IOS 11 backup HASHCAT
#1
Hello,

i have been working with hashcat since yesterday evening, so not even full 24hrs, and even though i have searched the forums, some of these things go way past my competence and understanding for now.

So, basically, i have a backup from my Iphone, but dont remember the password. I have found the necessary data required for the hashcat to run it. However, when i do run it, i get all these options like pause, bypass, resume, quit etc... 


Since this is ios 11, hashcat said something like no hashes found, but then i changed the version from 11, to 10, and it is working ,however, i am not able to extract the password. I am trying to use bruteforce (3). I would also like to make a dictionary list with a few numbers and words.
Or even better, if i know a list of letters and numbers, is hashcat able to use such a file? like, if i make a list of 15 letters, and a list of 6 numbers, is it possible for hashcat to utilize this in its attack? 
How would one create a list of such letters and numbers, and how would the actual command look like in command prompt?

i am using a windows 10 laptop,64bit with an i7 and Nvidia GTX960M

Thank You for all Your help
#2
Can you please provide some examples of password candidates that would follow your policy?

is it x times letters and y times digit?
how long is the password

It is also worth analyzing if this is feasible at all.
The algorithm used by IOS 11 is quite slow, therefore it is very important to come up with a good strategy and see if it doable at all.

Since it is a slow algorithm (and you can't really run a very large amount of password candidates, because that would be infeasible), it doesn't make much difference if you generate a word list or use -a 3 (note: for fast hashes you always should prefer -a 3 in general... also - but not most importantly - to save disk space) ... but you still need to generate the password candidates wisely and e.g. priorize the ones that are more likely etc.

6 numbers + 15 letters = 21 different characters ... if you are sure that e.g. only letters are at the beginning of the password candidates and the digits only at the end, this would already reduce the keyspace by a lot. If the different characters are positioned randomly (and there are no further restrictions) and the password length is > 7, it might quickly become infeasible even with a large rig of GPUs.


Note: you could also play with -a 3 and --stdout to see (and generate) some password candidates.
#3
Hello and thank You for taking Your time and explaining this to me.

So i have a set of different possible passwords, but none of them really work in itunes.
Maybe because it is really diffuclt for me to try each and every single variation of the password combining capital letteres with numbers etc

So the longest password could be max. 10 digits. And its a combination of letters t,r,k and numbers 8,0,2,5 but it could be also macbook for all i know. So basically, i think i know which letters and numbers are used in the password, but trying several of them didnt really give any result. Perhaps
I can setup a list of possible passwords in a text file, but is hashcat able to at least say if any of those letters belonging to the potential passwords are in fact contained in the password? 
Ie. if i have a password which says apple1983, and i make a dictionary containing words “make, pie, length, 98,612,332”, is hashcat able to say something along these lines: 

Apple1983 - where the individual letter are taken from each word including numbers

Or

*pp**19** - where hashcat found individual actual letters belonging to the real password?

Thanks so much
#4
(10-15-2017, 09:19 PM)punkd9 Wrote: is hashcat able to at least say if any of those letters belonging to the potential passwords are in fact contained in the password?

no, that's impossible.

also, don't do useless full quotes.
#5
(10-15-2017, 09:44 PM)undeath Wrote: also, don't do useless full quotes.

Alright, apologies for the inconvenience. I have edited my previous post and removed the quote, tbh i thought i selected new reply.
Could You please explain as why it is impossible?

So, how would one go with a preset dictinary then? I am new to this and really havent found a post containing a way of structuring an appropriate letter list or word list, so please excuse my ignorance.

Do i just lay them out one underneath other? Or do i make a string separated by commas, or something similar?

Thanks for understanding
#6
(10-15-2017, 10:02 PM)punkd9 Wrote: Could You please explain as why it is impossible?
That's a very fundamental requirement for any cryptographic hash function. If you want to know more: https://en.wikipedia.org/wiki/Cryptograp...h_function

Individual words in a wordlist are separated by a newline.