LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-17-2018, 08:35 PM   #1
ZeeshanMalik
LQ Newbie
 
Registered: May 2018
Posts: 1

Rep: Reputation: Disabled
dd command - hide a 5 byte password for TrueCrypt


I would like to hide a 5 byte password for TrueCrypt in the final 5 bytes of MFT record of the MFTMirror record.
And what is the dd command to read the first 30 MFT entries?

Please help and I have installed the kali Linux on Virtual Box.
 
Old 05-18-2018, 02:33 AM   #2
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 11,276

Rep: Reputation: 3388Reputation: 3388Reputation: 3388Reputation: 3388Reputation: 3388Reputation: 3388Reputation: 3388Reputation: 3388Reputation: 3388Reputation: 3388Reputation: 3388
I'm sorry, but do not really understand what do you mean by "hide a 5 byte password for TrueCrypt in the final 5 bytes of MFT record of the MFTMirror record".
here: https://linoxide.com/linux-command/l...eate-1gb-file/ you may find dd related help or here: https://www.linuxquestions.org/quest...ommand-362506/
Why do you use kali? https://www.linuxquestions.org/quest...ad-4175614092/
 
Old 05-18-2018, 07:38 AM   #3
michaelk
Moderator
 
Registered: Aug 2002
Posts: 17,469

Rep: Reputation: 2275Reputation: 2275Reputation: 2275Reputation: 2275Reputation: 2275Reputation: 2275Reputation: 2275Reputation: 2275Reputation: 2275Reputation: 2275Reputation: 2275
I assume MFT is the NTFS Master File Table. A virtualbox guest would only have access to NTFS metadata on a USB drive. If you know ntfs internals then the dd link provided should help you dump the table.
 
Old 05-18-2018, 07:59 AM   #4
rtmistler
Moderator
 
Registered: Mar 2011
Location: MA, USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 7,059
Blog Entries: 12

Rep: Reputation: 2593Reputation: 2593Reputation: 2593Reputation: 2593Reputation: 2593Reputation: 2593Reputation: 2593Reputation: 2593Reputation: 2593Reputation: 2593Reputation: 2593
Quote:
Originally Posted by ZeeshanMalik View Post
I would like to hide a 5 byte password for TrueCrypt in the final 5 bytes of MFT record of the MFTMirror record.
And what is the dd command to read the first 30 MFT entries?

Please help and I have installed the kali Linux on Virtual Box.
Far more information is needed such as what you have tried to resolve this. Why you are using Kali and also do not understand the dd command, and a better explanation of what you are trying to accomplish. If you cannot explain better, than LQ members cannot even begin to try to help you.
 
Old 05-19-2018, 01:25 AM   #5
qrange
Member
 
Registered: Jul 2006
Location: Belgrade, Yugoslavia
Distribution: Debian stable, amd64
Posts: 921

Rep: Reputation: 44
to use dd in such way, you need to know the sector numbers, 'physical' location of that mftmirror.
with that, use 'bs=1' and 'count=5'

Last edited by qrange; 05-19-2018 at 01:26 AM.
 
Old 05-19-2018, 02:29 PM   #6
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,370

Rep: Reputation: 978Reputation: 978Reputation: 978Reputation: 978Reputation: 978Reputation: 978Reputation: 978Reputation: 978
You would first need to know the offsets of the MFT. It isn't in any standard place. But I would hide the password in the surplus sectors at the end of the drive. There's always a few thousand sectors at the end of the drive, which didn't quite fit within partition geometry. The system never writes there, because it isn't part of a file system.

Most utilities can't even access surplus sectors, so it's a pretty safe place. But don't use the last sector, because MS uses that as it's disk pi**ing post.
 
Old 05-20-2018, 02:01 AM   #7
qrange
Member
 
Registered: Jul 2006
Location: Belgrade, Yugoslavia
Distribution: Debian stable, amd64
Posts: 921

Rep: Reputation: 44
yeah, but somebody looking for the password would probably try to find it at the end of drive.
I'd just hide it in some config file.
 
Old 05-20-2018, 07:41 PM   #8
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,370

Rep: Reputation: 978Reputation: 978Reputation: 978Reputation: 978Reputation: 978Reputation: 978Reputation: 978Reputation: 978
You actually write it directly to the drive platters, not as part of any file or file system. I don't think anyone is going to look there. But, do it how you want.
 
Old 05-21-2018, 01:15 AM   #9
qrange
Member
 
Registered: Jul 2006
Location: Belgrade, Yugoslavia
Distribution: Debian stable, amd64
Posts: 921

Rep: Reputation: 44
a bit offtopic..
I don't see a point in using such short password (even if its binary) other than, perhaps, lack of space at that end of disk.
iirc, there was some research and conclusion was that its better to use long passwords with dictionary words than short random ones, or something like that.

edit:
pity hdd manufacturers don't offer rnd filled (instead of zero filled) brand new drives.
yes, they would be harder to make (writing test?), and one would need to trust them, but hey, you gotta trust someone.

Last edited by qrange; 05-21-2018 at 01:20 AM.
 
Old 05-21-2018, 03:47 AM   #10
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 19 MATE
Posts: 5,790
Blog Entries: 2

Rep: Reputation: 1843Reputation: 1843Reputation: 1843Reputation: 1843Reputation: 1843Reputation: 1843Reputation: 1843Reputation: 1843Reputation: 1843Reputation: 1843Reputation: 1843
Quote:
Originally Posted by qrange View Post
a bit offtopic..
I don't see a point in using such short password (even if its binary) other than, perhaps, lack of space at that end of disk.
iirc, there was some research and conclusion was that its better to use long passwords with dictionary words than short random ones, or something like that.
Agreed. I suspect that, in effect, the opening post was a homework question and the "5 bytes" was just a way of the teacher delimiting the question.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Can the truecrypt password be derived from the key? Ulysses_ Linux - Security 20 01-03-2015 11:35 AM
LXer: KeePassX + TrueCrypt + Dropbox: a secure and portable password management solution LXer Syndicated Linux News 0 04-15-2013 11:20 AM
[SOLVED] memcpy fails to copy data, but byte by byte assignment work venu_s Programming 7 07-08-2011 03:29 AM
[SOLVED] Automount Truecrypt, Truecrypt command lline OS Arch Linux yanfaun Linux - Software 5 09-26-2010 07:37 PM
wpa_config: How to hide password? AlfredSka Linux - Wireless Networking 6 10-25-2007 12:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:30 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration