12-09-2016, 01:52 PM
But if hashcat can not find it, it's either an invalid offset or the mask is invalid. To find out which of them is true, I can only see one way. You need to build a bootable veracrypt system and reproduce the steps you described. If you can crack it, you have an invalid mask (or the part you think is known is invalid). If you still can't crack it afterwards it's probably an invalid offset. I can confirm that I've tested hashcats veracrypt implementation successfully with all the images I got so far.