encrypted itunes backup help - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: encrypted itunes backup help (/thread-10478.html) Pages:
1
2
|
encrypted itunes backup help - Lee1978 - 11-25-2021 Hi all, i really need a bit of advice from someone with experience. I'm brand new to the forum and new to Hashcat, i'm only here because i've ended up with a crisis on my hands. My backup of my iphone has somehow ended up encrypted and i have no idea what the password might be, all my photos of my kids growing up, holidays etc are all on that backup so i'm desperate to retrieve it. The password might be a mix of upper and lower case letters, numbers, misspelt words and of any length and i really would appreciate advice on the best way to crack it. I've already created the .txt file to crack from the manifest.plist and hashcat is up and running, its just knowing how to attack it. All advice would be very much appreciated. Lee RE: encrypted itunes backup help - Lee1978 - 11-25-2021 Is cracking the pw even possible? RE: encrypted itunes backup help - Xanadrel - 11-26-2021 Possible ? yes. Probable ? that's the whole fun with hashcracking, it depends. Some of the things that make it more probable would be: - the algo used being fast (ntlm is usually easier than bcrypt because of the big speed difference) - knowledge about the actual password (charsets, positions, words...) In your case the hash algorithm isn't the slowest, but we can't really say it's fast, so that doesn't help, then you say that you basically have very little knowledge of what the password actually is, again, doesn't help. If there are actual words in it, a wordlist based attack with some (custom) rules might find it. If it's just random, and not too long, a mask attack with the known charsets/positions could find it. Also: don't create a new thread with the exact same message RE: encrypted itunes backup help - Lee1978 - 11-27-2021 Is it possible to find out anything at all about the password by examining the hash? To at least give me an idea of a viable attack. RE: encrypted itunes backup help - Xanadrel - 11-27-2021 No, if done well a hash algo is a one way function, and you can't tell anything about the input by looking at the output. RE: encrypted itunes backup help - Lee1978 - 11-28-2021 (11-27-2021, 07:26 PM)Xanadrel Wrote: No, if done well a hash algo is a one way function, and you can't tell anything about the input by looking at the output.Thanks, althought thats quite discouraging. I attempted a sample itunes backup with a known password of seven lower case letters long, the password is in fact "hashcat". I suspect a dictionary attack would be useless since "hashcat" isn't actually a word, so i went for a brute force attack: ?l?l?l?l?l?l?l, according to hashcat i'm looking at over 4 years to run that attack. I wondered if i could reduce the time by perhaps strategically using vowels and consonants or some other trick, do you have any pointers? RE: encrypted itunes backup help - firstpass - 12-07-2021 (11-28-2021, 11:08 PM)Lee1978 Wrote:(11-27-2021, 07:26 PM)Xanadrel Wrote: No, if done well a hash algo is a one way function, and you can't tell anything about the input by looking at the output.Thanks, althought thats quite discouraging. I attempted a sample itunes backup with a known password of seven lower case letters long, the password is in fact "hashcat". I suspect a dictionary attack would be useless since "hashcat" isn't actually a word, so i went for a brute force attack: ?l?l?l?l?l?l?l, according to hashcat i'm looking at over 4 years to run that attack. I wondered if i could reduce the time by perhaps strategically using vowels and consonants or some other trick, do you have any pointers? I'm also new here. Your post has me wondering what my chances are... I'm surprised "hashcat" would take 4 years. What kind of system are you using? How much faster would this go if you had a few video cards to help you along? RE: encrypted itunes backup help - Lee1978 - 12-08-2021 I'm also new here. Your post has me wondering what my chances are... I'm surprised "hashcat" would take 4 years. What kind of system are you using? How much faster would this go if you had a few video cards to help you along? [/quote] Are you trying to retrieve your iphone backup too? I've more or less given up all hope, this forum doesnt seem all that helpful and im well out of my depth. Im running a Lenovo L340, it's got a halfway decent graphics card but it seems like hashcat doesnt like it, it apears it will only run with the onboard high definintion gpu rather than the better geforce gtx i'd like to use. RE: encrypted itunes backup help - pdo - 12-08-2021 What have you tried? The biggest problem with what you're attempting is that an iPhone backup uses an extremely expensive hash to protect the password, so much so that even with huge amounts of hashing power you'd still need to be very lucky (or know most of the password you used) to break it. RE: encrypted itunes backup help - firstpass - 12-08-2021 (12-08-2021, 04:23 PM)Lee1978 Wrote: I'm also new here. Are you trying to retrieve your iphone backup too? I've more or less given up all hope, this forum doesnt seem all that helpful and im well out of my depth. Im running a Lenovo L340, it's got a halfway decent graphics card but it seems like hashcat doesnt like it, it apears it will only run with the onboard high definintion gpu rather than the better geforce gtx i'd like to use. [/quote] No, I'm trying a wallet file but similar to your hash issue, mine uses scrypt so it is a very slow process. Although I have some good ideas about the password, I just keep scouring the forums looking for people going through similar things but it seems a lot of people who might have solved their problem don't come back to report on their success with the final steps they use so we miss a crucial step that might help. Still going to keep trying though for now. |