Itunes iOS 12.2 backup password encryption
#1
Dear Ladies and Gentleman,
I try to encrypt an iOS Backup Password Version 12.2


I created an minifest12.2.txt with the itunes_backup2hashcat.pl from philsmd
i started the progress within CMD : 
 
Code:
hashcat64.exe -d 1 manifest12.2.txt -m 14800 -a 3 ?d?d?d?d --force

This is nicely working, what can I try if the password Characters count and type is not known by the enduser ?
So if he don't know which characters he used and even when the length is not known any more

Kind regards, Futschel
Reply
#2
Don't use --force unless you are a developer.

You should run more clever attacks than brute-force. For example dictionary+rules.
Reply
#3
Actually the Intel onboard Card OpenCL Driver is not compatible yet, I need to run it as forced ...

We dont have an clue for the password, it should be numbers.

This night i will try at my AMD Radeon RX480 XFX RX-480P8LFB6 Radeon RX 480 Core Edition 8 GB, GDDR5

The run i wrote above was exhausted, so i need to adjust the values, will now try ?d?d?d?d?d?d?d?d --increment
Reply
#4
Hey everyone, what does the "Approaching final keyspace - workload adjusted" mean for my process ?
Reply
#5
If you know it's just numbers and of no other details a mask attack is probably the best you can do. The "approaching final keyspace" notice is not of particular importance.
Reply
#6
(08-21-2019, 08:07 PM)undeath Wrote: If you know it's just numbers and of no other details a mask attack is probably the best you can do. The "approaching final keyspace" notice is not of particular importance.

Ah okay this sounds quiet good.

I checked the list for windows and AMD Graphicscard
Code:
AMD GPUs on Windows require "AMD Radeon Software Crimson Edition" (15.12 or later)

Code:
it is now Crimson 17.11.4 for AMD RX 480 OpenCL23.20.793.1024
I also have done a clean installation of the driver pack how it is written down in the FAQ

I only get
Code:
Speed.#1.........:        1 H/s (2.98ms) @ Accel:2 Loops:250 Thr:256 Vec:1
is this a problem of the mask attack ?
Reply
#7
What mask are you running? Are you using increment? iTunes uses very slow hashing, but I don't know how many iterations are usually used. Try adding -O -w3
Reply
#8
okay it is this mask
Code:
hashcat64.exe -m 14800 manifest12.2.txt -a 3 ?d?d?d?d?d?d?d?d --increment

i will now try with -O -w3

thx for the parameters. Hopefully it will raise the " H/s"
Reply
#9
With --increment and no lower limit you will see poor performance for short mask lengths. You can try -S in that case.
Reply
#10
Oh Acually he makes speed ;-) at 7 digits its a 69H/s

saddly it seems not to be the solution to recover the password, i mean the only digits search, but I will wait until it is done Smile to see the result.

Else i need to ask me Boss again if he remembers anything of the password if there are letters insideand things like that ...

@undeath: thx for all the help until now !
Reply