During a penetration test , one needs to download and store the confidential data related to an organisation . Kali Linux comes with an Option to be Installed with full disk encryption .Hence its advisable to have a full disk encryption enabled on the Kali Linux machine in order to protect the sensitive information .
Full disk encryption is easy to setup in Kali Linux. A detailed doccumentation of how to install a Kali Volume with Full Disk Encryption can be found here .
The Kali installer comes with a straightforward process for setting up encrypted partitions with LVM and LUKS. Once encrypted, the Kali operating system requires a password at boot time to allow the OS to boot and decrypt your drive, thus protecting this data in case your laptop is stolen.
One can manage decryption keys and partitions by using the cryptsetup utility.
Nuking Kali Linux Installation for emergencies
Often one might need to destroy all the contents of the encrypted hard-drive in certain scenarios to avoid data leakage of sensitive information. Kali linux makers have introduced the option . Kali Linux now allows to gave a Boot Password the would allow the destruction , rather than decryption of the data on your drive .
This is done by adding the Nuke Password to the cryptosystem . This Nuke Password when used will delete all the keyslots and makes the data on the hard-drive inaccessible .
The Kali Linux has not yet officially introduce the feature in the version releases and hence one must use this feature at their own risk (hackingloops.com holds no liabilities) .
If you wish to try this feature , the following are the build Instructions .
One can start by running the LVM encrypted installation in Kali Linux and set a Decryption Password . Once this is completed , download the crypto setup package source and apply the Kali Linux patch on it .
Proceed as folllows :
root@kali:~# apt-get source cryptsetup root@kali:~# git clone https://github.com/offensive-security/cryptsetup-nuke-keys root@kali:~# cd cryptsetup-1.6.1/ root@kali:~/cryptsetup-1.6.1# patch -p1 < ../cryptsetup-nuke-keys/cryptsetup_1.6.1+nuke_keys.diff patching file lib/libcryptsetup.h patching file lib/luks1/keymanage.c patching file lib/setup.c patching file src/cryptsetup.c root@kali:~/cryptsetup-1.6.1# dpkg-buildpackage -b -uc
This will build and install the cryptosystem packages in order to get the Nuke option implemented .
root@kali:~/cryptsetup-1.6.1# ls -l ../*crypt*.deb -rw-r--r-- 1 root root 149430 Jan 4 21:34 ../cryptsetup_1.6.1-1kali0_amd64.deb -rw-r--r-- 1 root root 250616 Jan 4 21:34 ../cryptsetup-bin_1.6.1-1kali0_amd64.deb -rw-r--r-- 1 root root 105226 Jan 4 21:34 ../libcryptsetup4_1.6.1-1kali0_amd64.deb -rw-r--r-- 1 root root 49580 Jan 4 21:34 ../libcryptsetup-dev_1.6.1-1kali0_amd64.deb root@kali:~/cryptsetup-1.6.1# dpkg -i ../libcryptsetup*.deb root@kali:~/cryptsetup-1.6.1# dpkg -i ../cryptsetup*.deb
Now that our patched cryptsetup package has been installed, we can go ahead and add a “nuke” key to our setup:
root@kali:~# cryptsetup luksAddNuke /dev/sda5 Enter any existing passphrase: (existing passphrase) Enter new passphrase for key slot: (nuke passphrase)
On any subsequent reboots, you will be asked for the LUKS decryption password each time as usual. If for whatever reason, you were to enter the nuke password, the saved keys would be purged rendering the data inaccessible.
#Disclaimer : Hackingloops.com holds no liabilities to this feature . This is just for Information Sharing Purposes . If your sensitive information is inaccessible due to what so ever reason , we are not to be Blamed
Leave a Reply