VeraCrypt

By on

 

In this blog:

  • What is VeraCrypt?
  • Installation.
  • Creating an encrypted file container.
  • Mounting devices.
  • Inside locked-container.

What is VeraCrypt?

This is a continuation of the Steghide walkthrough - found here ➡️ 

 

VeraCrypt can be downloaded on Mac, Windows, and most other Linux based operating systems.

 

It is a free and open source disk encryption program.

 

VeraCrypt can create virtual encrypted disks, encrypt partitions, or encrypt the entire storage device with pre-boot authentication.

 

Uses enhanced security in algorithms which makes it fairly immune to advancements in brute force attacks.

 

The latest Linux tarball of VeraCrypt can be found at https://www.veracrypt.fr/en/Downloads.html. ➡️


VeraCrypt website.



Installation

Start the program once it has been downloaded.

The software downloaded into my downloads folder. 

To make it easier to find, I made a new directory called Veracrpyt and moved the download file into this directory. 

I completed both commands in one using the pipe function.

Type – ‘mkdir veracrypt | mv <veracrypt tarball> veracrypt


Moving the tarball install to a new directory for ease of use.



Open the file. There are 32-bit and 64-bit versions for both the command line and gui versions of the software. Download the 64-bit gui version of VeraCrypt. 


Choosing the 64-bit gui version for download.

Extract the bottom file and head to the terminal and use ./ to start the program. 


Starting the chosen setup installer.

Install prompt.

I went with option 1.

Read the terms and conditions (or don’t) and click enter to exit the prompt. 

Go to the start menu and search for VeraCrypt. It should be available now. 

VeraCrypt home page.


Creating an encrypted file container



Go to Volumes and Create New Volume.


Create New Volume.


Create an encrypted file container.


Create an encrypted file container.


Go to where you saved the extracted file and create an empty file named lock-container.

Choose standard VeraCrypt Volume and choose the lock-container file to save it to.

I will choose the default encryption options. 


Encryption standards.

For the size I will choose an arbitrary 750 MB. 

Selecting volume size.


For the password, I have a random password generator script that I wrote. 

Click here to see a breakdown ➡️


Random password generator script.


For the next page, I stuck with the default FAT filesystem for the volume format.


FAT filesystem.


For the final step, move the mouse around inside the window as randomly as possible as this will allow the cryptographic generator to create a stronger encryption key. 

Then click format. 


Mounting Devices

Click on a slot and select the lock-container file and click mount. 

You will be prompted for the password you set when creating the VeraCrypt account and then you will be asked for your administrator password. 


Select the lock-container to place in the first slot.


The volume is mounted and created in the /media/veracrypt1 directory. 


Checking the Mount Directory.


Inside locked-container

I will use the lbkl (list block) command which lists block devices (devices that are read and written to a block at a time, usually 512MB – common block devices include hard disks.)


lsblk command to list block devices.

You can create a folder in the encrypted VeraCrypt directory. 

I have created a test file named secretfolder1 and also moved the black hole image I used for the steganography to this directory to encrypt it so I don’t leave any tracks behind.



Moving files into the encrypted folder.


Now we can exit out of the command line and click dismount in VeraCrypt. 

Checking the directory now shows that it doesn’t exist. Our files are encrypted and hidden. 


Locked-container folder is hidden.

To see our files again, start up VeraCrypt and mount the lock-container file with your passwords. In the command line we can now see our unencrypted files. 


Shone is a Cyber Security student at the Manchester Metropolitan University. Shone started writing blogs to document his own learning and help others along the way.

Comments

Post a Comment

Popular posts from this blog

Connecting Metasploitable to Kali Linux

By on
Image
  In this blog: Pre-text. Setting up NAT Network. Connected. What's next? This blog is one of a 4 part series in Metasploitable. Click here to see how to run a DOS attack on Metasploitable. Click here to see how to deface Metasploitable's webpage. Click here to see how to fix a common timer error that occurs during bootup .  Pre-text This blog comes after the tutorial on creating a Metasploitable virtual machine and solving the kernel timer error. Setting up a NAT Network In our Linux machine, I checked the network interfaces on the system and I have a tunnel connection that I set up earlier for Openvpn access.  To terminate this connection, type ➡️  sudo killall openvpn . Killing Openvpn connections. Now to connect the metasploitable machine to the kali Linux machine we must create a NAT Network.  We want to make sure that the machine is not able to communicate with connections outside the host. Go to file ➡️...
Read more

Fixing kernel timer error in Metasploitable

By on
Image
In this blog: Disclaimer. Fixing the kernel timer error. What's next? This blog is one of a 4 part series in Metasploitable. Click here to see how to run a DOS attack on Metasploitable. Click here to see how to deface Metasploitable's webpage. Click here to see how to set up a Metasploitable lab . Click here to see how to connect Metasploitable with Kali Linux . Disclaimer The solution given in this blog is for the kernel timer error that is caused by a misconfiguration in the kernel boot settings in the BIOS. The solution is not permanent and you must complete the steps each time you start a new session. Fixing timer errors To start the virtual machine, go back to VirtualBox and click start. When starting, if you get this kernel panic – not syncing error message, follow these steps ➡️  Kernel panick error message. Go to settings, system and double the base memory to 2048MB. Doubling base memory. Provide the machine with two processors instead of one and click OK.  Doubling p...
Read more

Wireshark alternative ➡️ tcpdump (Linux)

By on
Image
In this blog: What is tcpdump? Installation. Usage. Saving captures to a file. Filtering output. Expressions. Understanding the output. Packet content.   The end? See my Wireshark blog here. See my blog on uncovering network attacks using Wireshark here.                                   What is tcpdump? Tcpdump is a command line alternative to Wireshark and runs natively on Linux based operating systems.  The tool is not as feature rich as Wireshark but can be faster and more efficient in capturing and displaying packets, hence why many network admins and security professionals like using tcpdump for quick analysis.  Being a command line tool allows it to be run on remote servers to troubleshoot networks where a gui may not be available. The .PCAP files can then be analysed with Wireshark later. Most Linux distributions come with tcpdump installed, so your distro might already have it d...
Read more