Linux (Kali/Ubuntu etc) Forensic RAW memory dump need to find pass-phrase(sd5) of /dev/ hard drive
0 replies, posted
Hey everyone
for a project I need to find the password of the pass-phrase that I need to enter at start-up of a virtual machine (*Ubuntu*) which is suppose to be a "VPS" and stuff, but before booting i get asked to enter the pass-phrase "Unlocking the disk --------(sd5 crypt) ... Enter passphrase: " is what I get.
So I used kali linux and the terminal and did the following:
strings ./memorydumpfile.RAWmemory | grep "passwd"
Which gave me the following results:
[QUOTE][URL="http://txt.do/tlm1"][B]txt.do/tlm1
[/B][/URL][/QUOTE]
But I was wondering as I myself am not that handy with linux or such if anyone could guide me to the passphrase of this hard-disk,
The memory dump file : [URL]https://dl.dropboxusercontent.com/u/89740783/aaaaaaaaaa/project.RAWmemory[/URL]
If anyone could help me that'd be kickass!
I know there is a user called "boris" with the password "$cur" but this is not what I am looking for.
Here is a printscreen of the virtualmachine asking for the passphrase:
[URL]https://dl.dropboxusercontent.com/u/89740783/aaaaaaaaaa/raw.png[/URL]
So the basic principle is:
I need to find the passphrase in the virtual memory (.RAWmemory file) to unlock the Virtual machine and acces the "VPS" .
It is for a small-sort-of-project-like thingy for school, but I honestly have no idea about linux machines.
Kindest regards
Siem
Sorry, you need to Log In to post a reply to this thread.