Pass for Veracrypt file container, algorithm Twofish-Serpent
Hi guys,

I have a problem: I can't find out my password for a Veracrypt File Container anymore - Nothing new for you, ok..

So the detailed problem:
I use the latest Veracrypt version (Windows) v1.22 64bit. I created a file container, but I used
  • a Password (about 20 chars), consisting of two blocks of numerics and possibly a letter
  • a PIM which is definite 710 (I am sure)
  • a keyfile, which I know definitvely too
  • there is no hidden volume
The algorithm is Twofish-Serpent and the hash is SHA512.

First question: Now, do I have to extract the first 512 bytes of the encrypted file container to a seperate file or the first 1024 bytes to get a hash file? I ask this because Veracrypt Twofisch-Serpent mode is "XTS 1024" as hashcat help says.

Second question: Doeas anybody know a Windows software to move the first 512 (or 1024) bytes of a file to a second file?

Last question: As said in this forum earlier, Veracrypt cracking works exactly like Truecrypt cracking... But why is there a Veracrypt checkbox which says "use old Truecrypt mode" (when mounting a file container) if the method is the same?

Thank you very much for your help,

1. dd (dd.exe) can be used on windows too to extract the bytes
2. you are probably confusing the data length that needs to be decrypted to verify if the password was correct with the key length ("generated" by the key derivation function that uses the password as an input). Furthermore, we are speaking about 1024 bit keys vs 512 bytes of data (= 512 * 8 = 4096 bits), i.e. bits != bytes
3. as you can see from the --help output, hashcat supports various *different* hashing algorithms for veracrypt and truecrypt. Only the "hash extraction" between truecrypt and veracrypt are similar, but the algorithms are not (otherwise there wouldn't be that many different hash modes after all).

btw: I highly recommend that you should create a similar volume/partition with same parameters and experiment on this data (extracting the bytes, recovering the password etc)... it is too easy to make mistakes and therefore you should test with a similar setup and only if you are able to recover the password of that volume for which you know the password, you should move on to the actual partition/volume that you want to crack. This might help you to avoid spending hours cracking a "hash" that is uncrackable just because you didn't extract the data correctly or used the wrong hashcat arguments etc (in general, if the test works, the actual "hash" should crack too if the correct password is in the password candidates list)