API tools faq
paste
Advertisement
xe1phix

Xe1phix-ParrotSec-[Encrypted]-[Persistent]-[LiveUSB]-Setup-[v4.5.85].sh

xe1phix
Nov 11th, 2022
975
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 7.68 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2. ##
  3. ##-========================================================================-##
  4. ##
  5. ##  This program is free software; you can redistribute it and/or modify
  6. ##  it under the terms of the GNU General Public License as published by
  7. ##  the Free Software Foundation; either version 2 of the License, or
  8. ##  (at your option) any later version.
  9. ##  
  10. ##  This program is distributed in the hope that it will be useful,
  11. ##  but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. ##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13. ##  GNU General Public License for more details.
  14. ##  
  15. ##  You should have received a copy of the GNU General Public License
  16. ##  along with this program; if not, write to the Free Software
  17. ##  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
  18. ##  MA 02110-1301, USA.
  19. ##
  20. ##-========================================================================-##
  21. ##
  22. ##-========================================================================-##
  23. ## ------------------------------------------------------------------------ ##
  24. ##   [+] Available on my gitlab page: https://gitlab.com/xe1phix
  25. ## ------------------------------------------------------------------------ ##
  26. ##-========================================================================-##
  27.  
  28.  
  29. echo "##-===========================================================-##"
  30. echo "    [+] Associate The Empty Space With The sda3 Partition:"
  31. echo "##-===========================================================-##"
  32. gparted &                                    ## format sdc3 to ext4
  33.  
  34.  
  35. echo "##-===================================-##"
  36. echo "    [+] Format The sdc3 Partition:"
  37. echo "##-===================================-##"
  38. mkfs.ext4 /dev/sdc3
  39.  
  40.  
  41. echo "##-=======================================================================-##"
  42. echo "    [+]  Encrypt The Newly-Created Partition With LUKS Encryption:"
  43. echo "##-=======================================================================-##"
  44. cryptsetup --verbose --verify-passphrase luksFormat /dev/sdc3
  45.  
  46.  
  47. echo "##-===================================================-##"
  48. echo "    [+]  Initialize The LUKS Encrypted Partition:"
  49. echo "##-===================================================-##"
  50. cryptsetup luksOpen /dev/sdc3 parrot_usb
  51.  
  52.  
  53. echo "##-==============================================================-##"
  54. echo "    [+]  Create The Ext4 Filesystem, And Label It parrot_usb:"
  55. echo "##-==============================================================-##"
  56. mkfs.ext4 -L persistence /dev/mapper/parrot_usb
  57. e2label /dev/mapper/parrot_usb persistence
  58.  
  59.  
  60. echo "##-=======================================================================-##"
  61. echo "    [+]  Create A Mount Point, Mount Our New Encrypted Partition There"
  62. echo "    [+]  Set Up The Persistence.conf File, And Unmount The Partition. "
  63. echo "##-=======================================================================-##"
  64. mkdir -p /mnt/parrot_usb
  65. mount /dev/mapper/parrot_usb /mnt/parrot_usb
  66. echo "/ union" > /mnt/parrot_usb/persistence.conf
  67.  
  68.  
  69.  
  70. echo "##-===========================================-##"
  71. echo "    [+] Status of The Mapping (parrot_usb) "
  72. echo "##-===========================================-##"
  73. cryptsetup status /dev/mapper/parrot_usb
  74.  
  75.  
  76. echo "##-=======================================================-##"
  77. echo "    [+]  Dump The Header Information of A LUKS Device."
  78. echo "##-=======================================================-##"
  79. cryptsetup luksDump /dev/sdc3
  80.  
  81.  
  82. echo "##-===============================================================-##"
  83. echo "    [+] Show All The Logical Volumes Currently on The System         "
  84. echo "                   And Their Device Names.                           "
  85. echo "##-===============================================================-##"
  86. lvs -o devices
  87.  
  88.  
  89. echo "##-===================================================================-##"
  90. echo "    [+] The Encrypted Logical Volumes Are Mounted At Boot Time        "
  91. echo "          Using The Information From The /etc/crypttab File.          "
  92. echo "##-===================================================================-##"
  93. cat /etc/crypttab
  94.  
  95.  
  96. echo "##-=======================================-##"
  97. echo "    [+] Print the UUID of a LUKS device.       "
  98. echo "##-=======================================-##"
  99. cryptsetup luksUUID /dev/sdc3
  100.  
  101.  
  102. echo "##-=====================================-##"
  103. echo "    [+] Add a Nuke Slot to /dev/sdc3: "
  104. echo "##-=====================================-##"
  105. cryptsetup luksAddNuke /dev/sdc3
  106.  
  107.  
  108. echo "##-==============================================-##"
  109. echo "    [+] Check if the Nuke Slot has been added:"
  110. echo "##-==============================================-##"
  111. cryptsetup luksDump /dev/sdc3
  112.  
  113.  
  114. echo "##-=====================================-##"
  115. echo "    [+] Check If It's A LUKS Device:"
  116. echo "##-=====================================-##"
  117. cryptsetup isLuks /dev/sdc3
  118.  
  119.  
  120. echo "##-=====================================================================-##"
  121. echo "    [+] Stores a binary backup of the LUKS header and keyslot area."
  122. echo "##-=====================================================================-##"
  123. cryptsetup luksHeaderBackup --header-backup-file luksheader.back /dev/sdc3
  124.  
  125.  
  126. echo "##-=================================================-##"
  127. echo "    [+] Print LUKS Header File Type & Attributes: "
  128. echo "##-=================================================-##"
  129. file luksheader.back
  130.  
  131.  
  132.  
  133. echo "##-====================================================-##"
  134. echo "    [+] Encrypt The LUKS Header Backup With OpenSSL:"
  135. echo "##-====================================================-##"
  136. openssl enc -aes-256-cbc -salt -in luksheader.back -out luksheader.back.enc             ## openssl enc -aes-256-cbc -e -salt -in $key -out $1
  137.  
  138.  
  139.  
  140. echo "##-==========================================-##"
  141. echo "    [+] List Both The Header Backup Files: "
  142. echo "##-==========================================-##"
  143. ls -lh luksheader.back*
  144.  
  145.  
  146.  
  147. echo "##-===================================================================-##"
  148. echo "    [+] Cross Examine The Unencrypted Header Vs The Encrypted One:      "
  149. echo "##-===================================================================-##"
  150. file luksheader.back*
  151.  
  152.  
  153.  
  154. echo "##-==================================================-##"
  155. echo "    [+] Decrypt The OpenSSL Encrypted LUKS Header:"
  156. echo "##-==================================================-##"
  157. openssl enc -d -aes-256-cbc -in luksheader.back.enc -out luksheader.back
  158.  
  159.  
  160.  
  161. echo "##-======================================================================-##"
  162. echo "    [+] Copy This Script To The Persistent Partition For Future Use:"
  163. echo "##-======================================================================-##"
  164. cp -v ParrotSecPersistance.sh /mnt/parrot_usb/
  165.  
  166.  
  167. echo "##-=================================================================-##"
  168. echo "    [+] Close The Encrypted Channel To Our Persistent Partition.       "  
  169. echo "    [+]                And Unmount The Partition.                      "
  170. echo "##-=================================================================-##"
  171. umount /dev/mapper/parrot_usb
  172. cryptsetup luksClose /dev/mapper/parrot_usb
  173.  
  174.  
  175.  
  176. echo "##-======================================================-##"
  177. echo "     [+] Restores A Binary Backup of The LUKS Header "
  178. echo "     [+] And Keyslot Area From The Specified File."
  179. echo "##-======================================================-##"
  180. cryptsetup luksHeaderRestore /dev/sdc3 --header-backup-file luksheader.back
  181.  
  182.  
  183.  
  184.  
  185. echo "##-===============================================================-##"
  186. echo "   [+] "
  187. echo "##-===============================================================-##"
  188.  
  189.  
Tags: encrypt xe1phix ParrotSec encryption cryptsetup aes256 live usb persistent
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!