iTunes / Hashcat help - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: iTunes / Hashcat help (/thread-11861.html) |
iTunes / Hashcat help - xunune - 03-20-2024 Hi everybody, I am an IT noob and have never done any of this stuff. Unfortunately my iPhone 13 decided to reset itself after a failed update, and the only available backup I have is encrypted. I've read the forum rules and I am aware of not posting any actual stuff on here, so please advise/forgive me if I do. I have followed the guide to extract an iTunes hash, and compiled the manifest.txt file. Also using rockyou.txt and an additional Wordlist.txt which contains around all the passwords I can think of. I'm on Windows 10, and using K@li in VBM. When I run: hashcat -m 14800 -a 3 '/home/k***/Desktop/Manifest123.txt' '/home/k***/Desktop/rockyou.txt' '/home/k***/Desktop/Wordlist.txt' hashcat -m 14800 -a 0 '/home/k***/Desktop/Manifest123.txt' '/home/k***/Desktop/rockyou.txt' '/home/k***/Desktop/Wordlist.txt' I get no recovered options. I've read in another post about "using your own list of passwords and use the following command on it: hashcat --force --stdout your_pass_list.txt -r rules/dive.rule > output_pass_list.txt. Then you run the generated list on your hash", but I cannot figure out how to amend the syntax to include this. Please let me know if I have posted correctly and apologies in advance if I haven't. Any help is greatly appreciated. Thank you so much RE: iTunes / Hashcat help - Snoopy - 03-20-2024 this is a perfect example for a situation where you should first start with trying to crack a known password so start making a backup of your "empty" phone with a known pass and extract your hash, im not sure wheter iPhone uses your appleID password or your phone pin or if you have to provide a password when making a backup, so this is the first point, use a simple pass like 1234test or similar never the less, extract this hash and try to crack it, if this cracking is sucessful, you know, that your workflow is correct second using wordlists found on the internet to crack a personal password is waste of time (except for one circumstance, that your pass is really really simple and common it is better to generate a wordlist providing your passwordstyle or known passes, pins you use and combin them with rules -a3 is bruteforce, mixing this with wordlist wont work -a0 is wordlsit, you can provide rules with option -r hashcat -a0 -m 14800 -r rulesfile hashfile dictionary RE: iTunes / Hashcat help - xunune - 03-21-2024 Thank you for the feedback, will try with rules RE: iTunes / Hashcat help - xunune - 03-21-2024 Hi Snoopy, backed up my new/empty phone with a simple encrypted pw, then used the same method (hash, known pw list) and it cracked it within 2 min. So hopefully the workflow is right My current method is using hash, known pw list, and rules but still getting no recovery options. Do you think my only option is brute force (am aware it will potentially take forever) or can I somehow combine a known pw list with another function? |