Silk Road forums

Discussion => Security => Topic started by: TreyWingo104 on April 17, 2012, 03:46 am

Title: TrueCrypt Hidden OS help?
Post by: TreyWingo104 on April 17, 2012, 03:46 am

Cant seem to figure this out....Plan to use  Liberte/Tails and would like to have my entire system TC'd first. I'll throw you a BTC for a  thorough walk through, 5 bucks  if you can help explain all the steps to create encrypted hidden OS with the inner and outer "decoy"
system.  When I select that method in the TC menu it gives an Error message that  says:

"The currently running OS is not installed on the boot partition (The first Active Partition)...



I tried making a new partition... set as the L partition separate from my C drive but I now realize this has nothing to do with it....


Here's the info/drive info currently on the computer...Vista SP2 dual core 2800 intel

The C drive has 2 parts I think....


1)     System Volume...system, primary

2)     Main Partition  500 or so GB about  (boot)...primary

ALSO now the L:/ partition I made, like 50GB...can be set to either logical or primary, should be easy to change if not needed.


It also shows a second disk, 2 parts...


1b)  800MB partition named NVCACHE...Perhaps N Vidia Cache for graphics?....  primary partition  , no status

2b)  4.00 MB unallocated partition...Logical partition, no status


Thanks SR, cant wait to get this set up right.
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: greatgreatgrandpa on April 17, 2012, 04:47 am
given recent events on tor sites, i would invest in a flash drive bro, keep it on there, AES its ass, and worry no more about your comp

if you are going to encrypt a partition on your hard drive, encrypt the whole drive

1LRnC74rxWVZ5bCtEMpLXLPaua6GHEAfX6

its the best advice you'll get, its how we all do it!
welcome to the road
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: TreyWingo104 on April 17, 2012, 05:10 am
given recent events on tor sites, i would invest in a flash drive bro, keep it on there, AES its ass, and worry no more about your comp

if you are going to encrypt a partition on your hard drive, encrypt the whole drive

1LRnC74rxWVZ5bCtEMpLXLPaua6GHEAfX6

its the best advice you'll get, its how we all do it!
welcome to the road

Thanks man, alright, here's my concern though...I have a USB stick ready to AES and then use with Linux Liberte..however, Ive heard that the keys can be leaked into the RAM or that sesnsitive seeision info or data can get back to Vista through perf logs or similar....Is that a valid concern or no, have also read that chrooting Tor Arm on an OpenBSD behind a dedicated proxy, (old desktop computer stripped to be firewall with intrusion protection etc is really the way to go....)  I'll deposit you half a bitcoin my friend =)  Thanks for sharing, would like to get some discussion going on this!
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: dudeguy551 on April 17, 2012, 05:16 am
given recent events on tor sites, i would invest in a flash drive bro, keep it on there, AES its ass, and worry no more about your comp

if you are going to encrypt a partition on your hard drive, encrypt the whole drive

1LRnC74rxWVZ5bCtEMpLXLPaua6GHEAfX6

its the best advice you'll get, its how we all do it!
welcome to the road

If I don't encrypt/partition my drive, what areas should I remove the data (with multiple algorithm formatting)? Like my firefox doesn't keep history (tor bundle) but I always felt there were other things I should be purging of vital data.

Do I need to hide the tor executable inside an encrypted partition to prevent ISP scans? Or is that not of this time yet?

Do I need to scrub firefox data? Or filter/route my outgoing traffic further to prevent my ISP reporting "tor" usage?
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: TreyWingo104 on May 10, 2012, 08:34 am
given recent events on tor sites, i would invest in a flash drive bro, keep it on there, AES its ass, and worry no more about your comp

if you are going to encrypt a partition on your hard drive, encrypt the whole drive

1LRnC74rxWVZ5bCtEMpLXLPaua6GHEAfX6

its the best advice you'll get, its how we all do it!
welcome to the road

If I don't encrypt/partition my drive, what areas should I remove the data (with multiple algorithm formatting)? Like my firefox doesn't keep history (tor bundle) but I always felt there were other things I should be purging of vital data.

Do I need to hide the tor executable inside an encrypted partition to prevent ISP scans? Or is that not of this time yet?

Do I need to scrub firefox data? Or filter/route my outgoing traffic further to prevent my ISP reporting "tor" usage?

Your ISP will know your using Tor no matter what....

the third part will give you some more privacy....look up aircrack ng and find out if your card works with any of the versions.  Honestly you can save yourself some time and work by just buying a setup from Ebay, a good one will support injection and come with a good directional antenna.  Using aircrack you can brute force WEPped networks or just find existing open networks. Once you inject and crack it open you dont have to worry about your ISP anymore.

 spoof your Mac address if you want additional security.  Honestly I would highly reccomend this.  any 802.11 wirelessly connected machine broadcasts its Mac ID in the header of its connection, so if you crack open some wifi and use it you're gonna want to spoof your Mac ID too.


Greatgrandma/grandpa!  sorry I never hit you up with the coin cause you didnt really explain what I needed at the time, no hard feelings I hope, the advice was appreciated and all.  Im going to get an ironkey and add 2fish serpent to the AES and use tails until Liberte addresses the Midori issues and DNS leakage....I still want to know how to TC a hidden volume within the hidden OS though>
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: vlad1m1r on May 10, 2012, 12:20 pm
given recent events on tor sites, i would invest in a flash drive bro, keep it on there, AES its ass, and worry no more about your comp

if you are going to encrypt a partition on your hard drive, encrypt the whole drive

1LRnC74rxWVZ5bCtEMpLXLPaua6GHEAfX6

its the best advice you'll get, its how we all do it!
welcome to the road

If I don't encrypt/partition my drive, what areas should I remove the data (with multiple algorithm formatting)? Like my firefox doesn't keep history (tor bundle) but I always felt there were other things I should be purging of vital data.

Do I need to hide the tor executable inside an encrypted partition to prevent ISP scans? Or is that not of this time yet?

Do I need to scrub firefox data? Or filter/route my outgoing traffic further to prevent my ISP reporting "tor" usage?

Your ISP will know your using Tor no matter what....

the third part will give you some more privacy....look up aircrack ng and find out if your card works with any of the versions.  Honestly you can save yourself some time and work by just buying a setup from Ebay, a good one will support injection and come with a good directional antenna.  Using aircrack you can brute force WEPped networks or just find existing open networks. Once you inject and crack it open you dont have to worry about your ISP anymore.

 spoof your Mac address if you want additional security.  Honestly I would highly reccomend this.  any 802.11 wirelessly connected machine broadcasts its Mac ID in the header of its connection, so if you crack open some wifi and use it you're gonna want to spoof your Mac ID too.


Greatgrandma/grandpa!  sorry I never hit you up with the coin cause you didnt really explain what I needed at the time, no hard feelings I hope, the advice was appreciated and all.  Im going to get an ironkey and add 2fish serpent to the AES and use tails until Liberte addresses the Midori issues and DNS leakage....I still want to know how to TC a hidden volume within the hidden OS though>

Welcome to SR TreyWingo04,

I think you can save yourself a Bitcoin by visiting the Truecrypt HowTo section to get yourself a Hidden OS:

http://www.truecrypt.org/docs/?s=hidden-operating-system

Don't ignore the preamble, as it makes for important reading - this tutorial applies to Macs/PCs only of course. I would say that this is unnecessary though because you can always use a TC partition to store your Tor browser/PGP Software/Bitcoin wallet.

Creating a Truecrypt container with a hidden partition is very simple and once again there's a very simple tutorial for this on the Truecrypt website:

http://www.truecrypt.org/docs/?s=hidden-operating-system

Frankly I think the second of the two is much easier to set up and can be just as secure - in fact I keep all my SR related software and information in a 1GB container in my (encrypted) home directory. The advantage of course is that if LEO tries to force you to reveal the password you can make sure to give them the "safe" one which will reveal harmless dummy data.

With regard to the Ironkey, these are an excellent form of security but I am not sure these can be formatted to hold an OS as you would need to be able to boot from the USB drive in order to use it and as far as I can tell you can only decrypt the drive from within your own OS.

What you may want to do is put a Truecrypt container on the drive and as I said install your standalone applications inside it, so that they can only be accessed by the Ironkey. Feel free to create a container using AES/Twofish/Serpent as you say and of course your password to access the container should be different to the one you use to access the Ironkey.

V.




Title: Re: 1BTC TrueCrypt hELP meh?
Post by: deadfuture on May 10, 2012, 02:24 pm
given recent events on tor sites, i would invest in a flash drive bro, keep it on there, AES its ass, and worry no more about your comp

if you are going to encrypt a partition on your hard drive, encrypt the whole drive

1LRnC74rxWVZ5bCtEMpLXLPaua6GHEAfX6

its the best advice you'll get, its how we all do it!
welcome to the road

If I don't encrypt/partition my drive, what areas should I remove the data (with multiple algorithm formatting)? Like my firefox doesn't keep history (tor bundle) but I always felt there were other things I should be purging of vital data.

Do I need to hide the tor executable inside an encrypted partition to prevent ISP scans? Or is that not of this time yet?

Do I need to scrub firefox data? Or filter/route my outgoing traffic further to prevent my ISP reporting "tor" usage?

Your ISP will know your using Tor no matter what....

the third part will give you some more privacy....look up aircrack ng and find out if your card works with any of the versions.  Honestly you can save yourself some time and work by just buying a setup from Ebay, a good one will support injection and come with a good directional antenna.  Using aircrack you can brute force WEPped networks or just find existing open networks. Once you inject and crack it open you dont have to worry about your ISP anymore.

 spoof your Mac address if you want additional security.  Honestly I would highly reccomend this.  any 802.11 wirelessly connected machine broadcasts its Mac ID in the header of its connection, so if you crack open some wifi and use it you're gonna want to spoof your Mac ID too.


Greatgrandma/grandpa!  sorry I never hit you up with the coin cause you didnt really explain what I needed at the time, no hard feelings I hope, the advice was appreciated and all.  Im going to get an ironkey and add 2fish serpent to the AES and use tails until Liberte addresses the Midori issues and DNS leakage....I still want to know how to TC a hidden volume within the hidden OS though>

Just to clear something up.  You don't need to brute force WEP, only WPA or WPA2.  Find a WEP network and look up airmon and WEP.  You'll find a guide that let's you use backtrack and crack any WEP wireless in a matter of minutes.
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: TreyWingo104 on May 12, 2012, 07:12 am
given recent events on tor sites, i would invest in a flash drive bro, keep it on there, AES its ass, and worry no more about your comp

if you are going to encrypt a partition on your hard drive, encrypt the whole drive

1LRnC74rxWVZ5bCtEMpLXLPaua6GHEAfX6

its the best advice you'll get, its how we all do it!
welcome to the road

If I don't encrypt/partition my drive, what areas should I remove the data (with multiple algorithm formatting)? Like my firefox doesn't keep history (tor bundle) but I always felt there were other things I should be purging of vital data.

Do I need to hide the tor executable inside an encrypted partition to prevent ISP scans? Or is that not of this time yet?

Do I need to scrub firefox data? Or filter/route my outgoing traffic further to prevent my ISP reporting "tor" usage?

Your ISP will know your using Tor no matter what....

the third part will give you some more privacy....look up aircrack ng and find out if your card works with any of the versions.  Honestly you can save yourself some time and work by just buying a setup from Ebay, a good one will support injection and come with a good directional antenna.  Using aircrack you can brute force WEPped networks or just find existing open networks. Once you inject and crack it open you dont have to worry about your ISP anymore.

 spoof your Mac address if you want additional security.  Honestly I would highly reccomend this.  any 802.11 wirelessly connected machine broadcasts its Mac ID in the header of its connection, so if you crack open some wifi and use it you're gonna want to spoof your Mac ID too.


Greatgrandma/grandpa!  sorry I never hit you up with the coin cause you didnt really explain what I needed at the time, no hard feelings I hope, the advice was appreciated and all.  Im going to get an ironkey and add 2fish serpent to the AES and use tails until Liberte addresses the Midori issues and DNS leakage....I still want to know how to TC a hidden volume within the hidden OS though>

Just to clear something up.  You don't need to brute force WEP, only WPA or WPA2.  Find a WEP network and look up airmon and WEP.  You'll find a guide that let's you use backtrack and crack any WEP wireless in a matter of minutes.

Im pretty sure Airmon and backtrack are both linux distros with added support for aircrack no?

Also I read that WPA cannot be brute cracked as easily because you would need a dictionary attack...I dunno, i'm still learning :)
Anyway, isnt Airmon or Backtrack still brute forcing the network to crack the WEP key?  technically speaking?  please fill me in, thanks man.


And vlad...thanks man, appreciate the welcome and the advice as well.  I did read most of the tutorial I just cant wrap my head around it, prolly just need to try harder and smoke some more for the aha moment :)
Good point on the ironkey/not being bootable piece....I'll have to look into that and appreciate your mentioning it because otherwise that would have been a relatively hefty sum of money for a USB stick if it wont support boot.
Peace homie!
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: deadfuture on May 14, 2012, 02:19 pm

Im pretty sure Airmon and backtrack are both linux distros with added support for aircrack no?

Also I read that WPA cannot be brute cracked as easily because you would need a dictionary attack...I dunno, i'm still learning :)
Anyway, isnt Airmon or Backtrack still brute forcing the network to crack the WEP key?  technically speaking?  please fill me in, thanks man.


Backtrack is a linux distro with the Airmon/Aircrack protocol  in terminal.  Brute force is related to a dictionary attack.  Basically brute force takes every possible password and tries them and can take 1000's of years to complete.  A dictionary attack is like brute force but limits the tries to what words are in your dictionary, so it takes a lot less time.  This is the only way (that I know of) to crack a WPA or WPA2 network, so it can take a long time to crack those.

Cracking WEP using Aircrack utilizes a hash vulnerability in the way WEP authenticates.  Basically you kick someone off of the wifi a bunch of times and they try to reconnect and it provides you with a hash everytime.  Then you use the aircrack protocal to reference the hashes you get from them trying to reconnect to the Wifi and use those crack the code.  It can literally take minutes.
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: oscarzululondon on May 14, 2012, 02:25 pm
This is the only way (that I know of) to crack a WPA or WPA2 network, so it can take a long time to crack those.

There are ways to crack WPA & WPA2 within about 2 hours now max. It depends what type of computer and in particular what graphics card you have.
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: TreyWingo104 on June 13, 2012, 06:00 am

Im pretty sure Airmon and backtrack are both linux distros with added support for aircrack no?

Also I read that WPA cannot be brute cracked as easily because you would need a dictionary attack...I dunno, i'm still learning :)
Anyway, isnt Airmon or Backtrack still brute forcing the network to crack the WEP key?  technically speaking?  please fill me in, thanks man.


Backtrack is a linux distro with the Airmon/Aircrack protocol  in terminal.  Brute force is related to a dictionary attack.  Basically brute force takes every possible password and tries them and can take 1000's of years to complete.  A dictionary attack is like brute force but limits the tries to what words are in your dictionary, so it takes a lot less time.  This is the only way (that I know of) to crack a WPA or WPA2 network, so it can take a long time to crack those.

Cracking WEP using Aircrack utilizes a hash vulnerability in the way WEP authenticates.  Basically you kick someone off of the wifi a bunch of times and they try to reconnect and it provides you with a hash everytime.  Then you use the aircrack protocal to reference the hashes you get from them trying to reconnect to the Wifi and use those crack the code.  It can literally take minutes.


Very late here to see your reply but a huge thanks for putting this all in lamens terms and clearing up my misconceptions.  I cant wait to master the craft
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: deadfuture on June 13, 2012, 03:02 pm
This is the only way (that I know of) to crack a WPA or WPA2 network, so it can take a long time to crack those.

There are ways to crack WPA & WPA2 within about 2 hours now max. It depends what type of computer and in particular what graphics card you have.

Yeah we all know about your amazon cloud computing/botnet technique and it's limits to someone's budget but I'm talking about plausible personal cracking methods not supercomputer or cloud methodology.  If you have a good GPU you could crack 6-8 character passwords in a few hours but anything more than that and you'll be waiting months/years.

Aiming your efforts at a WEP network is just so much easier if you have one around you.


Im pretty sure Airmon and backtrack are both linux distros with added support for aircrack no?

Also I read that WPA cannot be brute cracked as easily because you would need a dictionary attack...I dunno, i'm still learning :)
Anyway, isnt Airmon or Backtrack still brute forcing the network to crack the WEP key?  technically speaking?  please fill me in, thanks man.


Backtrack is a linux distro with the Airmon/Aircrack protocol  in terminal.  Brute force is related to a dictionary attack.  Basically brute force takes every possible password and tries them and can take 1000's of years to complete.  A dictionary attack is like brute force but limits the tries to what words are in your dictionary, so it takes a lot less time.  This is the only way (that I know of) to crack a WPA or WPA2 network, so it can take a long time to crack those.

Cracking WEP using Aircrack utilizes a hash vulnerability in the way WEP authenticates.  Basically you kick someone off of the wifi a bunch of times and they try to reconnect and it provides you with a hash everytime.  Then you use the aircrack protocal to reference the hashes you get from them trying to reconnect to the Wifi and use those crack the code.  It can literally take minutes.


Very late here to see your reply but a huge thanks for putting this all in lamens terms and clearing up my misconceptions.  I cant wait to master the craft

No problem.  Best of luck to you!
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: oscarzululondon on June 13, 2012, 05:33 pm
Yeah we all know about your amazon cloud computing/botnet technique and it's limits to someone's budget but I'm talking about plausible personal cracking methods not supercomputer or cloud methodology.  If you have a good GPU you could crack 6-8 character passwords in a few hours but anything more than that and you'll be waiting months/years.

That's not the only way to crack a WPA wireless network...

OK so you want a plausible personal method? How about using Reaver (comes with Backtrack), as long as the person has left WPS (wi-fi protected setup, basically remote admin control) enabled on their router (most routers have it left on) then you can crack the WPA password in the same time as a WEP password, very quickly.

I've done this several times now, including to all my neighbors and various places around where I live when I need an alternate internet connection and am yet to find a WPA network it doesn't work on.

Some reading for you:
http://lifehacker.com/5873407/how-to-crack-a-wi+fi-networks-wpa-password-with-reaver

If you have an Android mobile phone, you can run Backtrack 5 like an app, then use your phone to crack people's WEP & WPA wireless networks. It's incredibly easy to set up and do.

Watch system admins shit bricks as you do this, hilarious.

More reading:
https://play.google.com/store/apps/details?id=com.zpwebsites.backtrackinstallguide&hl=en
Title: Re: 1BTC TrueCrypt hELP meh?
Post by: deadfuture on June 13, 2012, 05:42 pm
Yeah we all know about your amazon cloud computing/botnet technique and it's limits to someone's budget but I'm talking about plausible personal cracking methods not supercomputer or cloud methodology.  If you have a good GPU you could crack 6-8 character passwords in a few hours but anything more than that and you'll be waiting months/years.

That's not the only way to crack a WPA wireless network...

OK so you want a plausible personal method? How about using Reaver (comes with Backtrack), as long as the person has left WPS (wi-fi protected setup, basically remote admin control) enabled on their router (most routers have it left on) then you can crack the WPA password in the same time as a WEP password, very quickly.

I've done this several times now, including to all my neighbors and various places around where I live when I need an alternate internet connection and am yet to find a WPA network it doesn't work on.

Some reading for you:
http://lifehacker.com/5873407/how-to-crack-a-wi+fi-networks-wpa-password-with-reaver

If you have an Android mobile phone, you can run Backtrack 5 like an app, then use your phone to crack people's WEP & WPA wireless networks. It's incredibly easy to set up and do.

Watch system admins shit bricks as you do this, hilarious.

More reading:
https://play.google.com/store/apps/details?id=com.zpwebsites.backtrackinstallguide&hl=en

I have to say I was unaware of the Reaver attack and am impressed.  Guess I should try it out.  Thanks for the info!