Veracrypt assistance needed
#1
Hi, I am doing a test with veracrypt 1.21  on a veracrypt volume. I created an encrypted container with standard information, so AES 256, hash sha-512.

The password is : password1
My goal is to retrieve it, as a test.

So i read these topics before asking you the question;
https://hashcat.net/forum/thread-6694-post-35714.html
https://hashcat.net/forum/thread-5699.html
https://hashcat.net/wiki/doku.php?id=fre...pt_volumes

So i used the command on wincyg: dd if=c:/users/mypath/myencryptedfolder of=c:/users/desktop/hash.tc bs=1 skip=65536 count=512

then i ran:

hashcat64.exe -a 3 -m 13711 (also tried with 13712, 13713, 13723, 13751 and 13752) hash.tc

i got an error message, saying Invalid hash


I decrypted my volume, took a memory dump, tried with passware (passware found nothing). I mounted my volume and took a look at my pagefile, i saw a trace about SHA256 + Serpent-Twofish-AES encryption near of my mounted volume... So i think im pretty close, i dont understand why im having that invalid hash error

So, im doing something wrong obviously. What is it?
Reply
#2
okay my bad, the hash file was not in my hashcat folder, it was on desktop, so he didnt find the hash.tc ...

Now i got it running, it says my wordlist or mask is too small. but i used -a 3 so bruteforce, do i really have to input a wordlist .txt ?
Reply
#3
When you use -a 3 you don't need a wordlist. But if you specify an existing file it will be used as a maskfile. That's probably not what you want.
Reply
#4
yeah that's what i tought, but when i go over a single -a 3 with the hash.tc, it tells me thats my wordlist or mask is too small. But i didnt even wrote one.

to do a test, i wrote a .txt file with the good password, then i pointed to that file.
It goes over my password, then it shows 1/1 file proceesed, but 0/1 password found. So probably either my hash is incorrect, either i use the wrong -m (but im pretty sure i tested the 7-8 ones associeted with veracrypt drive)
Reply