How to recover password by truecrypt
#1
Hey guys,

unfortunately I forgot my password by truecrypt. I know it was a simple one but all my tries weren´t succsessful. Shortly I read oclHashcat-plus would be the best tool to solve this problem. I tried to look how to do that but I still unsure about the procedure.

Can anyone help me or refer to a link for tutorial? Is oclHashcat-plus really the right tool for mu issue?
#2
Wiki, gui.
#3
(09-07-2013, 08:21 PM)Rolf Wrote: Wiki, gui.

uh, it seems to be something for experts.
#4
(09-07-2013, 08:30 PM)N007 Wrote:
(09-07-2013, 08:21 PM)Rolf Wrote: Wiki, gui.

uh, it seems to be something for experts.

No one is going to hold your hand here. The wiki and the forums hold more than enough information to get you started.
#5
(09-07-2013, 09:07 PM)radix Wrote:
(09-07-2013, 08:30 PM)N007 Wrote:
(09-07-2013, 08:21 PM)Rolf Wrote: Wiki, gui.

uh, it seems to be something for experts.

No one is going to hold your hand here. The wiki and the forums hold more than enough information to get you started.

I´m not expexting to be hold on the hand. I just imagined the tool would be easy to use without study. Thanks.
#6
Does "advanced password recovery" means something to you or it written just for atom itself? on wiki everything covered nicely. To be successful with truecrypt you need to know approx how long your password is, as you created it you should know if you using uppercase, numbers, symbols in your password's. After that you will know which attack mode to use and how to plan it. Truecrypt is slow so 'blind' mask attack would be not wise.
#7
I'd say dictionary and even dictionary-based attacks can be done against TC.
#8
I have the same problem as N007: I would like to try to recover a password of a truecrypt file. My OS is windows 7 64-Bit and of course I just installed the latest Nvidia-driver for my GTX670. And I have had no contact with hashcat or other password recovery tools till today.

As here is obviously not very much help for beginners like him and me, I tried to search the referenced "wiki" and "gui", but did not find anything on the topic "truecrypt recovery". So first I would really appreciate some more detailed references as just "wiki" and "gui". I really searched, but was not able to find any information about the truecrypt-password-recovery-options there. It would have been of so much help for me to find at least some example line for the (pretty new) truecrypt-options "-m 62YX" in combination with a dictionary.

I would like to do a dictionary attack for my truecrypt-file, but Iam not very successful in finding the correct options. Finally with trying around and not because of the wiki, I was able to put the following command line together, that is at least starting without errors:

cudaHashcat-plus64.exe -m 6221 -a 6 "test2.tc" "dict_test.txt" ?l

But this is for a hybrid attack and I would like to do a dictionary attack. As I think I understood that a dictionary attack for just trying all words in one dictionary is not available, I tried the "combinatory attack". As far as I understood this should try every combinations of 2 word of the dictionary, but the following line is not accepted and I have no idea why:

cudaHashcat-plus64.exe -m 6221 -a 1 "test2.tc" "dict_test.txt"

I would also like to know, if I understood it correct, that currently for cudaHashcat-plus64.exe only the AES encryption is supported and all other combinations are not supported?

EDIT: Ok, I found the problem. I just had to remove the attack-mode "-a 1" in order to get a dictionary attack. But I would still like to know, how to use the combinatory attack without the optional(?) options for the rules "-j" or "-k".
#9
For straight dictionary attack it's -a 0. When you do combinatory attack (-a 1) the 2 dics may or may not be the same but you have to specify both of them even if they are the same.
#10
Ah, ok. That means the option "straight". I was not able to figure this out, because "straight" is not mentioned in the wiki in the section "attack modes". There you only find "dictionary attack".

For the combinatory attack this would then be:

cudaHashcat-plus64.exe -m 6221 -a 1 "test2.tc" "dict_test.txt" "dict_test.txt"

Ok, this works. Thank you for your help.

For the truecrypt-options: As far as I understood they are pretty new and even not shown on the appropriate sections of hashcat suite on the website. Does anyone know, what the current status for the non-AES-encryption (and the combinations) is? Or when they will be available?

EDIT: Ok, I found the answer for my truecrypt-question in this thread. As far as I understood atom is working on the other encryption methods. In the meantime would there be another way to try the recovery? With my beginners knowledge? Iam afraid the answer is no Wink