04-02-2015, 01:34 PM
Hi,
I've a quick question I'm hoping somebody can help me with. I've a number of truecrypt containers I'd like to run some wordlist attacks against.
The first one I chose I ran a test using oclhashcat, the file, and the wordlist on the cli and it recovered the password after a few minutes. Result!!
However, I've been experimenting with Hashtopus (which really is good) and would like to be able to use it to crack these files. The problem with hashtopus (as I see it) is that you have to feed it hashes (or a file full of hashes) rather than actual files.
I played around with JohnTheRipper and used it truecrypt_volume2john function to extract the hash from the truecrypt file I already cracked. It was extracted in the format:
FILENAME:truecrypt_RIPEMD_160$VOULME_HASH:normal::::/PATH/FILENAME
I selected the VOLUME_HASH; ie all data between the dollar sign and the colon and placed it into a new text file. I then passed this to oclHashcat and it fired up and went about trying to crack it.
However, this time it exhausted all the possibilities in the dictionary and didn't find the password.
Does anybody have any ideas on what may be going on here please?
I've a quick question I'm hoping somebody can help me with. I've a number of truecrypt containers I'd like to run some wordlist attacks against.
The first one I chose I ran a test using oclhashcat, the file, and the wordlist on the cli and it recovered the password after a few minutes. Result!!
However, I've been experimenting with Hashtopus (which really is good) and would like to be able to use it to crack these files. The problem with hashtopus (as I see it) is that you have to feed it hashes (or a file full of hashes) rather than actual files.
I played around with JohnTheRipper and used it truecrypt_volume2john function to extract the hash from the truecrypt file I already cracked. It was extracted in the format:
FILENAME:truecrypt_RIPEMD_160$VOULME_HASH:normal::::/PATH/FILENAME
I selected the VOLUME_HASH; ie all data between the dollar sign and the colon and placed it into a new text file. I then passed this to oclHashcat and it fired up and went about trying to crack it.
However, this time it exhausted all the possibilities in the dictionary and didn't find the password.
Does anybody have any ideas on what may be going on here please?