search

Lvl4Sword / Killer

🔪 System tamper detector for USB, Bluetooth, AC, Battery, Disk Tray, and Ethernet.
https://pypi.org/project/killer/
GNU Affero General Public License v3.0
71 stars 11 forks source link

Verify disk is encrypted before continuing #71

Open Lvl4Sword opened 2 years ago

Lvl4Sword commented 2 years ago

Killer is useless on a system that isn't encrypted. So, this should be checked.

import subprocess

physical_volumes = subprocess.check_output(['pvs', '-o', 'pv_name']).decode().split('\n')[1:-1]
for physical_volume in physical_volumes:
    physical_volume = physical_volume.strip()
    cryptsetup_status = subprocess.check_output(['cryptsetup', 'status', physical_volume]).decode().split('\n')
    _, type = cryptsetup_status[1].split()
    if type == 'LUKS2':
        print(f'{physical_volume} is encrypted with LUKS!')

the above is a great first step. Will need to do verification/checks on external drives that are encrypted, though. Looks like it works just fine on an external drive connected via USB, as the external doesn't show up. But am unsure ( and can't test ) on two or more internal drives that are encrypted.

Lvl4Sword commented 2 years ago

The above is great for LUKS, but VeraCrypt needs checked too. maybe VeraCrypt needs checked? I can't imagine the amount of people on Linux that opt to not use LUKS and instead use VeraCrypt is incredibly high.