Veracrypt cracking
#1
Hello,

My name is Guilherme, I'm in the first post here on the forum. I read several posts and didn't find the answer. I'm trying to crack a veracrypt volume (it's not bootable), but I'm not getting success. Initially I thought I would have to generate the file with the first 512 bytes. Another question I have, if I have to generate the initial 512 bytes of the .vc file, because veracrypt test files only have 292? What actual size do I need to use?

After further reading, I found a post saying that to crack the veracrypt volume, it would be necessary to generate a hash using the veracrypt2hashcat.py script. I did it this way, I generated the hash $veracrypt$xxxxxxxxx..................................xxxxxxxxxxxxxxxxxxxxxxxx9.

I'm using the rockyou wordlist to crack the password (already knowing the password is inside rockyou), but when I run hashcat it doesn't load the hash generated by veracrypt2hashcat.py.

Another question I have. Do I need to inform the hash in a txt file or indicate a .vc file?

Could someone guide me how to proceed?

I've already created a container and wordlist for testing, I managed to break the password, but when I use the file I need to break, I'm not able to.

Thanks.
Reply
#2
In order to crack the password of a Veracrypt-container, you have two possibilities:

- recover the first 512 bytes of the container and use it as a "hash"; next, select the correct Veracrypt-'legacy' mode and run your job
- or, use the provided veracrypt2hashcat script on your container; this will give a "$veracrypt$..." formatted hash; next, select the correct Veracrypt-mode and run your job

Double-check that you selected the correct mode! (depending on legacy or not, and what encryption/hashing algorithm you choose during set-up)
Reply
#3
(08-31-2022, 10:44 AM)Banaanhangwagen Wrote: In order to crack the password of a Veracrypt-container, you have two possibilities:

- recover the first 512 bytes of the container and use it as a "hash"; next, select the correct Veracrypt-'legacy' mode and run your job
- or, use the provided veracrypt2hashcat script on your container; this will give a "$veracrypt$..." formatted hash; next, select the correct Veracrypt-mode and run your job

Double-check that you selected the correct mode! (depending on legacy or not, and what encryption/hashing algorithm you choose during set-up)


If I selected the wrong mode, and even the wordlist contains the password, hashcat will not crack the password, right?
Reply
#4
(08-31-2022, 04:21 PM)guiasc Wrote:
(08-31-2022, 10:44 AM)Banaanhangwagen Wrote: In order to crack the password of a Veracrypt-container, you have two possibilities:

- recover the first 512 bytes of the container and use it as a "hash"; next, select the correct Veracrypt-'legacy' mode and run your job
- or, use the provided veracrypt2hashcat script on your container; this will give a "$veracrypt$..." formatted hash; next, select the correct Veracrypt-mode and run your job

Double-check that you selected the correct mode! (depending on legacy or not, and what encryption/hashing algorithm you choose during set-up)


If I selected the wrong mode, and even the wordlist contains the password, hashcat will not crack the password, right?

That's correct, although modes ending in 294x3 can also crack modes 294x1 and 294x2. Also, be aware that PEM or keyfiles could have been used during encryption. See hashcat --help for parameters regarding this.

Also, looking at your original post, I guess you tried loading the hash in modes 137xx? This is only possible if you created a binary file of the 512 bytes. The hash extraction tool, which is very new, should be used with modes 294xx.

Are you 100% sure that it is actually veracrypt?
Reply
#5
(08-31-2022, 04:30 PM)b8vr Wrote:
(08-31-2022, 04:21 PM)guiasc Wrote:
(08-31-2022, 10:44 AM)Banaanhangwagen Wrote: In order to crack the password of a Veracrypt-container, you have two possibilities:

- recover the first 512 bytes of the container and use it as a "hash"; next, select the correct Veracrypt-'legacy' mode and run your job
- or, use the provided veracrypt2hashcat script on your container; this will give a "$veracrypt$..." formatted hash; next, select the correct Veracrypt-mode and run your job

Double-check that you selected the correct mode! (depending on legacy or not, and what encryption/hashing algorithm you choose during set-up)


If I selected the wrong mode, and even the wordlist contains the password, hashcat will not crack the password, right?

That's correct, although modes ending in 294x3 can also crack modes 294x1 and 294x2. Also, be aware that PEM or keyfiles could have been used during encryption. See hashcat --help for parameters regarding this.

Also, looking at your original post, I guess you tried loading the hash in modes 137xx? This is only possible if you created a binary file of the 512 bytes. The hash extraction tool, which is very new, should be used with modes 294xx.

Are you 100% sure that it is actually veracrypt?



I don't know anything about PEM or keyfiles, I'll look into that.

Yes, I tested through 137xx modes using the 512 byte file. I tried using veracrypt2hashcat, but I was in doubt, so I went with the 512 byte file.

I currently have two laptops to break the container.

I did the following steps:
1) dd if=container of=new.tc bs=1 count=512 (generating the file)
2) hashcat.exe -a 0 -m xxxx -D 2 new.tc rockyou (I'm using this command to try to crack)

I'm not sure if it's a veracrypt or truecrypt container. Is there any way to be sure?
For this reason I am using two laptops being:

Laptop 1: Focused on Truecrypt

1) dd if=container of=new.tc bs=1 count=512 (generating the file)
2) hashcat.exe -a 0 -m xxxx -D 2 new.tc rockyou (I'm using this command to try to crack)

I will use 6213, 6243, 6223 and 6233.

Laptop 2: Focused on Veracrypt

1) dd if=container of=new.vc bs=1 count=512 (generating the file)
2) hashcat.exe -a 0 -m xxxx -D 2 new.vc rockyou (I'm using this command to try to crack)

I will use 13713, 13743, 13753, 13763, 13723, 13773, 13783 and 13733.
Reply