Thank you for the list. This is way better than the other ones I found so far.
I have just tried the attempt on my encrypted laptop with the hash mode "-m 13762" and "-m 13761" but it didn't worked. I then tried the "-m 13722" mode and was able to unlock the laptop again.
Then I made another attempt:
In addition, I encrypted partition 1 of an USB-stick I found and was able to extract the password-hash with the command "sudo dd if=/dev/sdc1 of=veracrypt-usb-hash.txt bs=512 count=1". sdc1 was the encrypted partition of the usb-stick. Fun Fact It was not possible to extract the password-hash of the complete usb-stick in comparision to my encrypted drive. In the hash-file was the message "Error loading operating system Missing operating system". When I tried to load the hash-file it said "no hashes found". But only by the way...
Then is startet hashcat with the command "hashcat.exe -a 3 -w 4 -d 1,2 -D 1,2 -m 13722 veracrypt-usb-hash.txt wordlist.txt"
And what should I say? I was able to find out the password. But only again with the 13722 mode. In the meantime I am getting much better right through all of my attempts. The difficulty is simply to find out to what extent the correct hash mode has to be used in hashcat ...
By the way: ALL my password-hashes.txts are looking like this:
콑晬䘨ղ䫷弋㕯镢߉ꏌ䊔腦ᔒ作薯띊㭫聓ꙉ䲅衃⢕徬瘘䞑借䉳츾ㄢ外芔땝훖娑냅ꘕ猟擎韵霷縉Ņ咜腯ܻ☣蚐칱䵴Ꮉ㒌Ⓛ�蚲龰坜�瘺�篒І풹�똈⩅ጫ欄ⶩ釲ⴽ͏讬㢪潻乞嵪鍚ൎ〴ᇲ〻펹꽻㺅言䵩淞㻍탆�䞺텮㺼㯱ㅺ낆ߕ⓳郁廡機俸㤲쿟䙛�텚急标꿀枌맨㺳夻െᝬ뀗ﵞ굳�ࡳ�褟ᮡ캝諬ꇮ꺀ọ쥚个ㇵ끏뱦씏榏먩퉻ﲥ犔黈㍩嶂㜂쀆࠽쨦鸞黖붘ڣ��隿乹ꘙ嚧鏜翪袶块颷냐ﷁ뒟属太ﱘ뗢ꋢ叴ﱦ㳻쟵댼嵘잰ᾝぴ㠦釟ᏹ흱ꦓ蛖銲鲭櫊�ﱸ墍�襸⾍悫᤹�奏갾ᅍ퉭戹ኖ곣㤈黃뽺᫈펉멦蓷辺ꥇ⩶젿
Well...I'm not really a forensics expert, but I guess the characters have to do with encryption
I have just tried the attempt on my encrypted laptop with the hash mode "-m 13762" and "-m 13761" but it didn't worked. I then tried the "-m 13722" mode and was able to unlock the laptop again.
Then I made another attempt:
In addition, I encrypted partition 1 of an USB-stick I found and was able to extract the password-hash with the command "sudo dd if=/dev/sdc1 of=veracrypt-usb-hash.txt bs=512 count=1". sdc1 was the encrypted partition of the usb-stick. Fun Fact It was not possible to extract the password-hash of the complete usb-stick in comparision to my encrypted drive. In the hash-file was the message "Error loading operating system Missing operating system". When I tried to load the hash-file it said "no hashes found". But only by the way...
Then is startet hashcat with the command "hashcat.exe -a 3 -w 4 -d 1,2 -D 1,2 -m 13722 veracrypt-usb-hash.txt wordlist.txt"
And what should I say? I was able to find out the password. But only again with the 13722 mode. In the meantime I am getting much better right through all of my attempts. The difficulty is simply to find out to what extent the correct hash mode has to be used in hashcat ...
By the way: ALL my password-hashes.txts are looking like this:
콑晬䘨ղ䫷弋㕯镢߉ꏌ䊔腦ᔒ作薯띊㭫聓ꙉ䲅衃⢕徬瘘䞑借䉳츾ㄢ外芔땝훖娑냅ꘕ猟擎韵霷縉Ņ咜腯ܻ☣蚐칱䵴Ꮉ㒌Ⓛ�蚲龰坜�瘺�篒І풹�똈⩅ጫ欄ⶩ釲ⴽ͏讬㢪潻乞嵪鍚ൎ〴ᇲ〻펹꽻㺅言䵩淞㻍탆�䞺텮㺼㯱ㅺ낆ߕ⓳郁廡機俸㤲쿟䙛�텚急标꿀枌맨㺳夻െᝬ뀗ﵞ굳�ࡳ�褟ᮡ캝諬ꇮ꺀ọ쥚个ㇵ끏뱦씏榏먩퉻ﲥ犔黈㍩嶂㜂쀆࠽쨦鸞黖붘ڣ��隿乹ꘙ嚧鏜翪袶块颷냐ﷁ뒟属太ﱘ뗢ꋢ叴ﱦ㳻쟵댼嵘잰ᾝぴ㠦釟ᏹ흱ꦓ蛖銲鲭櫊�ﱸ墍�襸⾍悫᤹�奏갾ᅍ퉭戹ኖ곣㤈黃뽺᫈펉멦蓷辺ꥇ⩶젿
Well...I'm not really a forensics expert, but I guess the characters have to do with encryption