel to our persistence partition."
  136. echo "## =================================================================== ##"
  137. umount /dev/mapper/LUKS
  138. cryptsetup luksClose /dev/mapper/LUKS
  139.  
  140.  
  141.  
Tags: encrypt ParrotSec luks filesystem XFS cryptsetup aes256 usb
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!