Truecrypt modding ???

Discussion in 'privacy technology' started by DavidXanatos, Mar 27, 2009.

Thread Status:
Not open for further replies.
  1. jxwy

    jxwy Registered Member

    Joined:
    Aug 11, 2008
    Posts:
    8

    @sp1906207
    Thanks for your perfect works!
    I do not know if you compare "TrueCrypt 6.2a Source" with "ModCrypt6.2_src.rar" which given by DavidXanatos?
     
  2. sp1906207

    sp1906207 Registered Member

    Joined:
    Jan 31, 2010
    Posts:
    11
    I'm not sure what the question is here...

    I did look at DavidXanatos's mods, and I see that he did a much deeper modification (both in terms of adding more code to read variables from registry, and in terms of behavior changes). His mods are really cool, but it would take me too much time and effort to accurately merge them with new 6.3a source code. So, I just decided to take an easy route (chicken!), and make just enough changes for the single most demanded fix (for me, and probably most other people).

    While DavidXanatos's mods easily qualify as a "project" in itself, mine (based on mantakrypt's idea) is just a simple change+recompile.
     
  3. jxwy

    jxwy Registered Member

    Joined:
    Aug 11, 2008
    Posts:
    8
    Dear sp1906207,Thanks for replying.I mean if you compare ModCrypt6.2a_src with the original TrueCrypt 6.2a Source, you may find a easy way to modify Truecrypt.
    ie,ModCrypt6.2a_src is a good reference.
    Sorry I am a layman about C++.
    Thanks again!
     
    Last edited: Feb 12, 2010
  4. sp1906207

    sp1906207 Registered Member

    Joined:
    Jan 31, 2010
    Posts:
    11
    As far as I can see, author commented each piece of code he changed with "David X." comment, so it's quite easy to find all such places (actaully running any text comparison program is easy too), even though there's so many of such changed pieces.

    What is not so easy - is analysing each single changed line or block, to understand what effects such change may have on overall system behavior. And also analysing if every single one of those changes would still render the same result if moved as-is to 6.3a, which is not necessarily the case. And also testing properly (the more changes you made - the more testing you must do, before calling it a success).

    As I said, instead of doing such time-consuming analysis of more complex and broad changes, I decided to perform much easier analysis and changes aimed at just 1 single element of behavior - read-only-ness.
     
  5. mantrakrypt

    mantrakrypt Registered Member

    Joined:
    Oct 22, 2009
    Posts:
    5
    In the TCOpenVolume() function I believe it sends an ioctl with a standard request id straight to the device to check if it's read only, and a user defined one so that TC can impose further restrictions on whether the volume should be read only if the system is hidden. I think this function is fine.

    You're right about being able to mount the system volume twice, I actually noticed that before but forgot about it. It's a problem if you use auto-mount and you're mounting something else with the same password as the system. I didn't notice any problems doing that, though. It "shouldn't" be any different than making NTFS symbolic links. Of course the simple fix is "don't do it!"

    Being able to write to the boot sector in a hidden system isn't a concern to me since the entire point of the mod was to allow writing to whatever you want, and also only a program with admin rights can do that anyway.

    Yeah, I didn't notice the hibernate problem but I do my own partitioning so I don't have this problem.

    Also, yeah, you need to install the driver after you've finished wiping the decoy partition.
     
  6. sp1906207

    sp1906207 Registered Member

    Joined:
    Jan 31, 2010
    Posts:
    11
    Agree, agree, and agree.

    Now the only thing I'd really dream about - is truecrypt being able to mount volumes directly to NTFS mount points (folders), instead of only drive letters (I know I can add mount point and remove the letter later, but that's a hassle).

    Now, I'm sure that will not be as easy as the read-only fix. :)
     
  7. Themuzz

    Themuzz Registered Member

    Joined:
    May 29, 2009
    Posts:
    23
    Maybe a bit late reaction, but the modded 6.3a version is working perfectly!!!

    Thanks sp1906207!!
     
  8. Vapour

    Vapour Registered Member

    Joined:
    Sep 2, 2009
    Posts:
    3
    Is that with all the comments above taken into account?

    If so fancy posting it?
     
  9. sp1906207

    sp1906207 Registered Member

    Joined:
    Jan 31, 2010
    Posts:
    11
    Sorry, posting what exactly?

    Link (sendspace) to the recompiled drivers is in the last message on the previous page (page #2). And those drivers were recompiled with all that's being discussed above taken into account already.

    And be sure to read all the comments regarding using x64 version (and recovering from possible associated boot problems). In general, running those x64 modded drivers is not for faint-hearted, it does take some effort, knowledge and persistence to get everything working consistently (due to test-signing limitations, mostly).
     
  10. sp1906207

    sp1906207 Registered Member

    Joined:
    Jan 31, 2010
    Posts:
    11
    Also, while I'm at it... Would anybody be interested in couple of additional scripts?

    1) get the list of currently available HDD devices, with volume names and serial numbers, which are not yet TC-mounted (e.g. to automate mounting, based on serial numbers; this would be .vbs using WMI); devices would be listed as "\\.\PHYSICALDRIVEx", or as "\Device\HarddiskX\Partition0";

    2) get the list of already TC-mounted volumes, with physical volume names and mounted drive letters (to automate dismounting, based on drive letters; this would be binary compiled from C, using IOCTL calls to TC driver); volume names would be listed as "\Device\HarddiskX\PartitionY", and generally this would provide the same info as TC's main GUI (only in a command-line form usable for scripting / automation);

    If interested - let me know, with nice-to-have requirements. I'm doing this for myself anyway, so might as well make something a bit universal, for others to enjoy.
     
  11. qwe

    qwe Registered Member

    Joined:
    Mar 20, 2010
    Posts:
    1
    Here is my patch to TrueCrypt 6.3a:
    TrueCrypt_6.3a_patched.zip(source code and installer)
    It adds:
    - mounting non-encrypted volumes in R/W mode within Hidden OS
    - ability to create standard encrypted volumes under Hidden OS(default - only hidden are permitted)
    - ability to skip Rescue Disk check while encrypting system partition
    - ability to skip wiping of initial OS after installation of Hidden OS
     
  12. jxwy

    jxwy Registered Member

    Joined:
    Aug 11, 2008
    Posts:
    8
    i am get interested in it
    please upload the script
    thanks for sharing!
     
  13. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,536
    Location:
    USA
    After they take your hard drive they will make a copy of all partitions encrypted or not. Depending on the investigation they are very likely to use a hardware keylogger for any passwords. They most likely will ask you for the password, and if compliance is not gained they will obtain the password from the keylogger log. They will look at the keylogger log regardless for possible hidden partitions if they know what they are doing.
     
  14. cage900

    cage900 Registered Member

    Joined:
    Aug 9, 2010
    Posts:
    1
    i've got hidden os with TC 7.
    I want to use "Read_ONly Removing Patch" can somebody upload it for this version?

    It is safe to downgrade TC version if im using hidden os?
     
  15. KookyMan

    KookyMan Registered Member

    Joined:
    Feb 2, 2008
    Posts:
    367
    Location:
    Michigan, USA
    Going back to 6.3a if it was made with 6.3a should be safe. If the install was made using 7, I'd suggest its only safe if the headers are unchanged between the two versions. It's possible it won't work at all though as the header does have the version number in it.
     
  16. kakaka

    kakaka Registered Member

    Joined:
    Oct 5, 2009
    Posts:
    66
    The link http://www.filehosting.org/file/details/124180/TrueCrypt_6.3a_patched.zip does not work amymore.

    please provide a copy of TrueCrypt_6.3a_patched.zip if you possess it.
     
  17. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    288
    Location:
    Viena
    I'm going to create a new modified TC version, but this time I would like to add a different feature.

    I want to make the Bootloader be oparable with only Arow keys + enter/esc cause my viliv s5 UMPC only has this keys, and the soft keyboard is not available at boot time as its a windows app :p

    I would be happy about some assistance as coding bootlaoders is new to me as well as I don't have any real experience with assembler.

    EDIT: ok that was easy....

    here the code:
    Code:
    static byte AskPassword (Password &password)
    {
    	size_t pos = 0;
    	byte scanCode;
    	byte asciiCode;
    
    #define TC_BIOS_KEY_RIGHT	77
    #define TC_BIOS_KEY_LEFT	75
    #define TC_BIOS_KEY_UP		72
    #define TC_BIOS_KEY_DOWN	80
    	byte asciiCodeEnum = 0; // c >= ' ' && c <= '~';
    
    	Print ("Enter password");
    	Print (PreventNormalSystemBoot ? " for hidden system:\r\n" : ": ");
    
    	while (true)
    	{
    		asciiCode = GetKeyboardChar (&scanCode);
    
    		switch (scanCode)
    		{
    		case TC_BIOS_KEY_ENTER:
    			ClearBiosKeystrokeBuffer();
    			PrintEndl();
    
    			password.Length = pos;
    			return scanCode;
    
    		case TC_BIOS_KEY_LEFT:
    		case TC_BIOS_KEY_BACKSPACE:
    			if (pos > 0)
    			{
    				if (pos < MAX_PASSWORD)
    					PrintBackspace();
    				else
    					PrintCharAtCursor (' ');
    
    				--pos;
    			}
    			continue;
    
    		case TC_BIOS_KEY_RIGHT:
    			if(asciiCodeEnum == 0)
    				continue;
    			asciiCode = asciiCodeEnum;
    			break;
    
    		case TC_BIOS_KEY_UP:
    		case TC_BIOS_KEY_DOWN:
    			if(asciiCodeEnum == 0)
    			{
    				asciiCodeEnum = 'a';
    			}
    			else
    			{
    				byte asciiCodeNew = (scanCode == TC_BIOS_KEY_UP) ? asciiCodeEnum-1 : asciiCodeEnum+1;
    				if(!IsPrintable (asciiCodeNew))
    					continue;
    				asciiCodeEnum = asciiCodeNew;
    			}
    			PrintCharAtCursor (asciiCodeEnum);
    			continue;
    
    
    		default:
    			if (scanCode == TC_BIOS_KEY_ESC || IsMenuKey (scanCode))
    			{
    				burn (password.Text, sizeof (password.Text));
    				ClearBiosKeystrokeBuffer();
    
    				PrintEndl();
    				return scanCode;
    			}
    		}
    
    		if (!IsPrintable (asciiCode) || pos == MAX_PASSWORD)
    		{
    			Beep();
    			continue;
    		}
    
    		password.Text[pos++] = asciiCode;
    		if (pos < MAX_PASSWORD)
    			PrintChar ('*');
    		else
    			PrintCharAtCursor ('*');
    	}
    }
     
    Last edited: Sep 8, 2010
  18. jxwy

    jxwy Registered Member

    Joined:
    Aug 11, 2008
    Posts:
    8
    It is good news !
     
  19. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    288
    Location:
    Viena
  20. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,536
    Location:
    USA
    That would really suck if the owner accidentally entered the wrong password lol
     
  21. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    I understand why people frequently request a self destruct function but what I don't understand is why drivecrypt or anyone else would actually implement it. This is fake security!
    You can't stop someone from making a copy of the hard disk before the self destruct executes. At least not with software.
     
  22. jxwy

    jxwy Registered Member

    Joined:
    Aug 11, 2008
    Posts:
    8
    thanks very much!!!
    It is great!
    if you update the new version truecrypt 7.0a with the feature:"Option to dissable Write protection in a hiddenOS"?
     
  23. Themuzz

    Themuzz Registered Member

    Joined:
    May 29, 2009
    Posts:
    23
    Hi guys,

    anyone still alive? :) I was wondering, is anyone looking at modding the new truecrypt 7 with the option to read/write to usb (and network) from a hidden system disk? Would be great, I love the new features of Truecrypt!

    Hopefully some of you guys still live :)

    Regards,

    Themuzz
     
  24. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126
    Hi DavidXanatos,

    What's your latest stable modded release?
     
  25. Themuzz

    Themuzz Registered Member

    Joined:
    May 29, 2009
    Posts:
    23
    Would be great if someone could mod the new 7 version, I don't have the knowledge for it :(
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.