Posts: 2
Threads: 1
Joined: Feb 2020
Hello,
I’m new to this forum and hashcat in general and i would apreciate some help. I lost my phone data, but I have a iTunes backup on which I can’t remember the password. I experimented a little bit with hashcat, but i don’t know how to put together the command.
The password may have the first letter in big, and some numbers too maybe, i don,t know how to get this info in a command.
Thank you upfront and sorry for any spelling mistakes, English is not my first language.
Posts: 2,267
Threads: 16
Joined: Feb 2013
Did you use the perl script itunes_backup2hashcat.pl to convert the plist/backup to a "hash" ?
see
https://raw.githubusercontent.com/philsm...hashcat.pl
It's in general not a good idea to "brute-force" slow hash types like itunes.
How long is the password ?
Is the password really random or based on a (set of) words that can be found in a dictionary etc ? Maybe a rule based attack (see
https://hashcat.net/wiki/?id=rule_based_attack) is much more clever and a better strategy (but of course it depends on the randomness and length etc etc).
Posts: 2
Threads: 1
Joined: Feb 2020
Yes I used this. The password is max 9 characters for sure but i can’t remember the exact lenght. Its possible that I put just numbers in or a word with some numbers maybe. I don’t think it’s really random letters. Maybe the password starts with “Ajfon”. The problem is that I don’t know how to start te process with this criterion.
(02-05-2020, 11:44 AM)philsmd Wrote: Did you use the perl script itunes_backup2hashcat.pl to convert the plist/backup to a "hash" ?
see https://raw.githubusercontent.com/philsm...hashcat.pl
It's in general not a good idea to "brute-force" slow hash types like itunes.
How long is the password ?
Is the password really random or based on a (set of) words that can be found in a dictionary etc ? Maybe a rule based attack (see https://hashcat.net/wiki/?id=rule_based_attack) is much more clever and a better strategy (but of course it depends on the randomness and length etc etc).
Posts: 2,267
Threads: 16
Joined: Feb 2013
02-05-2020, 12:41 PM
(This post was last modified: 02-05-2020, 12:41 PM by philsmd.)
Code:
hashcat -m 14800 -w 3 -a 0 -r rules/best64.rule hash.txt rockyou.txt
instead of the best64.rule, you could/should use your own "rules".
instead of rockyou.txt, you could/should use your own (medium to large size) list of words.