02-10-2023, 11:23 AM
I'm trying to crack a truecrypt container with a suspected keyfile using the --truecrypt-keyfile parameter. According the hashcat help it should look like --truecrypt-keyf=keyfile. And this is where I noticed some weird stuff.
1: When the cracking job runs, there's nowhere to see, if the keyfile is actually used.
2: If I add a filename, that does not exist, it does not give me an error.
3: If I change the name of the parameter itself, like if I write --truecrypt-ke, --truecrxxxxx or just --t, it gives no error. It just starts the job.
So I'm unsure if the given keyfile is actually used.
This was done with hashcat v6.2.6
1: When the cracking job runs, there's nowhere to see, if the keyfile is actually used.
2: If I add a filename, that does not exist, it does not give me an error.
3: If I change the name of the parameter itself, like if I write --truecrypt-ke, --truecrxxxxx or just --t, it gives no error. It just starts the job.
So I'm unsure if the given keyfile is actually used.
This was done with hashcat v6.2.6