Desperate Pleb bidding for help
#1
Hey guys, I'm sure you get posts like this a lot, but I'm incredibly desperate and don't know where else to turn. I won't break the rules by asking anyone to crack my hash, but I am more than willing to amply compensate bitcoin to anyone willing to take time out of their day to walk me through this problem I've been working on for the last 3 days.   

Here's the problem:

I'm locked out of an old veracrypt container. I don't remember exactly which ciphers I used, but I was pretty paranoid at the time and feel like I may have used the cascading thing.

The password is like 16-27 characters long, BUT I know like 90% of it. Or at least enough of it to make bruteforcing the remainder feasible.

Here's what I know:

The meat of the password is something like "KTKTKT07xx$$" Where I know 'KT' is repeated 3 times, I know 07 is in there at least once, but maybe also appears again before the 'KT' I am fairly certain 'x' and '$' are in there too, but I don't remember how often, though I know not more than 4 times in a row but there could be variations like: "x07xKTxKTxKTx07x$$" or "KTKTKT07xxx$" or even possibly "x07xKTx$KTx$KTx$07x  

Does this make sense?

Anyway, to compound these possibilities, I also know that on either side of this password is '?Word?' and '?WORD?'
Its the same word on either side, but I don't know which side is all caps.  I also know that '?' is either a '3' or a '#' or else nothing, but which ever side has the '3' the other side has the '#'. I don't think I'm explaining this clearly, But there are only 16 possibilities here:

3WordPasswordWORD#
3WordPassword#WORD
3WORDPasswordWord#
3WORDPassword#Word
WORD3Password#Word  
WORD3PassswordWord#
Word3PasswordWORD#
Word3Password#WORD
#WordPasswordWORD3
#WordPassword3WORD
#WORDPasswordWord3
#WORDPassword3Word
WORD#PasswordWord3
WORD#Password3Word
Word#Password3WORD
Word#PasswordWORD3

That's it.  dammit now the word 'word' looks weird to me.

There's a very small possibility that the main password has '123' instead of xxx or even ABC or !@# but if it was it would be sequential and no longer than 3 chars (!@# is just 123 holding shift on my keyboard)  

Anyway, I'm completely lost as to how to feed hashcat the right veracrypt hash, let alone create the right rules.  I've made up a list, after racking my brain, of all the possible main password combinations I might have used so I was thinking I could start by using that as a wordlist in combination with a mask.  But dammit I'm overwhelmed and stressing out just crazy desperate, its hard to think straight about  things, let alone learn how to use sophisticated hacking programs

If anyone can help me, or can point me to someone who can help, I'd be so grateful
#2
extract your veracrypt hash.

https://hashcat.net/wiki/frequently_aske...pt_volumes


the mask attacks will not be able to fulfill all of the variations you have proposed but it may fulfill a few.  i think your best bet would be to come up with a script to generate a few hundred if not a few thousand mask attacks to cover all of the crazy variations you can come up with being a possibility.  because you are so specific it doesn't seem like each mask attack would have a large keyspace.  there better be a huge wallet.dat file chilling on there because this is a lot of work.  Big Grin
#3
(01-07-2017, 12:08 AM)duhblow7 Wrote: extract your veracrypt hash.

https://hashcat.net/wiki/frequently_aske...pt_volumes


the mask attacks will not be able to fulfill all of the variations you have proposed but it may fulfill a few.  i think your best bet would be to come up with a script to generate a few hundred if not a few thousand mask attacks to cover all of the crazy variations you can come up with being a possibility.  because you are so specific it doesn't seem like each mask attack would have a large keyspace.  there better be a huge wallet.dat file chilling on there because this is a lot of work.  Big Grin

Ok so I think I've finally (6 hours of learning dd later) got the hash extracted, but I couldn't be sure whether or not I'd made it a hidden container so I guess I have to just run hashcat on both the first 512bytes and the 512bytes after the first 64k? There's no way to know?

The guy in this blog: http://www.williamkent.io/2016/09/11/how...veracrypt/ says he used python to generate his wordlist kind of like you mentioned, although his password sounded like it required a much simpler process.

And yea, the file is pretty fat.  Enough so that I would thankfully throw a couple month's wages at it
#4
can you do mask attack with custom mask like
Code:
?1WORD?2?2?2?2?2?2?2?2?2?2?2?2WORD?1 -1=3# -2=KT07x$
But you may have to change WORD to Word and first and last character to nothing.
#5
(01-08-2017, 07:54 AM)miccee Wrote: can you do mask attack with custom mask like
Code:
?1WORD?2?2?2?2?2?2?2?2?2?2?2?2WORD?1 -1=3# -2=KT07x$
But you may have to change WORD to Word and first and last character to nothing.

Ok..  That seems like it might take a really long time though. I was hoping I could eliminate some more possibilities.  Maybe make a couple word lists like:

List 1:

KTKTKT
KT
07

And then List 2:
Word3
WORD#
etc..

And then do a combination attack with a mask on the first list like:
???KT??KT??KT???????

And append list 2 to either side.  Can you make a charset that includes a blank?  I don't know, my coding experience is limited to a LISP class I took 12 years ago.
#6
(01-08-2017, 09:43 AM)desperatenoob Wrote:
(01-08-2017, 07:54 AM)miccee Wrote: can you do mask attack with custom mask like
Code:
?1WORD?2?2?2?2?2?2?2?2?2?2?2?2WORD?1 -1=3# -2=KT07x$
But you may have to change WORD to Word and first and last character to nothing.

Ok..  That seems like it might take a really long time though. I was hoping I could eliminate some more possibilities.  Maybe make a couple word lists like:

List 1:

KTKTKT
KT
07

And then List 2:
Word3
WORD#
etc..

And then do a combination attack with a mask on the first list like:
???KT??KT??KT???????

And append list 2 to either side.  Can you make a charset that includes a blank?  I don't know, my coding experience is limited to a LISP class I took 12 years ago.

Code:
echo $'3Word\n3WORD\n#Word\n#WORD\nWord\nWORD\n' > prepend.txt
 

Code:
crunch 16 18 -p KT KT KT 07 x x x x '$' '$' '$' '$' > password.txt

Code:
echo $'Word3\nWORD3\nWord#\nWORD#\nWord\nWORD\n' > append.txt

Code:
./combinator3.bin prepend.txt password.txt append.txt > prepend_password_append.txt

The problem with this is your password... all these combined would have a significant amount of hashes

The other solution is making both prepend.txt and append.txt into rule and you just have to mess with password.txt and insert the rule. 

I wonder if anyone else has a better idea.