not cracking truecrypt volume when key file is archive - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: not cracking truecrypt volume when key file is archive (/thread-10137.html) |
not cracking truecrypt volume when key file is archive - s0lari - 05-29-2021 So just tested this extensively with hashcat v6.2.1. When truecrypt key file for a truecrypt container (standard or hidden does not matter) is a file of some compression archive type (tested zip, tar.gz and jar), then crack will not work, regardless of attack type (tested wordlist and bruteforce). Steps to reproduce in TrueCrypt 7.1a: 1. Create new volume / Create an encrypted file container 2. Choose Standard or Hidden, does not matter 3. Choose file name 4. Choose any encryption algo and hash algo (does not matter), but let's say encryption algo AES, hash algo RIPEMD-160 5. Choose some size and simple password, say 'ab' 6. Use key files, and choose a file which is compressed archive, say test.zip (archive could be created from single text file, binary file, or multiple of those, does not matter) 7. Choose filesystem type, say FAT, does not matter, and finish the creation of truecrypt container 8. dd if=<your tc container> of=hash.bin bs=1 count=512 (skip=65536 if hidden volume) 9. hashcat -a 3 -m 6213 hash.bin ?l?l --truecrypt-keyfiles=test.zip Output: Session..........: hashcat Status...........: Exhausted Hash.Name........: TrueCrypt RIPEMD160 + XTS 512 bit Hash.Target......: hash.bin Time.Started.....: Sat May 29 12:29:53 2021 (0 secs) Time.Estimated...: Sat May 29 12:29:53 2021 (0 secs) Guess.Mask.......: ?l?l [2] Guess.Queue......: 1/1 (100.00%) Speed.#1.........: 4438 H/s (1.35ms) @ Accel:32 Loops:512 Thr:1 Vec:8 Recovered........: 0/1 (0.00%) Digests Progress.........: 676/676 (100.00%) Rejected.........: 0/676 (0.00%) Restore.Point....: 26/26 (100.00%) Restore.Sub.#1...: Salt:0 Amplifier:25-26 Iteration:1536-1999 Candidates.#1....: xa -> xq 10. Now create the same container but with key file which is not compressed archive. 11. Cracked RE: not cracking truecrypt volume when key file is archive - atom - 05-29-2021 Excellent finding! I have this fixed with commit https://github.com/hashcat/hashcat/commit/f54643479d13395160df9dbb261db2503fdcd6f9 New beta up, too. RE: not cracking truecrypt volume when key file is archive - s0lari - 05-29-2021 Great. Thank you Atom! |