Cracking Veracrypt hash

[pw1]

Hi Guys, usually I try not to spam about my problems, I prefer to read, Google, and solve issues on my own. But this time I'm stuck, and it's a matter of life and death (especially since I didn't note my password because I thought, "It's obvious, so I will definitely remember it after the holidays. Doh!")

Background
A few months ago, I encrypted my boot partition and went on a good holiday. Standard procedure of encrypting system partition in Vera crypt
I forgot my password (I know keywords, digits, etc., so with Crunch, I'll be able to generate my dictionary).
Also, I’m not sure if I chose AES-512 or Whirlpool...

Tech steps
I dumped the first few MB of my disk:
dd if=/dev/nvme0n1 of=/root/hash bs=512 count=5120
Not using  nvme0n1p1 (partitions)
Then I tried:
veracrypt2hash --offset bootable /root/hash

I’m getting some hash here—it would be nice to determine what type of hash it is to choose the right hash mode in Hashcat for cracking.
Next, I tried using Hashcat:
hashcat -a 0 -m 29421 hash combinations.txt (my dictionary). Unfortunately without luck
Also I tried  29421..3 without results 

So my questions are:

1. Am I extracting the hash correctly? (The official documentation says that I should take 512B with offset 31744, but I did it without the proper effect). I read that veracrypt2hash should handle this.
   
2. How to determine what type of hash it is? (is it actually possible?) 
   
3. Any suggestion would be more than welcome [I'm stuck]
   

[pw1]

Hello,

Short update:
- I was able to confirm in the lab that dd if=/dev/nvme0n1 of=/root/hash bs=1 count=512 skip=31744 works as expected.
- After extracting the data, I successfully cracked the password in my lab.
- I also confirmed that veracrypt2hash (without the --offset bootable flag) properly converts data to a hash. I was able to crack this hash in my lab as well.

However, I am unable to crack the proper hash on my disk:
1. I extracted the data exactly as above: dd if=/dev/nvme0n1 of=/root/hash bs=1 count=512 skip=31744.
2. I extracted the data using dd if=/dev/nvme0n1 of=/root/hash bs=512 count=5120 and then used veracrypt2hash, receiving the same hash as in point #1.

In both cases, I was unable to crack my password.
For hash im using -m 24921 and for raw data 13721
I generated passwords using my suspect words. I created a list of 5–10 different words and tried permutations several times without success.
Of course i double check my word list seems should be good.

After 7 days of trying, I’m starting to lose faith.
I would be grateful for ANY suggestions.

[b8vr]

Hello,

Short update:
- I was able to confirm in the lab that dd if=/dev/nvme0n1 of=/root/hash bs=1 count=512 skip=31744 works as expected.
- After extracting the data, I successfully cracked the password in my lab.
- I also confirmed that veracrypt2hash (without the --offset bootable flag) properly converts data to a hash. I was able to crack this hash in my lab as well.

However, I am unable to crack the proper hash on my disk:
1. I extracted the data exactly as above: dd if=/dev/nvme0n1 of=/root/hash bs=1 count=512 skip=31744.
2. I extracted the data using dd if=/dev/nvme0n1 of=/root/hash bs=512 count=5120 and then used veracrypt2hash, receiving the same hash as in point #1.

In both cases, I was unable to crack my password.
For hash im using -m 24921 and for raw data 13721
I generated passwords using my suspect words. I created a list of 5–10 different words and tried permutations several times without success.
Of course i double check my word list seems should be good.

After 7 days of trying, I’m starting to lose faith. 
I would be grateful for ANY suggestions.

There should be an unencrypted partition with an EFI folder. In that folder there's a veracrypt sub folder. In that folder you will see a file called dcsprop. It's really a XML file. The xontent of that should tell you which algorithm was used for encryption.

Apart from that, there's not sure lot you can do other than what you already described. Except if you use a non us-keyboard. Whatever password you chose is interpreted as if it was written with a us keyboard. So you could have some layout issue there. If that's the case, have a look at 
--keyboard-layout-mapping in hashcat help.

[pw1]

Hi,

Thanks! I was wondering how VeraCrypt knows which hash to use, and why it determines it so quickly when I manually type the password.
Very good hint!

My file looks like this—I assume my hash is SHA-512 (please confirm):

<?xml version="1.0" encoding="utf-8"?>
<VeraCrypt>
<configuration>
<config key="PasswordType">0</config>
<config key="PasswordMsg">Password: </config>
<config key="PasswordPicture">login.bmp</config>
<config key="HashMsg">(0) TEST ALL (1) SHA512 (2) WHIRLPOOL (3) SHA256 (4) RIPEMD160 (5) STREEBOG
Hash: </config>
<config key="Hash">1</config>
<config key="HashRqt">0</config>
<config key="PimMsg">PIM (Leave empty for default): </config>
<config key="Pim">0</config>
<config key="PimRqt">1</config>
<config key="AuthorizeVisible">0</config>
<config key="AuthorizeRetry">10</config>
<config key="DcsBmlLockFlags">0</config>
<config key="DcsBmlDriver">0</config>
<config key="ActionSuccess"></config>
</configuration>
</VeraCrypt>

Is there a way to determine what type of XTS it is? It’s crucial for performance.


Regarding the keyboard layout, I'm using US. But thanks for the nice idea.


So if it would be SHA512 seems I have to build better dictionary.

[b8vr]

Hi,

Thanks! I was wondering how VeraCrypt knows which hash to use, and why it determines it so quickly when I manually type the password.
Very good hint!

My file looks like this—I assume my hash is SHA-512 (please confirm):

<?xml version="1.0" encoding="utf-8"?>
<VeraCrypt>
        <configuration>
                <config key="PasswordType">0</config>
                <config key="PasswordMsg">Password: </config>
                <config key="PasswordPicture">login.bmp</config>
                <config key="HashMsg">(0) TEST ALL (1) SHA512 (2) WHIRLPOOL (3) SHA256 (4) RIPEMD160 (5) STREEBOG
Hash: </config>
                <config key="Hash">1</config>
                <config key="HashRqt">0</config>
                <config key="PimMsg">PIM (Leave empty for default): </config>
                <config key="Pim">0</config>
                <config key="PimRqt">1</config>
                <config key="AuthorizeVisible">0</config>
                <config key="AuthorizeRetry">10</config>
                <config key="DcsBmlLockFlags">0</config>
                <config key="DcsBmlDriver">0</config>
                <config key="ActionSuccess"></config>
        </configuration>
</VeraCrypt>

Is there a way to determine what type of XTS it is? It’s crucial for performance.


Regarding the keyboard layout, I'm using US. But thanks for the nice idea.


So if it would be SHA512 seems I have to build better dictionary.

Yes, it seems to be sha512. Unfortunately there's no way to determine the xts. So yeah, better wordlists / rules.

[Johnhancock]

Can anyone help me with an encrypted zip?

[TheBogeyman]

Can anyone help me with an encrypted zip?

sure