Hmm I have succeeded (probably) in getting master key from memory (yeah! :) ) but it seems that there is no way how to tell cryptsetup to use supplied key as a master key, damn. :-/ On Sat, Mar 6, 2010 at 2:16 PM, Gilles PIETRI <contact+dev@xxxxxxxxxxxx> wrote: > Le 06/03/2010 01:12, Marek Stopka a écrit : >> >> Hi guys, I have forgotten password to my luks encrypted disk, I have >> lost no data (yet :) ), because system is still running with unlocked >> device, but problem is, that I have a scheduled hardware maintanance >> window quite soon, so I was wondering is it somehow easily possible to >> luksAddKey without knowing a password or recover password from memory >> or it will be much more easier to copy those data somewhere else and >> create a new encrypted disk? It is like 12TB of data so I would really >> prefer not to copy those data somewhere else, but if I will have to, I >> can pull that off... >> >> But I am wondering since key need to be in a memory somewhere there >> could be a way... :) >> > > You could probably launch a "hot cold boot attack" then.. I have no idea if > luks/dmcrypt allows you to do it, but you could use that kind of tools: > http://citp.princeton.edu/memory/code/ that were made to look for the key in > RAM after a "cold boot". > > I guess the code or the idea behind it will work even better on an alive > system! Yet, maybe there is a simple way to do so using the standard tools.. > > Good luck, > Gilou > -- S pozdravem / Best regards Marek Stopka Kontakty / Contacts Mobil/Cell phone: +420 608 149 955 E-mail: mstopka@xxxxxxxxxxxx WEB: www.m4r3k.org _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
