VeraCrypt cracking always Exhausted
#1
Hello,
I am sorry but I can't get it working with standard vera-crypt-containers.

Therefore I just created 4 folders with combinations of SHA512, Whirlpool and AES, AES/TWOFISH/SERPENT to try all available hash-modes which I prefer and that are in FAQ:

-m 13721
-m 13723
-m 13731
-m 13733

So I created 4 basic containers with each encryption-mode, set the passwort to "mic" (3 letters) and extracted their first 512bytes and pasted them with notepad++ into new hash-files (see screenshot).
Then I used command

Code:
hashcat64.exe -m 13721 -a 3 Hash.txt ?l?l?l
pause

to let hashcat brute-force the 3 letters of this simple password.
It finished after ~3 minutes but it did not crack it.

?

LINK: SCREENSHOT
[Image: unkenntlich.jpg]


I double-checked the hash-file, the right hash-mode, encryption-mode, the FAQs and the password (vera-crypt can decrypt it!).

Why doesn't it work?

Thanks in advance.


EDIT:
WTF are you serious?
Vera-Crypt containers do not need the first 512 bytes of the container-raw-data but the first 299008 bytes.
Your FAQ is wrong.

I tested it with the example hash from the FAQ/wiki
Quote:13731
VeraCrypt PBKDF2-HMAC-Whirlpool + AES
https://hashcat.net/misc/example_hashes/...s_13731.vc

And I was wondering why the file was so big. When I extracted the first 512 bytes nothing happened.
But when I used the full file (299008 bytes!) it encrypted the "hashcat" password.

Please update your FAQ/wiki asap!
Else explain me what you meant with 512bytes in the description......

Quote:How do I extract the hashes from TrueCrypt volumes?
In order to crack TrueCrypt volumes, you will need to feed hashcat with the correct binary data file. Where this data lives depends on the type of volume you are dealing with.
The rules are as follows:
  1. for a TrueCrypt boot volume (i.e. the computer starts with the TrueCrypt Boot Loader) you need to extract 512 bytes starting with offset 31744 (62 * 512 bytes). This is true for TrueCrypt 7.0 or later. For TrueCrypt versions before 7.0 there might be different offsets.

    Explanation for this is that the volume header (which stores the hash info) is located at the last sector of the first track of the system drive. Since a track is usually 63 sectors long (1 sector is 512 bytes), the volume header is at sector 63 - 1 (62).


  2. if TrueCrypt uses a hidden partition, you need to skip the first 64K bytes (65536) and extract the next 512 bytes.
    dd if=hashcat_ripemd160_AES_hidden.raw of=hashcat_ripemd160_AES_hidden.tc bs=1 skip=65536 count=512
  3. else:
    1. if you are cracking a single TrueCrypt file instead of a physical disk, you need the first 512 Bytes of the file.
    2. in case of a physical disk you need to copy the last 512 bytes of the *first logical volume*.
You can extract the binary data from the raw disk, for example, with the Unix utility dd (e.g. use a block size of 512 and a count of 1).
You need to save this hash data into a file and simply use it as your hashlist with hashcat.
The hashcat wiki lists some TrueCrypt example hashes (e.g. -m 6211, -m 6221, -m 6231 or -m 6241 depending on the exact TrueCrypt settings that were used when setting up the TrueCrypt volume). If you want to test/crack those example “hashes”, as always, use the password “hashcat” (without quotes).
The same procedure should also work for VeraCrypt volumes (but you need to adapt the hash mode to -m 137XY - see the --help output for all the supported hash mode for VeraCrypt and the correct values for X and Y).

How do I extract the hashes from VeraCrypt volumes?
The procedure to extract the important information from data encrypted with VeraCrypt follows the same steps/rules as for TrueCrypt: see How do I extract the hashes from TrueCrypt volumes?
It's important that you do not forget to adapt the hash mode (-m). For all supported hash modes for data encrypted with VeraCrypt, please have a glance at the --help output.
#2
You should have already noticed by now (after we discussed and explained it here: https://hashcat.net/forum/thread-6908.html and also by looking at the example hashes here: https://hashcat.net/wiki/example_hashes) that some hash types expect binary data (like veracrypt, truecrypt etc) and some other hash types expect hex data (or base64 encoded data etc).

From the screenshot (see the notepad++ screenshot) above it is very clear to me that your data is not in binary format for the veracrypt "hash". Just compare it with the example hashes.

The hash formats are normally very intuitive: MD5 hashes are normally hex encoded and therefore hashcat expects the input to be hexadecimal encoded (0-9a-f, 32 hex chars to contain all 16 binary bytes or 128 binary bits)... other hashes might have some signatures like md5crypt $1$ etc...
on the other hand, some encrypted data ... like it is the case for VeraCrypt/TrueCrypt... doesn't need to be hex encoded/converted.... it is just used as is (with the correct offsets as mentioned here: https://hashcat.net/faq#how_do_i_extract...pt_volumes , depending on the type of VeraCrypt/TrueCrypt "volume")...
This means, that you just copy the data AS-IS (with the correct offset)... for linux/windows you can just use dd (or dd.exe)... but if it is just a VeraCrypt encrypted file the offset is 0 anyway and therefore you do not need to remove any bytes at the beginning.

You just edited your post.... my guess is that you just did something wrong with your conversion... the first 512 bytes should suffice...

the problem is that you used hex encoded data... not the raw data (which is the only correct input)
#3
(09-29-2017, 04:35 PM)philsmd Wrote: You just edited your post.... my guess is that you just did something wrong with your conversion... the first 512 bytes should suffice...

the problem is that you used hex encoded data... not the raw data (which is the only correct input)

Thank you for your answer.
You should have already noticed by now that I am a noob ^^ - sorry for that.
I try to get better.

But now I know exactly what went wrong.

Quote:the first 512 bytes should suffice...

I do not think so.
Maybe I again did not understand what you just said with hex, binary, raw or whatever data.

What I did is
--> took my original containers
--> opened them in Hexeditor
--> copied the first 299008 bytes (in Hex!)
--> pasted the Hex-Data with the same Hexeditor into a new file and called it Hash.txt

I did this with all my 4 created containers and used:
Code:
hashcat64.exe -m 13721 -a 3 Hash1.txt mi?l
hashcat64.exe -m 13723 -a 3 Hash2.txt mi?l
hashcat64.exe -m 13731 -a 3 Hash3.txt mi?l
hashcat64.exe -m 13733 -a 3 Hash4.txt mi?l
pause
(I skipped the first two characters due to quicker cracking.)

Then came the success:

Quote:C:\TestAreal>hashcat64.exe -m 13721 -a 3 Hash1.txt mi?l
hashcat (v3.6.0) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1080, 2048/8192 MB allocatable, 20MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
* Uses-64-Bit

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Cracking performance lower than expected? Append -w 3 to the commandline.

Hash1.txt:mic

Session..........: hashcat
Status...........: Cracked
Hash.Type........: VeraCrypt PBKDF2-HMAC-SHA512 + XTS 512 bit
Hash.Target......: Hash1.txt
Time.Started.....: Fri Sep 29 16:39:53 2017 (8 secs)
Time.Estimated...: Fri Sep 29 16:40:01 2017 (0 secs)
Guess.Mask.......: mi?l [3]
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:        0 H/s (0.28ms)
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 26/26 (100.00%)
Rejected.........: 0/26 (0.00%)
Restore.Point....: 0/26 (0.00%)
Candidates.#1....: min -> miq
HWMon.Dev.#1.....: Temp: 53c Fan: 33% Util: 81% Core:2037MHz Mem:4714MHz Bus:16

Started: Fri Sep 29 16:39:51 2017
Stopped: Fri Sep 29 16:40:02 2017

C:\TestAreal>hashcat64.exe -m 13723 -a 3 Hash2.txt mi?l
hashcat (v3.6.0) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1080, 2048/8192 MB allocatable, 20MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
* Uses-64-Bit

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Cracking performance lower than expected? Append -w 3 to the commandline.

Hash2.txt:mic

Session..........: hashcat
Status...........: Cracked
Hash.Type........: VeraCrypt PBKDF2-HMAC-SHA512 + XTS 1536 bit
Hash.Target......: Hash2.txt
Time.Started.....: Fri Sep 29 16:40:09 2017 (22 secs)
Time.Estimated...: Fri Sep 29 16:40:31 2017 (0 secs)
Guess.Mask.......: mi?l [3]
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:        0 H/s (0.64ms)
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 26/26 (100.00%)
Rejected.........: 0/26 (0.00%)
Restore.Point....: 0/26 (0.00%)
Candidates.#1....: min -> miq
HWMon.Dev.#1.....: Temp: 53c Fan: 33% Util: 92% Core:2037MHz Mem:4714MHz Bus:16

Started: Fri Sep 29 16:40:02 2017
Stopped: Fri Sep 29 16:40:32 2017

C:\TestAreal>hashcat64.exe -m 13731 -a 3 Hash3.txt mi?l
hashcat (v3.6.0) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1080, 2048/8192 MB allocatable, 20MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Cracking performance lower than expected? Append -w 3 to the commandline.

Hash3.txt:mic

Session..........: hashcat
Status...........: Cracked
Hash.Type........: VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 512 bit
Hash.Target......: Hash3.txt
Time.Started.....: Fri Sep 29 16:40:34 2017 (25 secs)
Time.Estimated...: Fri Sep 29 16:40:59 2017 (0 secs)
Guess.Mask.......: mi?l [3]
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:        0 H/s (0.74ms)
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 26/26 (100.00%)
Rejected.........: 0/26 (0.00%)
Restore.Point....: 0/26 (0.00%)
Candidates.#1....: min -> miq
HWMon.Dev.#1.....: Temp: 53c Fan: 37% Util: 91% Core:2037MHz Mem:4714MHz Bus:16

Started: Fri Sep 29 16:40:32 2017
Stopped: Fri Sep 29 16:41:00 2017

C:\TestAreal>hashcat64.exe -m 13733 -a 3 Hash4.txt mi?l
hashcat (v3.6.0) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1080, 2048/8192 MB allocatable, 20MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Cracking performance lower than expected? Append -w 3 to the commandline.

Hash4.txt:mic

Session..........: hashcat
Status...........: Cracked
Hash.Type........: VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 1536 bit
Hash.Target......: Hash4.txt
Time.Started.....: Fri Sep 29 16:41:07 2017 (55 secs)
Time.Estimated...: Fri Sep 29 16:42:02 2017 (0 secs)
Guess.Mask.......: mi?l [3]
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:        0 H/s (0.81ms)
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 26/26 (100.00%)
Rejected.........: 0/26 (0.00%)
Restore.Point....: 0/26 (0.00%)
Candidates.#1....: min -> miq
HWMon.Dev.#1.....: Temp: 52c Fan: 33% Util: 93% Core:2037MHz Mem:4714MHz Bus:16

Started: Fri Sep 29 16:41:00 2017
Stopped: Fri Sep 29 16:42:02 2017

C:\TestAreal>pause
Drücken Sie eine beliebige Taste . . .

Do you believe me with the 299008 bytes? Smile
So what about editing the wiki?
#4
512 bytes is correct. (every other size is wrong, the details are explained here: https://hashcat.net/faq#how_do_i_extract...pt_volumes)
(but note: hashcat doesn't give a warning/error if the file is longer and has "valid data" i.e. at least 512 bytes... it will just consider the first 512 bytes)

You should use dd instead of hex editors.

Converting the data to hex is wrong.

I'm pretty sure you are using the wrong file etc (your are mixing Hash.txt with Hash1.txt,Hash2.txt,Hash3.txt,Hash4.txt etc in your command above)

if you have a look at the examples for veracrypt from the example hash wiki page, they all use binary (raw) data... not hex encoded data.
#5
I just cracked a test container with only the first 512 bytes, your doing something wrong if you can't get it to work.

To make things really easy, make a copy of the container, open it in your hex viewer (you should just dd instead but seeing as you like using your hex viewer) and delete everything after the 512th byte and then point hashcat at it.
#6
Ok sorry for my false accusation.
I was just wondering why it worked now with the four containers.
It also worked with all my other containers when I use the first 299008 bytes.
When I delete everything but the first 512 bytes from that file --> it also succeeds.

So yeah. I was wrong 512bytes are enough but it also works with more bytes.
I do not know what I extracted before but now I seem to use the right technique.

There are still problems with special characters though.
I cannot crack passwords with ßÄÖÜäöü.
When I create wordlists in editor or wordpad or notepad++ I can see the right symbols.
In hashcat those symbols are completely modified.
Even when I use "?b" inside a word hashcat can't brute it because the symbol is unknown.

How can I make hashcat understand those symbols ßÄÖÜäöü ?
#7
You need to make sure you save the wordlist with the correct encoding. I guess Veracrypt uses UTF-8 (just a guess).
#8
@undeath:
Thanks I've got it working now with UTF-8 dictionaries.
The special characters in the command line are shown wrong but hashcat can now crack them and put them into the potfile/log where Notepad can read them.

Thanks again!