Hash of veracrypt file
#1
Hey all,

I've spent quite a few hours this evening trying to do this myself, but I think I'm in over my head.

Long story short, I have a veracrypt (.hc) file from years ago that I'd like to get in to, and I remember enough of the password to generate a list of <350 passwords (a few o or 0, e or 3 permutations in a 30+ character password). I thought I'd extracted the first 512 bytes correctly using dd for windows, and tried again with a hex editor to extract the 01 0A 2F format and the symbol format, and I've run the password list against all three hash files using various 137XY combos hoping I got one of them right. However, every attempt comes back exhausted.

Code:
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: VeraCrypt PBKDF2-HMAC-SHA512 + XTS 1536 bit
Hash.Target......: hc3.hash
Time.Started.....: Thu Apr 05 22:34:08 2018 (1 min, 3 secs)
Time.Estimated...: Thu Apr 05 22:35:11 2018 (0 secs)
Guess.Base.......: File (test.dict)
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:        6 H/s (0.39ms) @ Accel:16 Loops:4 Thr:512 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 351/351 (100.00%)
Rejected.........: 0/351 (0.00%)
Restore.Point....: 351/351 (100.00%)
Candidates.#1....: Th!s is N0t the P@ssw0rd ->
HWMon.Dev.#1.....: Temp: 51c Util: 80% Core:1189MHz Mem:2505MHz Bus:16

Started: Thu Apr 05 22:32:41 2018
Stopped: Thu Apr 05 22:35:12 2018

Is there a sure-file way to extract the hash that I couldn't possibly screw up?

This is my starting code
Code:
hashcat64.exe -m 13723 hc3.hash test.dict
with different last two digits. If I got the hash correctly, then I can figure out areas where I may mis-remember my old password more than I thought and would likely be able to double or quadruple the list file.

Any help would be appreciated.
#2
To make sure you are correctly extracting the needed data create a new container with a known password and try to crack that one.
#3
My test worked, so I redid the hash anyway but no dice. Guess I don't remember the password as well as I had thought! Thanks for the suggestion.
#4
hey man, not an expert but maybe this will help:

it sounds like you know some of the password, and have come up with some variations that cover most cases and you now also need to tack on a couple digits? (you said with different last two digits, which may also refer to the -m switch, correct me if I'm wrong)

If so, what you want is a hybrid attack with a mask. This basically takes a left or right hand side and appends a mask (mask being a group of characters to combine in all possible combinations).

`hashcat64.exe -m XXXXX -a 7 yourhash.dd test.dict ?a?a`

this command would append two characters of any type to each entry in the dictionary (I believe). You can look up hybrid + mask attacks in the docs for more details.

Another alternative, if you know the basic 30 characters but not all the variations you may have used (3 for e etc), then consider looking at the LeetSpeak rule. This does exactly that to a wordlist, substituting characters for their variants (l for 1 etc).

Good luck!