bruteforcing ecryptfs salt?
#1
Question 
Hey,

i have a Samsung Note2 with the XXUEMK4 firmware. After encrypting my sdcard (ecryptfs) i did a wipe of my data on the phone(not the sdcard). Unfortunately i did not know about what a salt is, now i know Wink So after wiping i could not decrypt the sdcard, because it seems the salt is always different after wipe (i do know my password!).

It looks like the salt is 8 Byte long, which can be seen in the attachment source code, but I am not sure.

So my question is: can i find out the whole passphrase (password+salt) to access my sdcard by bruteforcing it?
Or is it even possible to get the mechanism the salt is being generated?


Thanks in advance
Best J


Attached Files
.txt   ecryptfs_kernel.h.txt (Size: 28.26 KB / Downloads: 13)
#2
use maskprocessor to create a salt file then use external salt switch. will be incredibly slow though.
#3
Hey,

i am sorry but can you explained it a bit more detailed and noob friendly way.
Thanks