Hashcat cannot find my own password (password kwown) on TrueCrypt 7.1a file volume - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Hashcat cannot find my own password (password kwown) on TrueCrypt 7.1a file volume (/thread-7169.html) |
Hashcat cannot find my own password (password kwown) on TrueCrypt 7.1a file volume - Buffarnaud - 01-05-2018 Hello there I looked around that forum but didn't find my answer. I try to use Hashcat to run some tests and attacks on differents files (TrueCrypt / RAR / ZIP / 7z) After all, I would to manage with the rights commands, and finally tried my own test. I created my own encrypted file with TrueCrypt 7.1, with an easy password. The password I used is : "easy1234" Could you believe that even with the command with the right password, Hashcat cannot recovery the password and stays at Exhausted status ? I tried everything : ./hashcat -m 6211 easy.tc -a 3 easy1234 ./hashcat -m 6212 easy.tc -a 3 easy1234 ./hashcat -m 6213 easy.tc -a 3 easy1234 ./hashcat -m 6221 easy.tc -a 3 easy1234 ./hashcat -m 6222 easy.tc -a 3 easy1234 ./hashcat -m 6223 easy.tc -a 3 easy1234 ./hashcat -m 6231 easy.tc -a 3 easy1234 ./hashcat -m 6232 easy.tc -a 3 easy1234 ./hashcat -m 6233 easy.tc -a 3 easy1234 ./hashcat -m 6241 easy.tc -a 3 easy1234 ./hashcat -m 6242 easy.tc -a 3 easy1234 ./hashcat -m 6243 easy.tc -a 3 easy1234 Running Hashcat v4.0.1-78-g185104b on Mac OS X (Sierra) I am thinking maybe Iam wrong on the hash selection, but for me Hashcat isn't able to recovery a kwown-password. I confirm when I open the file with the real TrueCrypt software I can open it with the right password. Does anyone already managed with old TrueCrypt files ? any help about that Thank you very much RE: Hashcat cannot find my own password (password kwown) on TrueCrypt 7.1a file volume - Buffarnaud - 01-05-2018 Hi after looking more. It seems that I may have to get the first 512 Bytes of the file Through the dd command. Do I need to extract the hash of the TrueCrypt file first ? RE: Hashcat cannot find my own password (password kwown) on TrueCrypt 7.1a file volume - philsmd - 01-05-2018 This question even made it into the MOST frequently asked questions (that means it is very easy to find the answer to this question because there are dozens of forum posts etc discussing the same question): https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_do_i_extract_the_hashes_from_truecrypt_volumes RE: Hashcat cannot find my own password (password kwown) on TrueCrypt 7.1a file volume - Buffarnaud - 01-05-2018 Hi Yes I am finding some similar cases ... Sorry for that. I will write my solution here later. RE: Hashcat cannot find my own password (password kwown) on TrueCrypt 7.1a file volume - Buffarnaud - 01-05-2018 Continuying my steps. It looks like my devices and OpenCL may be wrong. From there : https://github.com/hashcat/hashcat/issues/610 Running on Mac OS, all the tests failed. Maybe because of this message : * Device #2: ATTENTION! OpenCL kernel self-test failed. I am going to try out with a linux-debian system RE: Hashcat cannot find my own password (password kwown) on TrueCrypt 7.1a file volume - Buffarnaud - 01-05-2018 Finally I found the solution. Running on a Mac consists to use GPU though intel (worst than Nvidia or others) And Hashcat select the GPU before CPU I tried to force to use CPU with the -d parameter, didn't work But the right parameter is : -D (and the device number) My last command which cracked the password : ./hashcat -D 1 -a 3 -m 6211 easy.tc easy?d?d?d?d Used the CPU, and found "easy1234" Now I continue with my others files ^^ |