Solved After WinPE build with Truecrypt and explorer

[morph000]

I'm in need of a WinPE boot package ideally with Truecrypt (or Veracrypt) integrated as standard or able to be easily added and with a good file Explorer too.
I need to do do some serious TC volume file movements that cause memory leak problems running in Windows normally. Hopefully a PE environment won't suffer this issue...

Any recommendations?

 

[file3456]

Any recommendations?

Yep!

I use Hiren's Boot CD. This is a striped down Windows 10 live environment. I then use Veracrypt PORTABLE. This DOES NOT require install or some PE plug-in. I also use Ventoy to boot Hiren's. Here's a quick low down on how to do it.



1) Grab Hiren's Boot CD here.

2) Grab Ventoy here. Take a blank USB thumb drive or what ever and format it with Ventoy.

3) Drop the Hiren's Boot CD ISO in the Ventoy formatted USB drive. That's it. You just copy/paste the ISO into the Ventoy formatted drive and Ventoy will auto run the OS.

4) Grab portable Veracrypt here. Now simply drop (copy/paste) the portable version of Veracypt into the USB drive. It runs without dependencies. It's portable...

When you boot the USB drive with Hiren's Boot CD you'll navigate to "This computer" (Windows 10's "My Computer") and open your root drive and look in there for Veracrypt portable.


You should verify your digital signatures/hashes for the downloads and check them at VirusTotal. I use Binary Fortress' HashTools. For file verification with public PGP signatures you'd use Kleopatra. Checksums for Veracrypt are at the bottom of that download page. VirusTotal uses SHA256 hashes. The general consensus is four hits and you toss.

- - - Updated - - -

Interested in an awesome full disk clone method for encrypted drives? I used to use Clonezilla (Not related to Mozilla). But now I use HDD Raw Copy Tool. It WILL clone the entire encrypted dive bit for bit EXACTLY (less any I/O errors of course...) I have the HDD Raw Copy Tool image of my OS written to an already mouthed and encrypted drive. This is how it's supposed to be done according to both the Truecrypt and Veracrypt manuals. This helps mitigate data forensics by comparing more than one clone without the use of that clone being encrypted.

So you have your encrypted computer image clone placed (written) to an encrypted HDD...

HDD Raw Copy Tool is portable and I run it in the aforementioned Hiren's Boot CD. Just copy/paste the .exe to the Ventoy formatted USB drive like with Veracrypt portable.

- - - Updated - - -

Hopefully a PE environment won't suffer this issue...

Unplug the Ethernet cable or WiFi adapter... UEFI has its own network stack. Memory leaks will effectively be air gaped (unless this is ultra NSA stuff). Remove the RAM afterwards for awhile. Some RAM chips don't clear their data on power off...

- - - Updated - - -

Want some interesting reading? Paul Le Roux - Wikipedia

https://static01.nyt.com/images/201...c57813507924e13bcae2a1bbd2016d42&k=ZQJBKqZ0VN