hashcat Forum
bruteforcing ecryptfs salt? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: General Help (https://hashcat.net/forum/forum-8.html)
+--- Thread: bruteforcing ecryptfs salt? (/thread-2904.html)

bruteforcing ecryptfs salt? - diuser - 12-10-2013


i have a Samsung Note2 with the XXUEMK4 firmware. After encrypting my sdcard (ecryptfs) i did a wipe of my data on the phone(not the sdcard). Unfortunately i did not know about what a salt is, now i know Wink So after wiping i could not decrypt the sdcard, because it seems the salt is always different after wipe (i do know my password!).

It looks like the salt is 8 Byte long, which can be seen in the attachment source code, but I am not sure.

So my question is: can i find out the whole passphrase (password+salt) to access my sdcard by bruteforcing it?
Or is it even possible to get the mechanism the salt is being generated?

Thanks in advance
Best J

RE: bruteforcing ecryptfs salt? - radix - 12-10-2013

use maskprocessor to create a salt file then use external salt switch. will be incredibly slow though.

RE: bruteforcing ecryptfs salt? - diuser - 04-15-2014


i am sorry but can you explained it a bit more detailed and noob friendly way.