1 hour ago
Hi,
I'm trying to use Hashcat to do a dictionary attack on a volume that I apparently lost the password to.
Here's what I'm doing and what I'm getting:
cryptsetup luksDump for the volume:
UKS header information
Version: 2
Epoch: 3
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes]
UUID: 120c05ee-88ae-4ac1-babb-e9aac56c6c19
Label: (no label)
Subsystem: (no subsystem)
Flags: (no flags)
Data segments:
0: crypt
offset: 16777216 [bytes]
length: (whole device)
cipher: aes-xts-plain64
sector: 4096 [bytes]
Keyslots:
0: luks2
Key: 512 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: argon2id
Time cost: 9
Memory: 1048576
Threads: 4
Salt: 05 06 90 e4 a1 25 85 e1 d1 5e 39 51 de f0 48 4c
79 de f8 b9 37 2d 3f 93 a2 1c d1 ef 3f e7 58 fd
AF stripes: 4000
AF hash: sha512
Area offset:32768 [bytes]
Area length:258048 [bytes]
Digest ID: 0
Tokens:
Digests:
0: pbkdf2
Hash: sha512
Iterations: 360583
Salt: 8a ec b3 78 87 58 97 98 3d 7b cc 7b 76 d1 53 ba
30 b4 ce 7f 0d b2 56 c3 2e 87 6f ab 0e f6 d6 df
Digest: 3f ff f9 22 2c e1 13 b2 3f 19 6d 0c 96 dd c7 ee
f7 c5 2b 9e c4 f6 44 80 52 7d 0a d6 60 92 7f b9
67 78 5f 19 80 4a 3f ee e6 48 6a 4a 66 f8 c5 dc
71 93 ff 21 1d d9 5b 87 2e 71 fc 84 bf fe 4d 97
I then ran luks2hashcat.py on the volume and piped it with > to luks.hash.
Then, I ran
sudo ./hashcat.bin -a 0 -m 34100 luks.hash p.txt
p.txt is my password manager export of passwords.
I receive this error:
Hashfile 'md.hash' on line 1 ($luks$...21dd732703d6aabce6dc5d8a3108a336): Signature unmatched
Hash file starts with:
$luks$2$argon2id$sha512$aes$xts-plain64$512$m=1048576,t=9,p=(then 262,143 characters)
Am I doing something wrong?
I'm trying to use Hashcat to do a dictionary attack on a volume that I apparently lost the password to.
Here's what I'm doing and what I'm getting:
cryptsetup luksDump for the volume:
UKS header information
Version: 2
Epoch: 3
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes]
UUID: 120c05ee-88ae-4ac1-babb-e9aac56c6c19
Label: (no label)
Subsystem: (no subsystem)
Flags: (no flags)
Data segments:
0: crypt
offset: 16777216 [bytes]
length: (whole device)
cipher: aes-xts-plain64
sector: 4096 [bytes]
Keyslots:
0: luks2
Key: 512 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: argon2id
Time cost: 9
Memory: 1048576
Threads: 4
Salt: 05 06 90 e4 a1 25 85 e1 d1 5e 39 51 de f0 48 4c
79 de f8 b9 37 2d 3f 93 a2 1c d1 ef 3f e7 58 fd
AF stripes: 4000
AF hash: sha512
Area offset:32768 [bytes]
Area length:258048 [bytes]
Digest ID: 0
Tokens:
Digests:
0: pbkdf2
Hash: sha512
Iterations: 360583
Salt: 8a ec b3 78 87 58 97 98 3d 7b cc 7b 76 d1 53 ba
30 b4 ce 7f 0d b2 56 c3 2e 87 6f ab 0e f6 d6 df
Digest: 3f ff f9 22 2c e1 13 b2 3f 19 6d 0c 96 dd c7 ee
f7 c5 2b 9e c4 f6 44 80 52 7d 0a d6 60 92 7f b9
67 78 5f 19 80 4a 3f ee e6 48 6a 4a 66 f8 c5 dc
71 93 ff 21 1d d9 5b 87 2e 71 fc 84 bf fe 4d 97
I then ran luks2hashcat.py on the volume and piped it with > to luks.hash.
Then, I ran
sudo ./hashcat.bin -a 0 -m 34100 luks.hash p.txt
p.txt is my password manager export of passwords.
I receive this error:
Hashfile 'md.hash' on line 1 ($luks$...21dd732703d6aabce6dc5d8a3108a336): Signature unmatched
Hash file starts with:
$luks$2$argon2id$sha512$aes$xts-plain64$512$m=1048576,t=9,p=(then 262,143 characters)
Am I doing something wrong?