[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: about extracting grub2 files from mbr

From: Isaac Dupree
Subject: Re: about extracting grub2 files from mbr
Date: Sat, 21 Jan 2012 01:10:45 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20111224 Thunderbird/9.0.1

I tried looking on Wikipedia and searched Symantec to find out what PGP Desktop is exactly, and only found marketing or other non-information. Do you know what it is?

In Linux, you can read everything on your disk with a command something like
# dd if=/dev/sda | hexdump -C | less
but that won't tell you much, because a PGP key would look like random bytes to you.

What you really need is documentation to *tell* you what form the encryption keys are stored or derived in. And once you have that, you shouldn't need to read your disk at all if you don't want to.

random thoughts:

Does it require you to enter a password? The key might be encrypted with that password. The key might be derived from that password.

Is it using an already widely used disk encryption format such as LUKS or TrueCrypt?

You are quite right that software-only encryption on PCs can't encrypt all 440ish bytes of the MBR, unless the system boots some other way than from its main disk.

But again, you are trying to understand it, so you should read the software's documentation. If it doesn't have documentation, be afraid and assume they did everything wrong (or am I too cynical there?).

If you want a more thorough understanding, you'll also want to find some thorough documentation about the boot process at least from firmware+motherboard through OS kernel initialization.


On 01/20/2012 07:34 AM, address@hidden wrote:
Hi all,
I don't know if I'm asking in the right ML, but I hope so :) I'd like to know
if there's a way
to extract what's in the mbr knowing that there is grub2 installed on it.
Let me explain this in a bettter way: we have adopted in our company a
Symantec software called
PGP Desktop to manage disk encryption, which installs a modified grub2 boot
loader to let
authorized users to boot the OS. I'm not familiar with bootloaders and how
they are installed so...
first thing I wanted to be sure is if the mbr is encrypted (I really doubt it)
and if there's a way to extract
everything it is inside to see if it stores the PGP key somewhere in it. Yeah
I know my question
seems like "hey, help me hack this one" but I'm just concerned about my
computers security,
and since its bootloader is based on grub2 maybe you can/want help me, if not
no problem.

Thanks a lot.


Help-grub mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]