Wireless Army
This is a blog / tips and tricks website for web developers and security researchers.
follow us in feedly


Kali linux persistence and nuke feature
by admin
 at 2017-04-08 21:44:00.

DISCLAIMER: WE ARE NOT RESPONSIBLE FOR ANY ABSTRUCTION OF LAW. THIS IS JUST A PROFF OF CONCEPT.

Also if you are not careful you can install the iso on your main drive delete everything so we are not responsible for any data loss. Please get help before using dd

Laptops and computers are everywhere. As a security researcher who travels a lot, it would be more convenient to carry around a usb than a laptop, just because size and weight.

You have to keep in mind this feature doesn’t completely destroys the data, it only removes the luks headers that makes the data on the usb useless. The intender purpose that the creators of the feature had in mind was to save the data on the usb, email or send the lux header via trusted partner to a safe location. Nuke the device and not worry about getting intercepted with sensitive data.

Kali linux is really flexible and it gives your multiples options

  1. live boot: like any other linux distro, all the data will be lost after a reboot
  2. have a partition that doesn’t get deleted after a reboot (aka persistance)
  3. have an encrypted persistence partition
  4. nuke option where by using where you specify a second password and whenever you use that, everything on the drive would be deleted
dd if=kali.iso of/dev/sdb bs=1M

will write the iso on the usb with 2 partitions, boot and the main kali iso.
We will create 2 more, one for persistence not encrypted and a forth one with encryption and nuke option.
The numbers shown on the commands below are where the partitions start and finish, it will vary depending on the iso size and the usb drive size.

parted /dev/sdb
print
mkpart primary 901 5000
mkpart primary 5000 100%
q

fdisk –l /dev/sdb will show your new and updated partitions

we will format and label the partitions 3 (the not encrypted one)

mkfs.ext3 /dev/sdb3
e2lable /dev/sdb3 persistence

we will mount the partition 3 add a file to it called persistence.conf with the value / union to say everything under root will be persistent  and the unmount it

mkdir –p /mnt/usb
mount /dev/sdb3 /mnt/usb
echo “/ union” > /mnt/usb/persistence.conf
unmount /mnt/usb

Now for the encrypted partition with nuke:

First we will format it

cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb4
cryptsetup luksOpen /dev/sdb4 my_usb

like before we will format the drive, label it, add persistence.conf file and close the encrypted drive

mkfs.ext3 /dev/mapper/my_usb
e2lable /dev/mapper/my_usb persistence
mkdir –p /mnt/my_usb
mount /dev/mapper/myusb /mnt/my_usb
echo “/ union” > /mnt/my_usb/persistence.conf
unmount /dev/mapper/my_usb
cryptsetup lukksClose /dev/mapper/my_usb
ls –l /dev/disk/by-label (just to see what’s up)

for adding the nuke capability

cryptsetup luksAddNuke /dev/sdb4

first you have to enter your main password then the password you would like to use for nuke capability

cryptsetup luksDump /dev/sdb4

will give you’re your header. Use it before and after luksAddNuke to see the change

you can back it up with this command

cryptsetup luksHeaderBackup --header-backup-file luksheader.back /dev/sdb4

file luksheader.back

now we can encrypt the backup luks header

openssl enc -aes-256-cbc -salt -in luksheader.back -out luksheader.back.enc

 

In this case, we would like to place the header somewhere that it is easily accessible. This could be as simple as on a USB thumb drive that is kept in a safe location.

Now you can nuke your kali live

With this command you will see the keyslot was remove

cryptsetup luksDump /dev/sdb

To restore the header back in place, it’s a simple matter of retrieving the encrypted header from your USB drive. Once we have that, we can decrypt it.

openssl enc -d -aes-256-cbc -in luksheader.back.enc -out luksheader.back
cryptsetup luksHeaderRestore --header-backup-file luksheader.back /dev/sdb4

All we have to do is simply reboot and provide our normal LUKS password and the system is back to its original state.