pytruecrypt
Truecrypt volume parsing library by Gareth Owen, University of Portsmouth
Library status:
- Decrypts header (can dump raw decrypted header)
- Decodes header fields
- Can dump any decrypted sector
- Hidden volume support
- Easy to use - see example and source code for API
Examples:
- mount.py: Mount volume on linux using device mapper
- pwcrack.py: Password cracker
- dump.py: Header and sector decrypted hex dump
TODO:
- add more options
PREREQUISITES: You must have pycryptoplus installed.
DOCUMENTATION:
Very little as the code is compact. See the examples, and pytruecrypt.py - the comments show how to use it.
EXAMPLE USAGE:
Use -h for a hidden volume
mount.py [-h] volumename dmname
pwcrack.py [-h] volumename wordlist
dump.py [-h] volumename
Example capabilities:
HEADER ------------
Magic : TRUE
HdrVersion : 5
MinProgVer : 7
CRC : 478393955
Reserved :
HiddenVolSize : 0
VolSize : 4980736
DataStart : 131072
DataSize : 4980736
Flags : 0
SectorSize : 512
Reserved2 :
CRC3 : 1731532461
Keys : 9957787da1014346895b4fc2ceafe00727819694f049b4fb9c74fae99e087312342f456f9db596a79bf8ef1dd46d542c0084ad9a1ebed3c1903ec96e59b2fc1d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
FIRST SECTOR-------
0000 eb 3c 90 4d 53 44 4f 53 35 2e 30 00 02 02 02 00 .<.MSDOS5.0.....
0010 02 00 02 00 26 f8 13 00 01 00 01 00 00 00 00 00 ....&...........
0020 00 00 00 00 00 00 29 18 d5 1e 7d 4e 4f 20 4e 41 ......)...}NO NA
0030 4d 45 20 20 20 20 46 41 54 31 36 20 20 20 00 00 ME FAT16 ..
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa ..............U.
0 9728 crypt aes-xts-plain64 9957787da1014346895b4fc2ceafe00727819694f049b4fb9c74fae99e087312342f456f9db596a79bf8ef1dd46d542c0084ad9a1ebed3c1903ec96e59b2fc1d 256 /dev/loop0 256
Tcryptdevice on /dev/mapper/tcrypt - you may now mount it