Hello 0x00sec! Today in this article we’ll be cracking a device encrypted with LUKS (Linux Unified Key Setup). Breaking LUKS encrypted devices (or any type of encrypted devices) are surprisingly easy if you know what you are doing.
It’s been some time since I joined 0x00sec so I thought it’s about time I contributed something. This is my first article so any valid criticism is welcome.
We could crack LUKS like how these guys did it, but that means authenticating many, many passwords with the luks device the normal way. Which means that that every password would take 1 second just to find whether or not it is correct. If we were using the crackstation wordlist to find the passwords it would take 1,493,677,782 seconds (or 47 years) to get through the wordlist and the password may not even be found.
A better way exists though.
Basically every program loads itself into memory. This includes encryption programs (surprise!). What this means is that whenever a drive is getting authenticated, the program loads the hashed password into the RAM. If we can grab the memory, all we need to do is find the hash, run it through a password cracker and volia! We’ve got the plain text password.
That sounds goods in theory, but how do we implement that in the real world? Well, you’ll need a few tools. I used:
1 LUKS encrypted device (preferably USB) – We’ll use this as our test subject
1 USB (we need somewhere to store the memory dump)
1 Linux OS with cryptsetup on it (I used a Live USB)
LiME LKM (Using this to dump the RAM)
AESKeyFind from http://citp.princeton.edu/research/memory
With that out of the way, let’s begin!
Step 1: Get an encrypted LUKS device
We need a test subject to test our super 1337 H4X03R skill on, so go ahead and encrypt a USB with LUKS. To do this open terminal and type:
// Find the disk we want to encrypt
cryptsetup luksFormat /dev/sdX
// Creates the LUKS container. Make sure to remember password here. We’ll need it for the next steps.
cryptsetup luksOpen /dev/sdX crackme
// Opens the LUKS container so we can create a filesystem
// Creates the filesystem
mount /dev/mapper/crakme /crackme
// Mounts freshly made filesystem. We need to check if it’s working.
//At this point feel free to create a secret file (proof text) to prove you hacked it :)
// Unmounts device, it is ready for hacking.
cryptsetup luksClose crackme
With our device ready, let's move on to the next step:
Step 2: Install LiME
LiME is an LKM used to dump the memory of a computer running Linux. (If you don’t know what an LKM is, google it.) To get it go to http://github.com504enesicsLAbs/LiME and download the zip file. If you want, you can gitclone it.
Once downloaded, unzip and compile LiME:
make // Compiles the LKM from the makefile provided.
modinfo lime.ko // Shows us the details of the newly built LKM.
There should now be a file called LiME.ko. Don’t close the terminal yet. We’ll need it for later.
Step 3: Open device and dump the RAM
Next, we want to open the LUKS device for authentication, then dump the RAM. Open a new terminal and type:
This lists all the devices connected to the computer. Find your LUKS encrypted device and note down the /dev/sdX of the device. Next, type:
cryptsetup luksOpen /dev/sdX crackme
// Where /dev/sdX is the letter of your device
Leave the terminal there.
The hashed password has now been loaded into the RAM. Time to dump the RAM! Go over to the over terminal where you compiled LiME. In it type:
insmod /path/to/lime.ko “path=/path/to/usb/memdump.raw format=raw” // That’s where that second usb comes in.
We want the output to be raw because we don’t want the hash to get mucked up by formating. Also aeskeyfind probably won’t understand other formats.
This will dump the RAM to a disk on the computer. Any disk can suffice, so long as you can access it and it is not the luks device.
LiME will give no ouput, but when it is done it will return the terminal back to you. It’s best not to do run other apps right now. LiME will take some time to finish (on my computer it took around 5 minutes to dump 4GB) so take a break and do something else while you wait.
Step 4: Grab the hash from the RAM dump
With the ramdump finished, we now need to find the hash. To do this, download aeskeyfind from http://citp.princeton.edu/research/memory. Unzip it and compile the program. To do this, in a terminal type:
tar -xvf aeskeyfind-1.0.tar.gz
There should now be a program called aeskeyfind in the folder. To find the hash run:
./aeskeyfind -v /path/to/memdump
This will show you the found hashes in the memory dump. Once that’s done, you can run it through a password cracker. If you need more information for your password cracker, type:
cryptsetup luksDump /dev/sdX
This will give you the cipher, salt and UUID of the LUKS device among other things.
As always, a long and complex password is the best form of defense against such an attack. There really isn’t much you can do about people grabbing hashes from the memory, apart from said defense or nuking your keyslots.
This article has been more centered around grabbing the hashed password of the LUKS device. If you want to learn how to crack hashes, check out this null-byte link: http://null-byte.wonderhowto.com/how-to/password-cracking/
Anyway, that’s enough for today. As always, take your security seriously and hope to see you here or at ##0x00sec on freenode sometime soon.