-
Notifications
You must be signed in to change notification settings - Fork 0
r1k0/denyfs
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
########################### ### using denyfs itself ### ########################### //Create a 100Mb file and fill it with urandom data $ dd if=/dev/urandom of=fs bs=512K count=200 //Create a loopback device # losetup /dev/loop0 fs //Create a cryptsetup device # cryptsetup create fs1 /dev/loop0 # cryptsetup create fs2 /dev/loop0 # cryptsetup create fs3 /dev/loop0 # cryptsetup create fs4 /dev/loop0 # cryptsetup create fs5 /dev/loop0 ... NOTE: Choose a DIFFERENT password for EACH FS. Those devices are created in /dev/mapper/ You can go up to 16 this way. //Check the number of total blocks available for each crypted device # denyfs --table /dev/mapper/fs1 # denyfs --table /dev/mapper/fs2 ... OR //Check 'em all at the same time # denyfs --table /dev/mapper/fs? //Size up the cryptsetup device using denyfs # denyfs --setsize 1,13 /dev/mapper/fs? # denyfs --setsize 2,2 /dev/mapper/fs? # denyfs --setsize 3,30 /dev/mapper/fs? NOTE: You don't have to allocate all blocks. You need to set up devices in the RIGHT order. //Create a linearized crypted device. //It is where we'll be able to hide data on a regular FS (i.e. ext2). # denyfs --dmsetup fs1_new /dev/mapper/fs1 # denyfs --dmsetup fs2_new /dev/mapper/fs2 ... NOTE: //Create an ext2 FS on top of it # mke2fs -m 0 /dev/mapper/fs1_new # mke2fs -m 0 /dev/mapper/fs2_new ... NOTE: You can use ext3 though it is not recommended. Try to avoid journalized FS even if it should work though. //Mount the whole # mount /dev/mapper/fs1_new /foo/bar1 # mount /dev/mapper/fs1_new /foo/bar2 ... NOW, you can interact on /foo/bar1 and 2 as if it was a regular entry point. i.e hide your data there ^^ //Umount the whole # umount /dev/mapper/fs1_new # umount /dev/mapper/fs2_new ... //Remove dmsetup devices # dmsetup remove fs1_new # dmsetup remove fs2_new ... //Remove cryptsetup devices # cryptsetup remove fs1 # cryptsetup remove fs2 ... //Remove loopback device # losetup -d /dev/loop0 Finally redo those steps without changing the size of blocks. When you create your cryptsetup device, select one of the passwords you have set previously to mount the corresponding denyfs. Enjoy your privacy! ###################### # using dfs wrappers # ###################### 1. First create a container in a location of your choice. aspire 0.1.1 # dfstouch -h Usage: /usr/sbin/dfstouch [options] Options: -f, --file [/path/fs] Path to your filesystem -c, --count [int] Block iteration (multiple of 512K) -h, --help This -v, --version Print version Example: # this creates a 200M file container /usr/sbin/dfstouch -f fs -c 400 aspire 0.1.1 # aspire 0.1.1 # dfstouch -f /tmp/fs -c 400 >>> Creating 204M fs ... OK aspire 0.1.1 # 2. Then open the file and give your secret volume mapping. Assume the stealth volume is the 3rd one. The -m option will create your volume mount points within /mnt/here. The -k option asks to create an Ext2 filesystem an top of the new volumes. Of course -k is required only for the first time. aspire 0.1.1 # dfsopen -h Usage: /usr/sbin/dfsopen [options] Options: -f, --file [/path/fs] Path to your container -b, --block [int]K/M Size of a single block -c, --count [int] Block iteration (-b X -c = size of file) -m, --mount [/path] Path to mountpoint -k, --mkfs Initialize the filesystem (run the first time only) -h, --help This -v, --version Print version Example: # note the -k option will create a filesystem when first run /usr/sbin/dfsopen -f fs -l loop0 -d 1=2,2=2,3=5,4=2,5=6,6=4,7=2,8=3,9=2 -m /mnt/here -k # a daily command /usr/sbin/dfsopen -f fs -l loop0 -d 1=2,2=2,3=5,4=2,5=6,6=4,7=2,8=3,9=2 -m /mnt/here aspire 0.1.1 # aspire 0.1.1 # dfsopen -f /tmp/fs -l loop0 -d 1=10,2=3,3=1 -m /mnt/here -k >>> Binding to loop0 ... OK >>> Mapping cryptsetup block devices ... Enter passphrase: Enter passphrase: Enter passphrase: >>> Sizing up block devices ... device 1 ... Checking device structure ... Do you intend to resize? (CTRL-C to abort) Enlarging ... using empty block 81 becomes block 0 of /dev/mapper/fs1 using empty block 84 becomes block 1 of /dev/mapper/fs1 using empty block 5 becomes block 2 of /dev/mapper/fs1 using empty block 83 becomes block 3 of /dev/mapper/fs1 using empty block 86 becomes block 4 of /dev/mapper/fs1 using empty block 95 becomes block 5 of /dev/mapper/fs1 using empty block 15 becomes block 6 of /dev/mapper/fs1 using empty block 18 becomes block 7 of /dev/mapper/fs1 using empty block 64 becomes block 8 of /dev/mapper/fs1 using empty block 67 becomes block 9 of /dev/mapper/fs1 device 2 ... Checking device structure ... Do you intend to resize? (CTRL-C to abort) Enlarging ... using empty block 4 becomes block 0 of /dev/mapper/fs2 using empty block 8 becomes block 1 of /dev/mapper/fs2 device 3 ... Checking device structure ... Do you intend to resize? (CTRL-C to abort) Enlarging ... using empty block 90 becomes block 0 of /dev/mapper/fs3 >>> Mapping to crytpsetup block devices ... Checking device structure ... Checking device structure ... Checking device structure ... >>> Creating filesystems ... mke2fs 1.41.8 (11-July-2009) Étiquette de système de fichiers= Type de système d'exploitation : Linux Taille de bloc=1024 (log=0) Taille de fragment=1024 (log=0) 5136 i-noeuds, 20480 blocs 0 blocs (0.00%) réservés pour le super utilisateur Premier bloc de données=1 Nombre maximum de blocs du système de fichiers=20971520 3 groupes de blocs 8192 blocs par groupe, 8192 fragments par groupe 1712 i-noeuds par groupe Superblocs de secours stockés sur les blocs : 8193 Écriture des tables d'i-noeuds : complété Écriture des superblocs et de l'information de comptabilité du système de fichiers : complété Le système de fichiers sera automatiquement vérifié tous les 20 montages ou après 180 jours, selon la première éventualité. Utiliser tune2fs -c ou -i pour écraser la valeur. mke2fs 1.41.8 (11-July-2009) Étiquette de système de fichiers= Type de système d'exploitation : Linux Taille de bloc=1024 (log=0) Taille de fragment=1024 (log=0) 1024 i-noeuds, 4096 blocs 0 blocs (0.00%) réservés pour le super utilisateur Premier bloc de données=1 Nombre maximum de blocs du système de fichiers=4194304 1 groupe de bloc 8192 blocs par groupe, 8192 fragments par groupe 1024 i-noeuds par groupe Écriture des tables d'i-noeuds : complété Écriture des superblocs et de l'information de comptabilité du système de fichiers : complété Le système de fichiers sera automatiquement vérifié tous les 37 montages ou après 180 jours, selon la première éventualité. Utiliser tune2fs -c ou -i pour écraser la valeur. mke2fs 1.41.8 (11-July-2009) Étiquette de système de fichiers= Type de système d'exploitation : Linux Taille de bloc=1024 (log=0) Taille de fragment=1024 (log=0) 256 i-noeuds, 2048 blocs 0 blocs (0.00%) réservés pour le super utilisateur Premier bloc de données=1 Nombre maximum de blocs du système de fichiers=2097152 1 groupe de bloc 8192 blocs par groupe, 8192 fragments par groupe 256 i-noeuds par groupe Écriture des tables d'i-noeuds : complété Écriture des superblocs et de l'information de comptabilité du système de fichiers : complété Le système de fichiers sera automatiquement vérifié tous les 21 montages ou après 180 jours, selon la première éventualité. Utiliser tune2fs -c ou -i pour écraser la valeur. >>> Mounting filesystems ... /mnt/here1 mounted /mnt/here2 mounted /mnt/here3 mounted aspire 0.1.1 # 3. Check things are as expected. Verify your block table matches your design. The -t option will dump you a view of the space ratio. Dump the block offset per volume using the -o option. aspire 0.1.1 # aspire 0.1.1 # df -h | grep here /dev/mapper/fs1_new 20M 172K 20M 1% /mnt/here1 /dev/mapper/fs2_new 3,9M 29K 3,9M 1% /mnt/here2 /dev/mapper/fs3_new 2,0M 21K 2,0M 2% /mnt/here3 aspire 0.1.1 # aspire 0.1.1 # mount | grep here /dev/mapper/fs1_new on /mnt/here1 type ext2 (rw) /dev/mapper/fs2_new on /mnt/here2 type ext2 (rw) /dev/mapper/fs3_new on /mnt/here3 type ext2 (rw) aspire 0.1.1 # aspire 0.1.1 # tree -h /mnt/here? /mnt/here1 `-- [ 12K] lost+found /mnt/here2 `-- [ 12K] lost+found /mnt/here3 `-- [ 12K] lost+found 3 directories, 0 files aspire 0.1.1 # aspire 0.1.1 # denyfs -h Usage: denyfs [option] Where [option] is one of the following: -t, --table [loop]? display devices block table -l, --list-freeblocks [loop]? list free blocks -o, --offset [cryptsetup device] print offsets of blocks of a single device -s, --setsize [int1],[int2] [loop]? set size of device nb [int1] with [int2] block -d, --dmsetup [new device] dmsetup device mount -v, --version version -h, --help this. Example: denyfs -o /dev/mapper/fs1 denyfs -t /dev/mapper/fs? denyfs -s 1,12 /dev/mapper/fs? denyfs -s 2,2 /dev/mapper/fs? denyfs -l /dev/mapper/fs? denyfs -d fs1_new /dev/mapper/fs1 aspire 0.1.1 # aspire 0.1.1 # denyfs -t /dev/mapper/fs? Checking device structure ... Nb of blocks Device Device nb Size + 10 /dev/mapper/fs1 1 20Mb + 2 /dev/mapper/fs2 2 4Mb + 1 /dev/mapper/fs3 3 2Mb + 86 < -- Total nb of free blocks ----------- = 99 <-- Total nb of blocks space ratio: 86% free aspire 0.1.1 # aspire 0.1.1 # denyfs -o /dev/mapper/fs1 Checking device structure ... 0 4096 linear /dev/mapper/fs1 331882 4096 4096 linear /dev/mapper/fs1 344170 8192 4096 linear /dev/mapper/fs1 20586 12288 4096 linear /dev/mapper/fs1 340074 16384 4096 linear /dev/mapper/fs1 352362 20480 4096 linear /dev/mapper/fs1 389226 24576 4096 linear /dev/mapper/fs1 61546 28672 4096 linear /dev/mapper/fs1 73834 32768 4096 linear /dev/mapper/fs1 262250 36864 4096 linear /dev/mapper/fs1 274538 aspire 0.1.1 # aspire 0.1.1 # denyfs -o /dev/mapper/fs2 Checking device structure ... 0 4096 linear /dev/mapper/fs2 16490 4096 4096 linear /dev/mapper/fs2 32874 aspire 0.1.1 # aspire 0.1.1 # denyfs -o /dev/mapper/fs3 Checking device structure ... 0 4096 linear /dev/mapper/fs3 368746 aspire 0.1.1 # aspire 0.1.1 # 4. Now hide your data. Fill in /mnt/here1 /mnt/here2 and /mnt/here3 the last one being your secret place, here2 a data flare (supposed to be a fake secret place) and here1 just personal garbage. Let's put 15Mb in here1 3Mb in here2 and 1Mb in here1. aspire 0.1.1 # ls -lh sizzla* -rwxr-xr-x 1 root root 4,0M août 23 14:56 sizzla.mp3 -rwxr-xr-x 1 root root 691K août 23 15:26 sizzla-small.mp3 -rw-r--r-- 1 root root 16M août 23 14:57 sizzlax4.mp3 aspire 0.1.1 # cp sizzlax4.mp3 /mnt/here1 aspire 0.1.1 # cp sizzla.mp3 /mnt/here2/ aspire 0.1.1 # cp sizzla-small.mp3 /mnt/here3 aspire 0.1.1 # aspire 0.1.1 # tree -h /mnt/here? /mnt/here1 |-- [ 12K] lost+found `-- [ 16M] sizzlax4.mp3 /mnt/here2 |-- [ 12K] lost+found `-- [4.0M] sizzla.mp3 /mnt/here3 |-- [ 12K] lost+found `-- [691K] sizzla-small.mp3 3 directories, 3 files aspire 0.1.1 # 5. Close all volumes. aspire 0.1.1 # dfsclose -h Usage: /usr/sbin/dfsclose [options] Options: -f, --file [/path/fs] Path to your filesystem -l, --loop [loop] Loop device -n, --numdev [int] Number of sub devices -h, --help This -v, --version Print version Example: /usr/sbin/dfsclose -f fs -l loop0 -n 9 aspire 0.1.1 # aspire 0.1.1 # dfsclose -f fs -l loop0 -n 3 >>> Unmounting filesystems ... /dev/mapper/fs1_new OK /dev/mapper/fs2_new OK /dev/mapper/fs3_new OK >>> Unmapping dmsetup block devices ... /dev/mapper/fs1_new OK /dev/mapper/fs2_new OK /dev/mapper/fs3_new OK >>> Unmapping cryptsetup devices ... /dev/mapper/fs1 OK /dev/mapper/fs2 OK /dev/mapper/fs3 OK >>> Unbinding /dev/loop0 ... aspire 0.1.1 # aspire 0.1.1 # mount | grep here aspire 0.1.1 # ls /dev/mapper/ control root swap aspire 0.1.1 # 6. Let's reopen them all and check we still have the files and close again. aspire 0.1.1 # dfsopen -f /tmp/fs -l loop0 -d 1=10,2=3,3=1 -m /mnt/here >>> Binding to loop0 ... OK >>> Mapping cryptsetup block devices ... Enter passphrase: Enter passphrase: Enter passphrase: >>> Sizing up block devices ... device 1 ... Checking device structure ... device 2 ... Checking device structure ... device 3 ... Checking device structure ... >>> Mapping to crytpsetup block devices ... Checking device structure ... Checking device structure ... Checking device structure ... >>> Mounting filesystems ... /mnt/here1 mounted /mnt/here2 mounted /mnt/here3 mounted aspire 0.1.1 # tree -h /mnt/here? /mnt/here1 |-- [ 12K] lost+found `-- [ 16M] sizzlax4.mp3 /mnt/here2 |-- [ 12K] lost+found `-- [4.0M] sizzla.mp3 /mnt/here3 |-- [ 12K] lost+found `-- [691K] sizzla-small.mp3 3 directories, 3 files aspire 0.1.1 # dfsclose -f fs -l loop0 -n 3 >>> Unmounting filesystems ... /dev/mapper/fs1_new OK /dev/mapper/fs2_new OK /dev/mapper/fs3_new OK >>> Unmapping dmsetup block devices ... /dev/mapper/fs1_new OK /dev/mapper/fs2_new OK /dev/mapper/fs3_new OK >>> Unmapping cryptsetup devices ... /dev/mapper/fs1 OK /dev/mapper/fs2 OK /dev/mapper/fs3 OK >>> Unbinding /dev/loop0 ... aspire 0.1.1 # 7. Open the hidden volume only add a file to it and close it. aspire 0.1.1 # dfsopen -f /tmp/fs -l loop0 -d 3=1 -m /mnt/here >>> Binding to loop0 ... OK >>> Mapping cryptsetup block devices ... Enter passphrase: >>> Sizing up block devices ... device 1 ... Checking device structure ... >>> Mapping to crytpsetup block devices ... Checking device structure ... >>> Mounting filesystems ... /mnt/here1 mounted aspire 0.1.1 # aspire 0.1.1 # tree -h /mnt/here? /mnt/here1 |-- [ 12K] lost+found `-- [691K] sizzla-small.mp3 /mnt/here2 /mnt/here3 1 directory, 2 files aspire 0.1.1 # aspire 0.1.1 # echo pi > /mnt/here1/secret aspire 0.1.1 # tree -h /mnt/here? /mnt/here1 |-- [ 12K] lost+found |-- [ 3] secret `-- [691K] sizzla-small.mp3 /mnt/here2 /mnt/here3 1 directory, 2 files aspire 0.1.1 # aspire 0.1.1 # dfsclose -f fs -l loop0 -n 1 >>> Unmounting filesystems ... /dev/mapper/fs1_new OK >>> Unmapping dmsetup block devices ... /dev/mapper/fs1_new OK >>> Unmapping cryptsetup devices ... /dev/mapper/fs1 OK >>> Unbinding /dev/loop0 ... aspire 0.1.1 # 8. Open the hidden volume only with a wrong password. aspire 0.1.1 # dfsopen -f /tmp/fs -l loop0 -d 3=1 -m /mnt/here >>> Binding to loop0 ... OK >>> Mapping cryptsetup block devices ... Enter passphrase: >>> Sizing up block devices ... device 1 ... Checking device structure ... Do you intend to resize? (CTRL-C to abort) ^C aspire 0.1.1 # At this point you should be _very_ careful. If you do not intend to resize your volume than you must realize that your password is wrong (the password is parameter of the block mapping logic). If you do pursue you will resize the hidden volume. Although in some very lucky and special cases, if you enlarge your volume you may again access your previously hidden data, don't assume that in general as shrinking the volume will erase it for sure (unless again you free unused blocks but you'd really be lucky and you should play Euromillion).
About
a steganographic and encrypted container tool for linux 2.6 (no modules)
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published