correct command line
#11
You do not need to repeately hit the r key. it makes absolutely no sense.

You only need to hit r (for resume) when you hit p (for pause) beforehand.

This means that resuming (r) only makes sense if your hashcat cracking job was paused (p).

Otherwise only hitting enter (or s for status) makes sense.

Why do you hit r ? You should not press r if you do not need to resume hashcat (only if it was paused it makes sense).
Reply
#12
trying to crack this for several days now without succes, is my command ok?

hashcat64.exe -w 4 -m 13721 -p --veracrypt-pim=********-o -outfile=hits.txt MyEncryption.hc dict.txt


im defining -w 4 but the system is still respondible and usable. i believe something is not correct
Reply
#13
bumping op this thread cause im still stuck
Reply
#14
your -p parameter makes no sense. -p makes no sense in combination with veracrypt (and if you use it in other situations you would need to specify the character that must be used as a separator)

I'm also not sure what this means:
--veracrypt-pim=********-o

does this mean that your pim ends with "-o" ? that wouldn't make sense, it must be a number
Reply
#15
please please give me a correct command, i have a worldlist and 3 possible pins

should it be?
hashcat64.exe -w 4 -m 13721 ---veracrypt-pim=******** -outfile=hits.txt MyEncryption.hc dict.txt

cause i tought -o defines the outfile
Reply
#16
You're almost there...just have to define your attack mode and alter your output parameter. I don't think you've actually read anything previous people have suggested. 

Take your time to read the wiki page because it'll explain everything for you and will help you learn its functionality rather than just asking the community for an answer.  Take some responsibility, bumping a thread isn't going to help if you're not listening to begin with.

Heres how hashcat works:

hashcat64.exe [options]... hash|hashfile|hccapxfile [dictionary|mask|directory]...

So if you're not getting anywhere with your hash running you probably don't have your command correct. 

Let's compare:

hashcat64.exe (good)
-w 4  (maxing workload - good)
missing attack mode (-a look it up on the wiki)
-m 13721 (veraCrypt Hash - good)
---veracrypt-pim=******** (too many dashes - bad, wrong syntax)
 -outfile=hits.txt (bad, wrong syntax)
MyEncryption.hc (hashes - good)
dict.txt (wordlist - good)


Just need to tune it up and should be good to go.
Reply
#17
hashcat64.exe -w 4 -a 0 -m 13721 -p -veracrypt-pim=2406 -o hit.txt MyEncryptionP.hc dict.txt

still unsure if i need --veracrypt-pim with two dashes cause the wiki says 2 dashes?...

The tool does run with either on dash and two also

so i made a new volume of 10 mb, put on password on it and a pim,
password is 100% in the dict.txt and pim is specified, recovered 0/1..

running against the original hc file never did the DD,

If someone has some spare time im willing to donate 20 doller for reseach and another 30 doller if its getting cracked, im almost 100% sure that the password is in de dict.txt
Reply
#18
Do not use "-p".
use --veracrypt-pim.

Code:
hashcat64.exe -m 13721 -a 0 -w 4 --veracrypt-pim 2406 -o hit.txt MyEncryptionP.hc dict.txt

I do not understand what you mean by "running against the original hc". If you mean the example hashes from (https://hashcat.net/wiki/doku.php?id=example_hashes)... I don't see any example that uses a pim.

The instruction on how to extract the data correctly for veracrypt is here: https://hashcat.net/wiki/doku.php?id=fre...pt_volumes

I would suggest that you first try to crack the example hash without pim (without the "--veracrypt-pim 2406" parameter), the password is "hashcat" (without quotes).
AFTER that works correctly, you should try to create a new volume (similar to the one you want to crack) with pim and try to crack this.
AFTER everything works you could apply the same steps to the original volume and try to crack the original "hash".
Reply
#19
[quote="philsmd" pid='38279' dateline='1514032324']
Do not use "-p".
use --veracrypt-pim.

Code:
hashcat64.exe -m 13721 -a 0 -w 4 --veracrypt-pim 2406 -o hit.txt MyEncryptionP.hc dict.txt

everybody tells something else, user before post above said:
---veracrypt-pim=******** (too many dashes - bad, wrong syntax)

going to keep trying
Reply
#20
That's not a contradiction.

Both statements are true:
1. 3 dashes are 1 too much
2. 1 dash is 1 dash missing

The only correct number of minus symbols (dashes) before the name of the (long) argument is 2.
Just have a look at the --help output.

It clearly says that the command line parameter is --veracrypt-pim followed by the number
e.g. --veracrypt-pim 2406
Reply