Step by step guide for a noob? - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Step by step guide for a noob? (/thread-9949.html) Pages:
1
2
|
Step by step guide for a noob? - Conir - 03-20-2021 Hi guy's I'm wondering is there a step by step guide anywhere for a complete noob to hashcat? I'm running Windows 10 and trying to open an encrypted USB that was encrypted with Veracrypt. I've just downloaded hashcat and can't figure it out at all Thanks in advance Conor Edit: I've got it running in cmd and trying to figure out the correct command I've tried "hashcat.exe -a 3 -m 13751 hashlist.txt" for -a 3 (bruit force attack) -m 13751 (for veracrypt SHA256) [not sure if 512bit or other] and hashlist.txt is my list of hashes that I don't fully understand I just created it with 10 versions of a 3 letter word that I think is in the password. I'm not sure how/if I need to designate a location as it's a USB I'm trying to open how do I tell it to look in a specific drive letter? RE: Step by step guide for a noob? - Conir - 03-20-2021 What command do I use to generate my hash list using dd when my disk is a USB in drive G:? RE: Step by step guide for a noob? - hblender - 03-20-2021 Try to follow this explanation: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_do_i_extract_the_hashes_from_truecrypt_volumes Below that section it says: "The procedure to extract the important information from data encrypted with VeraCrypt follows the same steps/rules as for TrueCrypt" RE: Step by step guide for a noob? - Conir - 03-20-2021 I've been looking at that page and I understand that I need the first 512 Bytes from my encrypted USB but I can't seem to get dd to work any tutorials on it all start off with C: --list to find the location but that does nothing on mine for some reason. I'm not sure if I have the correct dd downloaded or what, also in the tutorials everyone seems to run it from cmd and I can't get it to run from there but opening it directly opens a cmd like window. I think I've a newer version of it and it opens it own cmd I just can't figure out the commands or get any useful lost of them 🤦 RE: Step by step guide for a noob? - hblender - 03-20-2021 Okay, then i think it will look something like this: Code: dd if=a.raw of=b.vc bs=1 count=512 where, a.raw is the veracrypt volume and b.vc is the file that you will be using with hashcat edit: i belive that this will dump those first 512 bytes to b.vc that is located in the same folder as dd RE: Step by step guide for a noob? - Conir - 03-20-2021 well I finally got my hash list sorted by doing the following and since i haven't been able to find a step by step guide i thought I'll make this into one Step One Downloaded dd from http://www.chrysocome.net/downloads/dd-0.5.zip and extracted it to my desktop Step Two Aquired my volume ID by using Command prompt and doing the following C:\users\user> cd desktop {hit enter} to change to the desktop C:\users\user\Desktop>dd --list {hit enter} to bring up my list of volumes copied the volume id for G: which was "\\.\Volume{9a610e62-8820-11eb-9e67-34e6d76acc4f}\" (NOTE: LAST "\" HAS BEEN REMOVED IN FOLLOWING SCRIPT) Step Three entered the following code to create the hash file named hash.txt on my desktop C:\Users\user\Desktop>dd if=\\.\Volume{9a610e62-8820-11eb-9e67-34e6d76acc4f} of=C:\Users\user\desktop\hash.txt bs=512 count=1 Step Four Downloaded Hashcat here https://hashcat.net/hashcat/ and extracted it directly to C: using 7Zip (win RaR or others wont work) Step Five Opened Hashcat in command prompt by doing the following C:\Users\user>cd c:\ {to navigate back to C:} C:\>cd hashcat-6.1.1 {to open Hashcat folder} C:\hashcat-6.1.1>dir {to display Hashcat Directory} Step Six Run the following to do a {-a 3 (bruit force attack) -m 13751 (for veracrypt SHA256) location of hash C:\Users\user\desktop\hash.txt} c:\hashcat-6.1.1>hashcat.exe -a 3 -m 13751 C:\Users\user\desktop\hash.txt Currently running in the background so hopefully it'll succeed and I'll get the password for this test drive before I try my real drive Edit this is what's displayed does it look correct to those in the know? or is something wrong? c:\hashcat-6.1.1>hashcat.exe -a 3 -m 13751 C:\Users\user\desktop\hash.txt hashcat (v6.1.1) starting... * Device #1: CUDA SDK Toolkit installation NOT detected. CUDA SDK Toolkit installation required for proper device support and utilization Falling back to OpenCL Runtime * Device #1: WARNING! Kernel exec timeout is not disabled. This may cause "CL_OUT_OF_RESOURCES" or related errors. To disable the timeout, see: https://hashcat.net/q/timeoutpatch nvmlDeviceGetFanSpeed(): Not Supported OpenCL API (OpenCL 1.2 CUDA 9.1.201) - Platform #1 [NVIDIA Corporation] ======================================================================= * Device #1: GeForce GTX 980M, 3392/4096 MB (1024 MB allocatable), 12MCU OpenCL API (OpenCL 1.2 ) - Platform #2 [Intel(R) Corporation] ============================================================= * Device #2: Intel(R) Iris(TM) Pro Graphics 5200, 1565/1629 MB (407 MB allocatable), 40MCU * Device #3: Intel(R) Core(TM) i7-4980HQ CPU @ 2.80GHz, skipped Minimum password length supported by kernel: 0 Maximum password length supported by kernel: 64 Hashes: 1 digests; 1 unique digests, 1 unique salts Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates Applicable optimizers applied: * Zero-Byte * Single-Hash * Single-Salt * Brute-Force * Slow-Hash-SIMD-LOOP Watchdog: Temperature abort trigger set to 90c Initializing backend runtime for device #2... RE: Step by step guide for a noob? - Conir - 03-20-2021 Ok that failed but im getting somewhere this is what came up when i run Hashcat can anyone help with the error messages? Also the hash.txt file that has been created is showing as chinese characters (I've noticed it mentioned before) is it supposed to be like that or do i need to use something else to convert it to binary? [s]tatus [p]ause [b]ypass [c]heckpoint [q]uit => The wordlist or mask that you are using is too small. This means that hashcat cannot use the full parallel power of your device(s). Unless you supply more work, your cracking speed will drop. For tips on supplying more work, see: https://hashcat.net/faq/morework Approaching final keyspace - workload adjusted. Cracking performance lower than expected? * Append -w 3 to the commandline. This can cause your screen to lag. * Update your backend API runtime / driver the right way: https://hashcat.net/faq/wrongdriver * Create more work items to make use of your parallelization power: https://hashcat.net/faq/morework [s]tatus [p]ause [b]ypass [c]heckpoint [q]uit => Session..........: hashcat Status...........: Running Hash.Name........: VeraCrypt SHA256 + XTS 512 bit Hash.Target......: C:\Users\user\desktop\hash.txt Time.Started.....: Sat Mar 20 20:15:43 2021 (2 mins, 58 secs) Time.Estimated...: Sat Mar 20 20:39:40 2021 (20 mins, 59 secs) Guess.Mask.......: ?1 [1] Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined Guess.Queue......: 1/15 (6.67%) Speed.#1.........: 0 H/s (0.18ms) @ Accel:8 Loops:15 Thr:1024 Vec:1 Speed.#2.........: 0 H/s (0.00ms) @ Accel:16 Loops:15 Thr:8 Vec:1 Speed.#*.........: 0 H/s Recovered........: 0/1 (0.00%) Digests Progress.........: 7/62 (11.29%) Rejected.........: 0/7 (0.00%) Restore.Point....: 0/1 (0.00%) Restore.Sub.#1...: Salt:0 Amplifier:7-8 Iteration:423195-423210 Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-15 Candidates.#1....: p -> p Candidates.#2....: [Generating] Hardware.Mon.#1..: Temp: 60c Util: 37% Core:1126MHz Mem:1598MHz Bus:8 Hardware.Mon.#2..: N/A [s]tatus [p]ause [b]ypass [c]heckpoint [q]uit => Session..........: hashcat Status...........: Running Hash.Name........: VeraCrypt SHA256 + XTS 512 bit Hash.Target......: C:\Users\user\desktop\hash.txt Time.Started.....: Sat Mar 20 20:15:43 2021 (4 mins, 54 secs) Time.Estimated...: Sat Mar 20 20:39:06 2021 (18 mins, 29 secs) Guess.Mask.......: ?1 [1] Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined Guess.Queue......: 1/15 (6.67%) Speed.#1.........: 0 H/s (0.18ms) @ Accel:8 Loops:15 Thr:1024 Vec:1 Speed.#2.........: 0 H/s (0.00ms) @ Accel:16 Loops:15 Thr:8 Vec:1 Speed.#*.........: 0 H/s Recovered........: 0/1 (0.00%) Digests Progress.........: 13/62 (20.97%) Rejected.........: 0/13 (0.00%) Restore.Point....: 0/1 (0.00%) Restore.Sub.#1...: Salt:0 Amplifier:13-14 Iteration:2130-2145 Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-15 Candidates.#1....: k -> k Candidates.#2....: [Generating] Hardware.Mon.#1..: Temp: 59c Util: 56% Core:1126MHz Mem:1598MHz Bus:8 Hardware.Mon.#2..: N/A [s]tatus [p]ause [b]ypass [c]heckpoint [q]uit => Session..........: hashcat Status...........: Running Hash.Name........: VeraCrypt SHA256 + XTS 512 bit Hash.Target......: C:\Users\user\desktop\hash.txt Time.Started.....: Sat Mar 20 20:15:43 2021 (6 mins, 16 secs) Time.Estimated...: Sat Mar 20 20:39:16 2021 (17 mins, 17 secs) Guess.Mask.......: ?1 [1] Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined Guess.Queue......: 1/15 (6.67%) Speed.#1.........: 0 H/s (0.18ms) @ Accel:8 Loops:15 Thr:1024 Vec:1 Speed.#2.........: 0 H/s (0.00ms) @ Accel:16 Loops:15 Thr:8 Vec:1 Speed.#*.........: 0 H/s Recovered........: 0/1 (0.00%) Digests Progress.........: 16/62 (25.81%) Rejected.........: 0/16 (0.00%) Restore.Point....: 0/1 (0.00%) Restore.Sub.#1...: Salt:0 Amplifier:16-17 Iteration:353025-353040 Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-15 Candidates.#1....: g -> g Candidates.#2....: [Generating] Hardware.Mon.#1..: Temp: 57c Util: 65% Core:1126MHz Mem:1598MHz Bus:8 Hardware.Mon.#2..: N/A [s]tatus [p]ause [b]ypass [c]heckpoint [q]uit => Session..........: hashcat Status...........: Running Hash.Name........: VeraCrypt SHA256 + XTS 512 bit Hash.Target......: C:\Users\user\desktop\hash.txt Time.Started.....: Sat Mar 20 20:15:43 2021 (7 mins, 20 secs) Time.Estimated...: Sat Mar 20 20:39:28 2021 (16 mins, 25 secs) Guess.Mask.......: ?1 [1] Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined Guess.Queue......: 1/15 (6.67%) Speed.#1.........: 0 H/s (0.19ms) @ Accel:8 Loops:15 Thr:1024 Vec:1 Speed.#2.........: 0 H/s (0.00ms) @ Accel:16 Loops:15 Thr:8 Vec:1 Speed.#*.........: 0 H/s Recovered........: 0/1 (0.00%) Digests Progress.........: 18/62 (29.03%) Rejected.........: 0/18 (0.00%) Restore.Point....: 0/1 (0.00%) Restore.Sub.#1...: Salt:0 Amplifier:18-19 Iteration:452070-452085 Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-15 Candidates.#1....: n -> n Candidates.#2....: [Generating] Hardware.Mon.#1..: Temp: 57c Util: 33% Core:1037MHz Mem:2505MHz Bus:8 Hardware.Mon.#2..: N/A [s]tatus [p]ause [b]ypass [c]heckpoint [q]uit => Session..........: hashcat Status...........: Running Hash.Name........: VeraCrypt SHA256 + XTS 512 bit Hash.Target......: C:\Users\user\desktop\hash.txt Time.Started.....: Sat Mar 20 20:15:43 2021 (9 mins, 11 secs) Time.Estimated...: Sat Mar 20 20:42:02 2021 (17 mins, 8 secs) Guess.Mask.......: ?1 [1] Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined Guess.Queue......: 1/15 (6.67%) Speed.#1.........: 0 H/s (0.19ms) @ Accel:8 Loops:15 Thr:1024 Vec:1 Speed.#2.........: 0 H/s (0.00ms) @ Accel:16 Loops:15 Thr:8 Vec:1 Speed.#*.........: 0 H/s Recovered........: 0/1 (0.00%) Digests Progress.........: 21/62 (33.87%) Rejected.........: 0/21 (0.00%) Restore.Point....: 0/1 (0.00%) Restore.Sub.#1...: Salt:0 Amplifier:21-22 Iteration:298980-298995 Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-15 Candidates.#1....: w -> w Candidates.#2....: [Generating] Hardware.Mon.#1..: Temp: 58c Util: 32% Core:1037MHz Mem:2505MHz Bus:8 Hardware.Mon.#2..: N/A Session..........: hashcat Status...........: Exhausted Hash.Name........: VeraCrypt SHA256 + XTS 512 bit Hash.Target......: C:\Users\user\desktop\hash.txt Time.Started.....: Sat Mar 20 20:15:43 2021 (36 mins, 43 secs) Time.Estimated...: Sat Mar 20 20:52:26 2021 (0 secs) Guess.Mask.......: ?1 [1] Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined Guess.Queue......: 1/15 (6.67%) Speed.#1.........: 0 H/s (0.19ms) @ Accel:8 Loops:15 Thr:1024 Vec:1 Speed.#2.........: 0 H/s (0.00ms) @ Accel:16 Loops:15 Thr:8 Vec:1 Speed.#*.........: 0 H/s Recovered........: 0/1 (0.00%) Digests Progress.........: 62/62 (100.00%) Rejected.........: 0/62 (0.00%) Restore.Point....: 0/1 (0.00%) Restore.Sub.#1...: Salt:0 Amplifier:61-62 Iteration:499995-499999 Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-15 Candidates.#1....: X -> X Candidates.#2....: [Generating] Hardware.Mon.#1..: Temp: 59c Util: 34% Core:1037MHz Mem:2505MHz Bus:8 Hardware.Mon.#2..: N/A The wordlist or mask that you are using is too small. This means that hashcat cannot use the full parallel power of your device(s). Unless you supply more work, your cracking speed will drop. For tips on supplying more work, see: https://hashcat.net/faq/morework Approaching final keyspace - workload adjusted. Session..........: hashcat Status...........: Exhausted Hash.Name........: VeraCrypt SHA256 + XTS 512 bit Hash.Target......: C:\Users\user\desktop\hash.txt Time.Started.....: Sat Mar 20 20:52:27 2021 (25 mins, 10 secs) Time.Estimated...: Sat Mar 20 21:17:37 2021 (0 secs) Guess.Mask.......: ?1?2 [2] Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined Guess.Queue......: 2/15 (13.33%) Speed.#1.........: 1 H/s (0.31ms) @ Accel:4 Loops:31 Thr:1024 Vec:1 Speed.#2.........: 0 H/s (0.00ms) @ Accel:8 Loops:7 Thr:8 Vec:1 Speed.#*.........: 1 H/s Recovered........: 0/1 (0.00%) Digests Progress.........: 2232/2232 (100.00%) Rejected.........: 0/2232 (0.00%) Restore.Point....: 0/36 (0.00%) Restore.Sub.#1...: Salt:0 Amplifier:61-62 Iteration:499968-499999 Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-7 Candidates.#1....: Xa -> Xq Candidates.#2....: [Generating] Hardware.Mon.#1..: Temp: 61c Util: 43% Core:1126MHz Mem:2505MHz Bus:8 Hardware.Mon.#2..: N/A The wordlist or mask that you are using is too small. This means that hashcat cannot use the full parallel power of your device(s). Unless you supply more work, your cracking speed will drop. For tips on supplying more work, see: https://hashcat.net/faq/morework Approaching final keyspace - workload adjusted. [s]tatus [p]ause [b]ypass [c]heckpoint [q]uit => RE: Step by step guide for a noob? - hblender - 03-21-2021 (03-20-2021, 11:52 PM)Conir Wrote: Also the hash.txt file that has been created is showing as chinese characters (I've noticed it mentioned before) is it supposed to be like that or do i need to use something else to convert it to binary? Yes, that is normal. It is just that the notepad (or any text editor of your choise) reads the file containing ones and zeroes and it converts it into plain text thinking that it is the correct way of displaying that file. The same would happen if you import that binary into a audio editor like Audacity, but then if you play it you will hear noise. Quote:The wordlist or mask that you are using is too small. Those warnings are mostly realted to your hashrate this means that the cracking is being performed at lower hashrates than expected (caused by your hardware configuration or drivers), in other words, it will take some time to hashcat to hash a password and try it againist the veracrypt hash. Finally, I suppose you have told hashcat to try to crack the hash using three custom charsets: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, And every time you see this message: Quote:Approaching final keyspace - workload adjusted. It means that hashcat has exhausted (or it is getting close to the last combinations it will try) all the possible combinations of that charset you have specified. RE: Step by step guide for a noob? - Conir - 03-21-2021 Thanks hblender that's put my mind at ease about the chinese characters anyway 😌 I had run that with the code for 216 instead of 512 so run it again over night and it still came back exhausted 🤷🏻♂️ I'm just running c:\hashcat-6.1.1>hashcat.exe -a 3 -m 13751 C:\Users\user\desktop\hash.txt To try bruit force it but I haven't added any charsets (thought it done the standard) Would I be better to add a word list or do a combination attack? And how do I set what size the password is? (Think it's between 12-20 characters) I think I remember the first 10 of the password is 4 words and then either 2 or 4 numbers but I may have changed e's to 3's in it or added an extra word on the end or after the first 4 words any ideas what kind of attack I could do to get the best results? RE: Step by step guide for a noob? - Conir - 03-21-2021 ok I'm running this on my test drive that I know the password too and added the charset on the end to coincide with what I know about the password c:\hashcat-6.1.1>hashcat.exe -a 3 -m 13721 C:\Users\user\desktop\hash.txt ?u?a?a?u?a?u?a?u?a?a?d?d 12 characters where (?u) are uppercase (?a) are lowercase and (?d) are numbers does that seem right or do i need anything extra? |