Need help on cracking veracrypt hidden partition
#1
Hello everyone,

I am totally new to using hashcat and even to the 'password cracking' world and I have zero knowledge on using this kind of software. But I am posting this since I have got an encrypted, hidden veracrypt partition on an external hard drive created a while ago and I forgot the password, however I do remember phrases included in the password, but I forgot the combination of them (e.g. I remember the password including the phrases aaa,bbb,ccc but forgot whether it is aaabbbccc or aaacccbbb or sth else like that).

So I am trying to use hashcat to crack the password. This (https://hashcat.net/wiki/doku.php?id=fre...pt_volumes) seems to indicate that I will have to first 'extract' hashes from the hidden volume (pls correct me if I am wrong). This command (dd if=hashcat_ripemd160_AES_hidden.raw of=hashcat_ripemd160_AES_hidden.tc bs=1 skip=65536 count=512) posted there seems to allow me to 'extract' hashes from the hidden volume but the command doesnt seem to allow dd to read from the hidden partition. Can anyone kindly tell me how to do so?


Once the hash is extracted, is there any way to tell hashcat to try different combination from the 'password fragments' that I remember to crack the password?

Thanks a lot for the help
#2
I'm not sure what you mean by "the command doesnt seem to allow dd to read from the hidden partition". That's exactly what the command does, extracting the KDF data for the hidden partition. That's all you need to crack the password.

To combine your words you can use princeprocessor.

To verify your approach it is recommended however to first create a new volume with a known password and trying to crack that. If you succeed with doing that move on to your actual target.
#3
[update]: undeath was once again faster to answer the questions. he of course gives very good advice so read his suggestions too. I will leave my reply here anyways, maybe it adds just a little bit more info here and there to be worth keeping it. probably not because his answers are always on point Smile

I'm not sure what you mean by "the command doesnt seem to allow dd to read from the hidden partition".

dd is able to read any bytes that are available on disks.

If you mean that your operating system doesn't allow reading with unpriviledged user accounts, then you probably need to be an administrator etc.

What operating system do you use ? windows ? if you really have problems with the dd.exe tool, you could always try to use a linux live cd/iso/image and use the dd with sudo etc.

regarding your second question about how to use different attacks with hashcat, hashcat has a -a (or long --attack-mode) option (read the output of hashcat --help and/or faq/wiki) with whch you can try different attacks.
if your list of password candidates is quite small, you could precompute them and use a "simple" dictionary attack (-a 0 without rules), but as soon as the dictionary would be several MB/GB I would suggest using -a 1 / -a 6 / -a 7 or -a 0 together with rules (-r).

It all depends on your password pattern.

If you are sure that it's exactly 3 dicts combined (dict1.txt containing the aaa passwords, dict2.txt containing the bbb passwords and dict3 containing the ccc passwords) and you know that they do not overlap and the password can't be aaaaaabbb or ccccccccc etc, you could use combinator3 from hashcat-utils to pre-compute the dicts or use somethng like this:

update2: [added / corrected the combinator3 commands, dicts do not overlap, no common words]
Code:
combinator3.bin dict1.txt dict2.txt dict3.txt  > dict.txt
combinator3.bin dict1.txt dict3.txt dict2.txt >> dict.txt
combinator3.bin dict2.txt dict1.txt dict3.txt >> dict.txt
combinator3.bin dict2.txt dict3.txt dict1.txt >> dict.txt
combinator3.bin dict3.txt dict1.txt dict2.txt >> dict.txt
combinator3.bin dict3.txt dict2.txt dict1.txt >> dict.txt

if you want to allow the same password occuring multiple times i.e. with overlaps in the dicts, like aaaaaaaaa:

Code:
hashcat --stdout -a 1 -o dict1_and_dict2.txt dict.txt dict.txt
to pre-compute a concatenated dict (dict1_and_dict2.txt) and save it on disk and afterwards run hashcat like this:
Code:
hashcat -m 137xy -w 3 -a 1 hashcat_ripemd160_AES_hidden.tc dict1_and_dict2.txt dict.txt

where 137XY needs to be adjusted depending on your VeraCrypt settings (for instance -m 13711 for VeraCrypt ripemd160 and 512 bit AES)
#4
(12-31-2018, 11:49 AM)undeath Wrote: I'm not sure what you mean by "the command doesnt seem to allow dd to read from the hidden partition". That's exactly what the command does, extracting the KDF data for the hidden partition. That's all you need to crack the password.

To combine your words you can use princeprocessor.

To verify your approach it is recommended however to first create a new volume with a known password and trying to crack that. If you succeed with doing that move on to your actual target.
Thanks a lot for the reply
So this 'if=hashcat_ripemd160_AES_hidden.raw' allows dd to read from the hidden partition while this 'of=hashcat_ripemd160_AES_hidden.tc' is the output of the hash file? 
#5
yes, that's how dd works. if = input file, of = output file