Posts: 33
Threads: 16
Joined: Dec 2016
07-18-2022, 04:08 PM
(This post was last modified: 07-18-2022, 04:44 PM by matt99.)
Just to be on the safe side before I crack into the void: Hashcat recognizes by the hash syntax and the selected hash mode whether the hash is plausible in form or not. Does hashcat recognize this also if it is a section/dump of a Veracrypt encryption or can hashcat not check this (for reasons) and tries to crack it without verifying it? I just want to make sure that I have correctly dumped the section in which the hash is located. Hashcat does not show me an error message when cracking.
Edit: oh, btw, do i need utf8 encoding for my wordlist in order to crack veracrypt related hashes or is a binary file ok? I checked my wordlist like this "file -i wordlist.txt" and get "filtered.txt: application/octet-stream; charset=binary". I want to eleminate all possible mistakes.
Posts: 893
Threads: 15
Joined: Sep 2017
(07-18-2022, 04:08 PM)matt99 Wrote: Just to be on the safe side before I crack into the void: Hashcat recognizes by the hash syntax and the selected hash mode whether the hash is plausible in form or not. Does hashcat recognize this also if it is a section/dump of a Veracrypt encryption or can hashcat not check this (for reasons) and tries to crack it without verifying it? I just want to make sure that I have correctly dumped the section in which the hash is located. Hashcat does not show me an error message when cracking.
Edit: oh, btw, do i need utf8 encoding for my wordlist in order to crack veracrypt related hashes or is a binary file ok? I checked my wordlist like this "file -i wordlist.txt" and get "filtered.txt: application/octet-stream; charset=binary". I want to eleminate all possible mistakes.
short answer no
true/veracrypt input is in binary form and hashcat cannot check the validity of the input beforehand, in fact you could provide more than 512 bytes, e.g. an inputfile of 1mb, hashcat will take the first 512 bytes and tries to crack it
regarding the wordlist, when running HC, take a look at the hashcat line telling candidates: > , how do the candidates look like? plain words and or readable ascii? if yes, your file seems okay, it could be, that your file is an uft8-bom file and therefore "mistaken" as binary file
Posts: 33
Threads: 16
Joined: Dec 2016
(07-20-2022, 01:22 PM)Snoopy Wrote: short answer no
true/veracrypt input is in binary form and hashcat cannot check the validity of the input beforehand, in fact you could provide more than 512 bytes, e.g. an inputfile of 1mb, hashcat will take the first 512 bytes and tries to crack it
Ok, i think the dump should be correct.
Code:
dd if=./veracrypt_encrypted_device_image of=./veracrypt_encrypted_device_dump bs=512 count=1
(07-20-2022, 01:22 PM)Snoopy Wrote: regarding the wordlist, when running HC, take a look at the hashcat line telling candidates: > , how do the candidates look like? plain words and or readable ascii? if yes, your file seems okay, it could be, that your file is an uft8-bom file and therefore "mistaken" as binary file
Yes, i can read the candidates in plain text. Readable, no binary/whatever format.