01-09-2024, 06:10 PM
(12-14-2023, 01:25 AM)b8vr Wrote:(12-12-2023, 04:00 PM)LK4RMA Wrote: Hello all,
Recent version of Veracrypt use by default AES256, XTS with SHA512 (even on boot-mode).
I have run several tests and I'm unable to bruteforce Veracrypt boot volume disk with the default parameters.
13721 | Veracrypt SHA512 + XTS 512 bit (Legacy) -> Work for default container, but not for boot mode !
29461 | Veracrypt SHA256 + XTS 512 bit + boot-mode -> Not working with SHA512
The only boot mode that ressemble is 29461. But it is SHA256 and not SHA512.
I think we need 13721 in boot mode, or 29461 in SHA512 !
Am I the only one ?
Thanks for your help !
Are you cracking on a binary or a hash? 13721 is for binaries, 29461 is for hashes. If you're trying to crack a hash made from vc boot default settings you should use mode 29421, and for a binary it's 13721. These modes work for both bootable and non-bootable.
Hello ! Sorry for the late answer !
Thank you very much ! I understand now the difference between "binary data" and "hash" mode ^^
I used binary data for my tests. I followed the instruction on the wiki for boot mode (dumping 512 bytes starting with offset 31744 ).
I understand now that to get a hash I need to use the script Veracrypt2Hashcat.py.
Therefore I used Veracrypt2Hashcat.py on the raw encrypted partition (with offset mode set to "bootable").
I tried 29421 and others without success for now. But I think I'm doing something wrong. I'll keep experiementing !
Thanks !