Posts: 6
Threads: 1
Joined: Aug 2019
08-20-2019, 02:01 PM
(This post was last modified: 08-20-2019, 02:05 PM by Futschel.)
Dear Ladies and Gentleman,
I try to encrypt an iOS Backup Password Version 12.2
I created an minifest12.2.txt with the itunes_backup2hashcat.pl from philsmd
i started the progress within CMD :
Code:
hashcat64.exe -d 1 manifest12.2.txt -m 14800 -a 3 ?d?d?d?d --force
This is nicely working, what can I try if the password Characters count and type is not known by the enduser ?
So if he don't know which characters he used and even when the length is not known any more
Kind regards, Futschel
Posts: 2,301
Threads: 11
Joined: Jul 2010
Don't use --force unless you are a developer.
You should run more clever attacks than brute-force. For example dictionary+rules.
Posts: 6
Threads: 1
Joined: Aug 2019
08-20-2019, 03:59 PM
(This post was last modified: 08-21-2019, 09:33 AM by Futschel.)
Actually the Intel onboard Card OpenCL Driver is not compatible yet, I need to run it as forced ...
We dont have an clue for the password, it should be numbers.
This night i will try at my AMD Radeon RX480 XFX RX-480P8LFB6 Radeon RX 480 Core Edition 8 GB, GDDR5
The run i wrote above was exhausted, so i need to adjust the values, will now try ?d?d?d?d?d?d?d?d --increment
Posts: 6
Threads: 1
Joined: Aug 2019
Hey everyone, what does the "Approaching final keyspace - workload adjusted" mean for my process ?
Posts: 2,301
Threads: 11
Joined: Jul 2010
08-21-2019, 08:07 PM
(This post was last modified: 08-21-2019, 08:07 PM by undeath.)
If you know it's just numbers and of no other details a mask attack is probably the best you can do. The "approaching final keyspace" notice is not of particular importance.
Posts: 6
Threads: 1
Joined: Aug 2019
08-21-2019, 09:24 PM
(This post was last modified: 08-21-2019, 09:26 PM by Futschel.)
(08-21-2019, 08:07 PM)undeath Wrote: If you know it's just numbers and of no other details a mask attack is probably the best you can do. The "approaching final keyspace" notice is not of particular importance.
Ah okay this sounds quiet good.
I checked the list for windows and AMD Graphicscard
Code:
AMD GPUs on Windows require "AMD Radeon Software Crimson Edition" (15.12 or later)
Code:
it is now Crimson 17.11.4 for AMD RX 480 OpenCL23.20.793.1024
I also have done a clean installation of the driver pack how it is written down in the
FAQ
I only get
Code:
Speed.#1.........: 1 H/s (2.98ms) @ Accel:2 Loops:250 Thr:256 Vec:1
is this a problem of the mask attack ?
Posts: 2,301
Threads: 11
Joined: Jul 2010
What mask are you running? Are you using increment? iTunes uses very slow hashing, but I don't know how many iterations are usually used. Try adding -O -w3
Posts: 6
Threads: 1
Joined: Aug 2019
08-21-2019, 09:49 PM
(This post was last modified: 08-21-2019, 09:52 PM by Futschel.)
okay it is this mask
Code:
hashcat64.exe -m 14800 manifest12.2.txt -a 3 ?d?d?d?d?d?d?d?d --increment
i will now try with -O -w3
thx for the parameters. Hopefully it will raise the " H/s"
Posts: 2,301
Threads: 11
Joined: Jul 2010
With --increment and no lower limit you will see poor performance for short mask lengths. You can try -S in that case.
Posts: 6
Threads: 1
Joined: Aug 2019
Oh Acually he makes speed ;-) at 7 digits its a 69H/s
saddly it seems not to be the solution to recover the password, i mean the only digits search, but I will wait until it is done
to see the result.
Else i need to ask me Boss again if he remembers anything of the password if there are letters insideand things like that ...
@undeath: thx for all the help until now !
