Itunes Backup recovery strategy
#1
I am trying to avoid paying to unlock my wife's iPad backup. I have a new device for her and want to migrate to it with a few lost items as possible.  
On her MAC she did not tell it to keep the encryption password in Keychain and on my Windows PC the password is not recoverable.

I found my way here and using the pl script I was able to get the $itunes_backup$*9*wkpy*iter*salt** - (partial shown: $itunes_backup$*9*a8c7351ffc551...) and I have passed that to hashcat as itunes9.txt 
Code:
hashcat64 -m 14700 --weak-hash-threshold 0 itunes9.txt

Hashcat seems to be running:
Code:
Session..........: hashcat
Status...........: Running
Hash.Type........: iTunes Backup < 10.0
Hash.Target......: $itunes_backup$*9*a8c7351ffc551...
Time.Started.....: Sun Feb 26 16:02:51 2017 (12 mins, 16 secs)
Time.Estimated...: Sun Feb 26 16:15:07 2017 (0 secs)
Input.Base.......: Pipe
Speed.Dev.#1.....:        0 H/s (0.00ms)
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0
Rejected.........: 0
Restore.Point....: 0
Candidates.#1....: [Copying]
HWMon.Dev.#1.....: Temp: 43c Fan: 40%


But I d not know enough to know if this output is normal/std.  I tried a password file of ones we would have used (Windows, Mac, Pin, iTunes, etc) but that ran about five seconds and ended so I presume none of those we valid.  Having already tried them I doubted they would.

Any help/thoughts?

Thanks
#2
Well, since the algorithm is very slow... your best bet is to use very selectively choosen password candidates (and apply very few rules - or even none - to it).

The best thing would be to try to remember as much as possible from the password:
- which characters were used (only lowercase characters? digits at the end? special charcaters at the end? uppercase characters at the beginning? etc)
- was it a passphrase or a password
- remember the (possibly exact) length of the password
- was it based on words which could be found in a dictionary
etc etc

With all of this information you should be able to hand-craft (yeah, it's almost necessary for such a slow algorithm) a base wordlist and apply some very specific rules (for more details about the attack modes supported by hashcat see: https://hashcat.net/wiki/#attack_modes )
#3
About your question: Yes wordlists can run only for a few seconds. See philsmd's note about how to add mutation rules. Also note that (in your command) you did not specify a wordlist in -a0 mode, which enables stdin mode. So hashcat is waiting for your input (or piped input).
#4
(02-27-2017, 12:17 PM)atom Wrote: About your question: Yes wordlists can run only for a few seconds. See philsmd's note about how to add mutation rules. Also note that (in your command) you did not specify a wordlist in -a0 mode, which enables stdin mode. So hashcat is waiting for your input (or piped input).

The wordlist run was not included in what I posted since it was not mutated and only really verified the manual attempts I had already tried.  Using a more powerful machine since it will need to run and adding supported GPU option. 


(02-27-2017, 09:36 AM)philsmd Wrote: The best thing would be to try to remember as much as possible from the password:
- which characters were used (only lowercase characters? digits at the end? special charcaters at the end? uppercase characters at the beginning? etc)
- was it a passphrase or a password
- remember the (possibly exact) length of the password
- was it based on words which could be found in a dictionary
etc etc

Thanks for the information about mutation of word list.  I have determined same iPad is backed up on several machines and will try recovery on each. Failing that to work I will put hashcat back to work on it.

Thanks to you both.