01-11-2022, 10:53 AM
As explained here https://hashcat.net/wiki/doku.php?id=fre...pt_volumes, you need the first 512 bytes of the encrypted partition.
The following tip is pure gold: make a test case. Simply install Truecrypt on your working machine/virtual machine, plug in a small USB, encrypt it with a easy-to-remember-pwd, extract the first 512 bytes and try to crack it.
Take note of what algo/hashing you selected in order to select afterwards with the correct modus.
Try it multiple times, play around. Once you successfully completed all the steps, you get confident, and you can begin cracking the real case.
Code:
dd if=[FILE] of=[OUTPUT] bs=512 count=1The following tip is pure gold: make a test case. Simply install Truecrypt on your working machine/virtual machine, plug in a small USB, encrypt it with a easy-to-remember-pwd, extract the first 512 bytes and try to crack it.
Take note of what algo/hashing you selected in order to select afterwards with the correct modus.
Try it multiple times, play around. Once you successfully completed all the steps, you get confident, and you can begin cracking the real case.