VeraCrypt test
There is an encrypted VeraCrypt system disk. One os. AES+Whirlpool. I know the password. I decided to try hacking through a hashcut.
I'm loading through Linux.
sudo dd if=/dev/nvme0n1 of=data skip=31744 bs=512 count=1
hashcat -m 13731 -a 3 data 'Pass?s'
But there is no result.
Disk nvme.
100MB EFI System
16MB Microsoft reserved
237GB Micr. basic data
Is the hash definition problem?
Skip=62. Problem solved
You used -m 13731 which is the mode for a non-bootable partition, while you extracted 512 bytes to "data" like it is a bootable-partition.

Please double-check if you selected during configuration Veracrypt for the bootable partition or for a non-bootable partition. It matters because you need to skip some sectors first if dealing with a bootable encrypted partition (like you did). If it is a non bootable partition, you don't need to skip.

Once you determined this, make sure to use the correct mode.

Finally, 31744 is the offset; you need to skip the sectors which is 31744 / 512 = 62

use the new non binary mode version for attacking true/veracrypt mode 294** and the provided true/

just simple extract the first 1-2 megabytes of the disk (or partition depends on the setup) and use the script with all possible offsets (no, hidden, bootable bootlable+hidden (just take a look in the options) this way the script even tells you, whether the extracted hash is okay or not (missing entropy)

edit: use the newes script provided with the beta
(05-14-2024, 09:40 AM)Begemot_alot Wrote: Skip=62. Problem solved

Why it helped?

serwery minecraft