Xathrya Sabertooth |
| Creating Hidden Partition – Linux Edition Posted: 06 Sep 2013 08:47 AM PDT You have some confidential stuffs that no one should read / watch? You need to keep your data save? There are many things you can do to protect your data. One could mention encryption, to encrypt your data to unreadable data so just you who know the key can access it. Another trick is setting the permission of file or folder, or maybe get the confusing hierarchy of data. Oh, and not to mention if you are using Windows you can use Windows feature to hide your data. Well, that’s nice but let me tell you cool trick: hidden partition. This article will discuss about Hidden Partition, and the trick from Linux perspective. What is Hidden Partition?Like implied by the name, hidden partition is a partition from disk or other storage media that hidden or invisible from system. So, what’s so cool about hidden partition? You can still use tricks like things we have mentioned above, but above all the partition we are playing with are invisible to the system. Imagine, how could (common) people do to your privacy if they can’t find the partition where you hide your stuffs. It’s like implementing hidden files/folders but in higher level: partition. When people don’t aware there are some hidden partition, how can they browse or manipulate through it? Yes, that’s the point! Theory BehindPartition is just an area in hard disk which is defined by start on certain sector and end on certain sector. Data on the disk are written to a small allocation unit called block. Each block has fix size, for example 4kB. A file system is a way to store, read, write, and delete data effectively. There are many filesystems, but we won’t cover it in detail. Some popular file systems are: FAT, NTFS, EXT series (2/3/4), HFS, ZFS, XFS, ReiserFS, etc. Next, the big question is: how we know or aware of a partition? For every storage media, there are a certain area in the front of disk. This area is called MBR or Master Boot Records. It is like a table which records what partition exists on the disk. The important parts is they records the beginning and ending of a partition. Hidden partition is as simple as removing the entry of a partition from the MBR. Wait! If we delete the entry, doesn’t that means we are removing a partition? Yes! However, the only missing is the entry, while the data are still exists on the partition area. In fact, unless you do a format, the file system is still accessible when you know where it is. A normal people, even a system, won’t aware if there is a hidden partition unless you told there is. Your computer won’t notify you partition which doesn’t have record on MBR. And this is why it’s called hidden partition (or at least I called it as that) ExperimentNow, we will experiment on hidden partition. As suggested by the title, we will use Linux. In this article I use:
The Slackware is only proof of concept. You can use any linux available, no need to install Slackware just for this article. The Slackware is running on Lenovo Ideapad z480. The SD Card serves purpose as storage media which we will play with. It has 4GB of storage in total and divided into three partition.Using fdisk fdisk -l got the list of storage media attached to my machine. In this case, the SD card is detected as /dev/sdb and the following is the partition list as the result of fdisk. Disk /dev/sdb: 4008 MB, 4008706048 bytes 124 heads, 62 sectors/track, 1018 cylinders, total 7829504 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Device Boot Start End Blocks Id System /dev/sdb1 2048 206847 102400 b W95 FAT32 /dev/sdb2 206848 7500000 3646576+ 83 Linux /dev/sdb3 7501824 7829503 163840 7 HPFS/NTFS/exFAT OK, we have plenty information there. Let’s focus on the partition informations. The three partitions has differents file system. Suppose we have format each of them to their respective filesystem. Now in this article we will make the second partition (/dev/sdb2) hidden. To remove a partition, it is as simple as remove the entry from the MBR. We can use tool such as fdisk to accomplish this. fdisk /dev/sdb And you will get to SD card. Type ‘d’ and enter number 2 (our partition /dev/sdb2 is on number 2). Once you done, write the progress to the disk. Command (m for help): d Partition number (1-4): 2 Partition 2 is deleted Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks. You can verify by invoking this command again: fdisk -l It should be like this: Disk /dev/sdb: 4008 MB, 4008706048 bytes 124 heads, 62 sectors/track, 1018 cylinders, total 7829504 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Device Boot Start End Blocks Id System /dev/sdb1 2048 206847 102400 b W95 FAT32 /dev/sdb3 7501824 7829503 163840 7 HPFS/NTFS/exFAT Now, see the gap? The first partition started from block 2048 and end on 206847. The third partition is from 7501824 to 7829503. Where’s the partition from 206848 to 7500000 like we see before? It’s hiding right now. Now, test to mount it. mount /dev/sdb2 /mnt/ And we get error! Well, not like this is unexpected. But how can we access the partition if we can’t mount it? Hey! Who said we can’t mount it? We can but there is a trick to do that. Actually, when we said mount a partition, mount will check whether a special device (/dev/sdb2 in this case) exists. If it is, mount will read the table to find where is the area of that partition. We got the area by start and end, right? And that’s how we will mount it. We will provide the start and the end, manually. But, the start and end are not in term of sector or block. The partition are known as n bytes of offset from the start. Recall the location of partition 2, it is started from block 206848 to 7500000. Now see how bigh is each block. From the result of fdisk we know that each block is 512 bytes in size. Now, just multiply the block with 512 to get the size. Actually, we only need the start so calculate the value. If you are too lazy, you can skip it Now, to mount a hidden partition we need to invoke mount in special manner. We can’t access non existing /dev/sdb2, but we can still access /dev/sdb. So here is how I access the hidden partition mount -o loop,offset=$((206848*512)) /dev/sdb /mnt/ ps: I’m lazy. And, you now get the partition mounted on /mnt/ To unmount it, do following: umount /mnt/ Isn’t that easy? |
| Manually Resize SD Card on Slackware using fdisk Posted: 06 Sep 2013 07:32 AM PDT This article is similar to this article, except it use fdisk to partitioning. When write image to CD card for installation of Raspberry Pi, the usable size will only be the size of the image. That means the rest of the space will be waste. On some distribution such as Fedora Remix or Raspbian Wheezy, when final configuration begin the distro run some script to automatically resize and fill the SD card. However not all distro does that. Therefore we need to do manual resize. In this article we will discuss about how to manually resize SD card on Slackware. Alhtough using Slackware, you can also use other Linux, but we won’t cover that. This article describes activities relating partitions. Incorrectly following instruction is likely to corrupt your system, so please be careful. On this article I use:
PreparationInsert the SD card to our machine. Make sure it is now mounted. We will use partition tool to resize the partition. Following on from the instructions above, keep the newly-written SD card in the card reader, but unmounted. We’ll use the fdisk tool to edit partition record on MBR and other tools to resize the partitions. Show partition information to find our SD card. Look for a partition that matches the roughly the size of your distribution image. On Arch Linux it should be around 2GB. For example, it is detected as /dev/sdb5. Then unmount that partition. Those can be done by invoking: mount umount /dev/sdb5 Note that in this example case, root partition of Arch Linux is on extended partition. ResizingNow use fdisk with root privileges. You can do sudo if you are on sudoer group or use super user account. Welcome to fdisk (util-linux 2.21.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Command (m for help): You are asked for command, let’s print what partition there by type ‘p’ character and enter it. Here is my result: Disk /dev/sdb: 7952 MB, 7952400384 bytes 64 heads, 32 sectors/track, 7584 cylinders, total 15532032 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00057540 Device Boot Start End Blocks Id System /dev/sdb1 2048 186367 92160 c W95 FAT32 (LBA) /dev/sdb2 186368 3667967 1740800 5 Extended /dev/sdb5 188416 3667967 1739776 83 Linux Command (m for help): This shows how my SD card was formatted after writing the image.I have 7584 cylinders with total 155352032 sectores. Notice that nothing use the area from the end of partition /dev/sdb5 (3667967) to the card’s maximum (15532032). Partition 1 is the boot partition. Nothing to do here, let’s leave that alone. Partition 5 is the root partition which located on the extended partition. This is the partition we will fill in. Some OS versions will have a Partition for swap space, which needs to be moved to the end of the card. Now grow the root partition. This involves removing the partition, re-creating it, then using We know that partition 5 (/dev/sdb5) is logical partition and located on Extended partition area. It means we have to remove both partition before creating new one. First press d to delete the partition 5. Command (m for help): d Partition number (1-5): 5 Partition 5 is deleted Next, press d again to delete the partition 2 Command (m for help): d Partition number (1-5): 2 Partition 2 is deleted Next we create them. But now we do it in reverse order. First create partition 2. This will be extended partition. Because our partition is the last partition, we can omit the value and use all the remain area. In my case, I will start from sector 186368 and end it to the 15532031. Command (m for help): n Partition type: p primary (1 primary, 0 extended, 3 free) e extended Select (default p): e Partition number (1-4, default 2): Using default value 2 First sector (186368-15532031, default 186368): Using default value 186368 Last sector, +sectors or +size{K,M,G} (186368-15532031, default 15532031): Using default value 15532031 Partition 2 of type Extended and of size 7.3 GiB is setNow we have extended partition. Next, create the partition 5. This partition should be built on top of partition 2. Command (m for help): n Partition type: p primary (1 primary, 1 extended, 2 free) l logical (numbered from 5) Select (default p): l Adding logical partition 5 First sector (188416-15532031, default 188416): Using default value 188416 Last sector, +sectors or +size{K,M,G} (188416-15532031, default 15532031): Using default value 15532031 Partition 5 of type Linux and of size 7.3 GiB is setNow write the changes back to the disk by entering ‘w’. Next clean and resize the root partition. We will do a filesystem check: e2fsck -f /dev/sdb5 That command will allow it to add lost-and-found. resize2fs /dev/sdb5 And that’s it, we can enjoy Raspberry again |
| You are subscribed to email updates from Xathrya Sabertooth To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
Tidak ada komentar:
Posting Komentar