hashcat Forum Support hashcat v
Hashcat wrong Hash "Veracrypt loader damaged"

Threaded Mode
Hashcat wrong Hash "Veracrypt loader damaged"
Hashcatdog Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Jan 2025
#1
01-08-2025, 10:02 AM
Hello,

i want to brute my own HDD.
When i get the hash with DD Hashcat says "no hash loaded"
so i looked into the hash file and it does not look normal, it looks like normal but it also says "veracrypt loader damaged, use rescue disk"

I tested it with a USB-Stick and same dd command, i get an valid hash.

I also send the HDD to a big company because i thought the HDD is damaged, but its not damaged.
So what could be the problem? is it just a format problem?

Hopefully someone can help me.

got the hash with sudo dd if=/dev/sdb of=disk bs=512 count=1

regards
Find
Reply
Snoopy Offline
Posting Freak
*****
Posts: 903
Threads: 15
Joined: Sep 2017
#2
01-09-2025, 02:53 PM
There are two possibilities to attack True/Veracrypt

the binary version, modes 137*** and the new hash based modes 294***, see wiki on that, i would prefer using the hashbased as for this you can attack multiple targets at once

you will need the pythonscript veracrypt2hashcat from the latest beta https://hashcat.net/beta/, located under the tools directory

because this script can export different types (normale, boot, boot + hidden) just extract the first 1MB from your disk

sudo dd if=/dev/sdb of=disk bs=1M count=1
sudo dd if=/dev/sdb1 of=part bs=1M count=1 *see below for that

now run the script with all three possibilities, the script will even tell you if the entropy is to low (so this option is wrong) you can also see this, because the hahsh will have many zeros

if the script tell you this on all 3 possibilities, maybe you have to textract from the first partition of your disk, not directly from disk (not sure on that, but you can try this on your own, just export also the first 1mb of the first partition, see above and run the script also on that file
Find
Reply
helloworld123 Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Dec 2024
#3
01-09-2025, 08:12 PM
Thank you very much!

I will try it, never heard about the 1mb methode.
best regards
Find
Reply
Hashcatdog Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Jan 2025
#4
01-09-2025, 09:24 PM
(01-09-2025, 02:53 PM)Snoopy Wrote: There are two possibilities to attack True/Veracrypt

the binary version, modes 137*** and the new hash based modes 294***, see wiki on that, i would prefer using the hashbased as for this you can attack multiple targets at once

you will need the pythonscript  veracrypt2hashcat from the latest beta https://hashcat.net/beta/, located under the tools directory

because this script can export different types (normale, boot, boot + hidden) just extract the first 1MB from your disk

sudo dd if=/dev/sdb of=disk bs=1M count=1
sudo dd if=/dev/sdb1 of=part bs=1M count=1 *see below for that

now run the script with all three possibilities, the script will even tell you if the entropy is to low (so this option is wrong) you can also see this, because the hahsh will have many zeros

if the script tell you this on all 3 possibilities, maybe you have to textract from the first partition of your disk, not directly from disk (not sure on that, but you can try this on your own, just export also the first 1mb of the first partition, see above and run the script also on that file

Lol i did  not know it also.

So i get 1b from my HDD with dd and from this file i create the hash with veracrypt2hashcat, right?

thank you very much
Find
Reply