VeraCrypt

In this blog:

• Link to Steghide.

• What is VeraCrypt?

• Installation.

• Creating an encrypted file container.

• Mounting devices.

• Inside locked-container.

This is a continuation of the Steghide walkthrough - found here ➡️

➡️ https://spcyber.wixsite.com/spsecurity/post/steghide

What is VeraCrypt?

VeraCrypt can be downloaded on Mac, Windows, and most other Linux based operating systems.

It is a free and open source disk encryption program.

VeraCrypt can create virtual encrypted disks, encrypt partitions, or encrypt the entire storage device with pre-boot authentication.

Uses enhanced security in algorithms which makes it fairly immune to advancements in brute force attacks.

The latest Linux tarball of VeraCrypt can be found at https://www.veracrypt.fr/en/Downloads.html ➡️

Installation

The software downloaded into my downloads folder.

To make it easier to find, I made a new directory called VeraCrpyt and moved the download file into this directory.

I completed both commands in one using the pipe function.

Type ➡️

mkdir veracrypt | mv <veracrypt tarball> veracrypt

Open the file. There are 32-bit and 64-bit versions for both the command line and gui versions of the software. Download the 64-bit gui version of veraCrypt.

Extract the bottom file and head to the terminal and use ./ to start the program.

I went with option 1.

Read the terms and conditions (or don’t) and click enter to exit the prompt.

Go to the start menu and search for VeraCrypt. It should be available now.

Creating an encrypted file container

Go to Volumes and create new Volume.

Create an encrypted file container.

Go to where you saved the extracted file and create an empty file named lock-container.

Choose standard VeraCrypt Volume and choose the lock-container file to save it to.

I will choose the default encryption options.

For the size I will choose an arbitrary 750 MB.

For the password, I have a random password generator script that I wrote.

Click here to see a breakdown ➡️ https://spcyber.wixsite.com/shonepcyber/post/password-generator-python

For the next page, I stuck with the default FAT filesystem for the volume format.

For the final step, move the mouse around inside the window as randomly as possible as this will allow the cryptographic generator to create a stronger encryption key. Then click format.

Mounting devices

Click on a slot and select the lock-container file and click mount.

You will be prompted for the password you set when creating the VeraCrypt account and then you will be asked for your administrator password.

The volume is mounted and created in the /media/veracrypt1 directory.

Inside locked-container

I will use the lbkl (list block) command which lists block devices (devices that are read and written to a block at a time, usually 512MB – common block devices include hard disks.)

You can create a folder in the encrypted VeraCrypt directory.

I have created a test file named secretfolder1 and also moved the black hole image I used for the steganography to this directory to encrypt it so I don’t leave any tracks behind.

Now we can exit out of the command line and click dismount in VeraCrypt.

Checking the directory now shows that it doesn’t exist. Our files are encrypted and hidden.

To see our files again, startup VeraCrypt and mount the lock-container file with your passwords.

In the command line we can now see our unencrypted files.