01-28-2019, 11:01 AM
(01-27-2019, 10:30 PM)royce Wrote: That's hashcat mode 6223 (where 3 = "all" (all three algorithms)):
Code:62XY | TrueCrypt | Full-Disk Encryption (FDE)
...
X | 2 = PBKDF2-HMAC-SHA512 | Full-Disk Encryption (FDE)
...
Y | 3 = XTS 1536 bit all | Full-Disk Encryption (FDE)
You can practice and validate your approach against this container with a known password ('hashcat'):
https://github.com/hashcat/hashcat/blob/...c?raw=true
You can do a basic mask attack like so:
hashcat -a 3 -w 4 -m 6223 --potfile-path=./test.potfile hashcat_sha512_aes-twofish-serpent.tc hashca?l
It sounds like your candidate wordlist will be complex; that will take some additional work (but can be done external to hashcat, as in "script_thing | hashcat -a 0 [...]"
Ok,Thanks