Posts: 6
Threads: 1
Joined: May 2020
Hi,
I created a hidden File in 2010. I always thought I would never forget my password, but I learned this could happen :-).
Now I'm curious what's on this file, it appears like some kind of Time capsule from recent to my future me.
It has always fascinated me how encryption and things like this worked, those tings evolved from Cesar's time till now — but Unfortunately my Skills in using tools like hashcat are not so great, so I'm asking you if you know where to find a step-by-step tutorial how to proceed in brute forcing my vault.
So Guys Please excuse the question asked on such a low level, but thanks for any help!
Best Regards.
3di
Posts: 53
Threads: 18
Joined: Jun 2018
05-31-2020, 04:06 AM
(This post was last modified: 05-31-2020, 04:10 AM by pbies.)
There are two ways:
1. Dictionary - so you should have text file with list of passwords, one for each line, and use command:
Code: hashcat64 -m CODE -a 0 -w 3 container_filename.tc password_dict.txt
Where CODE is one of these: 6211, 6221, 6231, 6241, 6212, 6222, 6232, 6242, 6213, 6223, 6233, 6243
Code depends on the encryption used to create container.
2. Brute force:
Code: hashcat64 -m CODE -a 3 -w 3 --session myses --increment-min=1 -i container_filename.tc mask
Where CODE is one of the above, myses is the session to restore later if you stop the attack, and mask can be:
?b?b?b?b... which is all ASCII characters and you choose how long could be the password by adding ?b
?d... digits
?s... symbols
Posts: 2,267
Threads: 16
Joined: Feb 2013
05-31-2020, 08:46 AM
(This post was last modified: 05-31-2020, 08:48 AM by philsmd.)
yeah, in the help output:
you will see all the TrueCrypt hash types (several variants depending on bit length and hash used + variants for boot volumes)
BTW: the 1536 bit can be used to crack 512 bit, 1024 bit and 1536 bit encryption... Therefore it's kind of a "catch-all" for a specific hashing variant, if you do not know the bit length (this reduces the possibilities to boot volumes, RIPEMD160 hashing, SHA512 hashing or to the WHIRLPOOL hashing algorithm (3 variants + boot volume, and it's easy to see if an encrypted disk is showing the TrueCrypt boot loader normally... so normally either 1 or 3 possibilites... if you know the hashing algo for sure, it's even easier to chose).
Instead of only dictionary attack (without rules) or mask attack ("brute-force") which (the latter) is very difficult to do with slow hash types like TrueCrypt, I would recommend rule based attacks:
https://hashcat.net/wiki/doku.php?id=rule_based_attack
a medium set of good password candidates (just a few thousands or tens/hundred of thousands) with some very well working (efficient in terms of cracking ratio) rules:
Code: hashcat -m 6213 -a 0 -w 3 -r my_custom.rules my_tc.dump my_custom.dict
BTW: if you are unsure how to extract my_tc_dump, just have a look here:
https://hashcat.net/wiki/doku.php?id=fre...pt_volumes
It will explain how to extract the bytes needed from the volume/container/file/disk (dd.exe also exists for windows, on linux/macOS dd is either already installed or can be installed via package managers apt/brew)
... and the best advice at the end: always try to make backups and save your data before messing around... but then also try to make a test disk similar to your other/old disk with a known password and try to test everything (including extraction of the needed bytes, the cracking with rules etc) with this new example TrueCrypt volume
Posts: 6
Threads: 1
Joined: May 2020
06-04-2020, 10:46 PM
(This post was last modified: 06-04-2020, 11:04 PM by 3di.)
Hi Guys,
thanks for your detailed explanations, i didn’t expect so much information in the first run – so thanks again 😊.
I read and tried for several days, but now I'm not over getting some error messages.
I learned (at least it's a little) - I have an encrypted Container with a hidden volume (not an encrypted drive) so some steps for me are a little different here
- I had a rough idea what the password could have been, but i already tried several runs using OTFBrutus with no luck -> so I think I have to choose a brute force attack
My Questions at the moment- What I am not aware at the moment, shall I drive the attack against the whole container (about 200GB, most of it’ll be empty) or should I use the first 512byte Method?
- If so, how do I get it using dd (I downloaded an application chrysocome.net/dd), I'm not sure about the encryption, i used when creating the container. The example in Help looks like this:
Code: dd if=hashcat_ripemd160_AES_hidden.raw of=hashcat_ripemd160_AES_hidden.tc bs=1 skip=65536 count=512
- How should i look like if the container is place on "D:\MyDir\sich_123" shall hashcat run from same (MyDir) folder?
- Shall I change "container_filename.tc" to "D:\MyDir\sich_123"?
- If I run Hashcat, how should my code look like, estimated Password might have been something like "hiddendatasave1245", i don't know the exact count of letters.
- Also here i don't know which typ of encription i chose back then, i just remember those where a cascade of three. So code 6213?
Code: hashcat64 -m CODE -a 3 -w 3 --session myses --increment-min=1 -i container_filename.tc mask ?b?b?b?b?b?b?b?b
- And at least, where do I get a my_custom.dict?
I had no idea how complex it will be to crack my Container, but now I have already gone so far, I think i shouldn't give up :-)
Best Regards, and thanks for your help so far.
3di
Posts: 6
Threads: 1
Joined: May 2020
Hi,
(05-31-2020, 08:46 AM)philsmd Wrote: you will see all the TrueCrypt hash types.........
(05-31-2020, 04:06 AM)pbies Wrote: There are two ways............
Could you please have a look?
I'm dying from trying with no luck.
Thanks
Best Regards!
3di
Posts: 2,267
Threads: 16
Joined: Feb 2013
just one simple thing you could and should do. create a similar container with known password (it could be similar to the one you are trying to crack, just remember always that this is just a test and your target container and hash should be backuped and not confused with this example run) and try to crack it. You will see exactly how the extraction and cracking works by following the steps in the FAQ and trying to crack it with the 1536 bit options.
If you do not know the hashing algorithm, you would need to try cracking the extracted bytes with all the 1536 bits variations for TrueCrypt. one after the other
The custom dict is just a list of password you come up with, one password per line. In the case of the example hash from https://hashcat.net/wiki/example_hashes it would need to contain (one of the many lines of the custom dictionary file) the password: hashcat
Posts: 6
Threads: 1
Joined: May 2020
(06-15-2020, 08:52 AM)philsmd Wrote: just one ....
Thanks a lot, I'm now able to run the attack.
First i tried to bruteforce crack the a sample hash with a ?b?b... mask. Unfortunately it told me it'll take longer than 10 years. Same for my Truecrypt Archive.
How could i optimize, the topic in faq didn't help me?
Code: hashcat64 -m 6233 -a 3 -w 3 --session myses --increment-min=1 -i "D:\Meins\Hash\hashcat_whirlpool_twofish-serpent.tc" ?b?b?b?b?b?b?b
Code: The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework
Approaching final keyspace - workload adjusted.
Code: Session..........: myses
Status...........: Bypass
Hash.Type........: TrueCrypt PBKDF2-HMAC-Whirlpool + XTS 1536 bit
Hash.Target......: D:\Meins\Hash\hashcat_whirlpool_twofish-serpent.tc
Time.Started.....: Thu Jun 18 12:12:50 2020 (5 secs)
Time.Estimated...: Next Big Bang (> 10 years)
Guess.Mask.......: ?b?b?b?b?b?b?b [7]
Guess.Queue......: 7/7 (100.00%)
Speed.#1.........: 5456 H/s (67.88ms) @ Accel:16 Loops:7 Thr:256 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0/72057594037927936 (0.00%)
Rejected.........: 0/0 (0.00%)
Restore.Point....: 0/281474976710656 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:420-427
Candidates.#1....: $HEX[73617269657269] -> $HEX[73ffcf81d8a761]
Hardware.Mon.#1..: Temp: 65c Fan: 32% Util:100% Core:1316MHz Mem:3004MHz Bus:16
Thanks again!
Regards 3di
Posts: 2,267
Threads: 16
Joined: Feb 2013
What do you mean by "I'm now able to run the attack" ?
Are you able to crack hashes that you have generated as a test ? Did you try to crack the example hash from https://hashcat.net/wiki/example_hashes ?
I don't think brute-force is a good strategy here. I would suggest to use dictionary-based or rule-based attacks with slow hashes like TrueCrypt. It's a much more clever in most of the cases, except from some minor special cases e.g. if the password was generated randomly (for instance by a password manager) and is known to be random chars.
see https://hashcat.net/wiki/doku.php?id=rule_based_attack and the examples with -a 0 -r from above. You would need to come up with a good list of candidate passwords that you use as you dictionary and a couple of rules that mangle the passwords in the dictionary
Posts: 6
Threads: 1
Joined: May 2020
Hi philsmd,
Thanks for your reply!
(06-18-2020, 12:50 PM)philsmd Wrote: What do you mean by "I'm now able to run the attack" ?
Are you able to crack hashes that you have generated as a test ? Did you try to crack the example hash from https://hashcat.net/wiki/example_hashes ?
I tried to breakt the sample Hash (TrueCrypt 5.0+ Whirlpool + Twofish-Serpent, PW: hashcat) via Bruteforce but unfortunately it didn't solve it, hashcat told me "Time.Estimated...: Next Big Bang (> 10 years)" and i gave up waiting after 24h as the calculationg time didn't drop below that.
The Password "hashcat" is 8 digits, mine was about 18 digits, so it might take 4-5 Next Big Bangs :-).
(06-18-2020, 12:50 PM)philsmd Wrote: I don't think brute-force is a good strategy here. I would suggest to use dictionary-based or rule-based attacks with slow hashes like TrueCrypt. It's a much more clever in most of the cases, except from some minor special cases e.g. if the password was generated randomly (for instance by a password manager) and is known to be random chars.
see https://hashcat.net/wiki/doku.php?id=rule_based_attack and the examples with -a 0 -r from above. You would need to come up with a good list of candidate passwords that you use as you dictionary and a couple of rules that mangle the passwords in the dictionary
Maybe I'll try this for the next run, unfortunately i already tried thousands of passwords and iterations of it via an other tool (OTFBrutus). I wasn't expecting this long calculating times, is there something wrong, or do i have to deal with it as its part of truecrypts security?
Best Regards und Thanks!
3di
Posts: 2,301
Threads: 11
Joined: Jul 2010
If your password is truely 18 chars and you don't remember anything useful about it, give up.
|