06-30-2020, 03:14 PM
Hi everyone,
I am completely new at this so please forgive me if what I ask seems trivial.
I have been trying to use hashcat to retrieve the password of a simple veracrypt folder I created and forgot.
I have an idea of the phrase and numbers I used and there is a finite number of permutations to it so I think it will be a fairly simple task to get it once I manage to figure out how to use hashcat.
I have two questions really:
First question:
How can I get the first 512 bytes of the hash [b]of the file in question in binary form?[/b]
My main problem at the moment is that I can't figure out how to get the hash of the folder/file. I have read everything I could find but still can't figure this out and I have no programming experience.
I understand that the correct way to do this is to get the first 512 bytes of the file. If I understand correctly, veracrypt hashes should be quoted in binary form instead of hex. The quote from the FAQ if Hashcat says "In all other cases (files, non-booting partitions) you need the first 512 Bytes of the file or partition."
From there on, I have no idea how to begin. I am trying to do this from a machine running Windows 10. I have tried to use powershell to get the hash but can't figure out how to get the first 512 bytes of the file or how to get or to return the hash in binary form.
All explanations of how to extract this refer to DD. I downloaded DD for windows to try and do that (http://www.chrysocome.net/dd). But I have no idea what the syntax of the command to get the correct hash should be. I am not even sure if the DD I downloaded is the correct one.
Second question:
Are my thinking and syntax (for hashcat) correct for getting back my password once I have figured out the correct hash?
I created the veracrypt folder so I know its encryption is "13721 | VeraCrypt SHA512 + XTS 512 bit".
My plan once I figure out how to extract the correct hash code is to use the following command in hashcat:
(I will be doing this through command prompt in Windows 10)
hashcat.exe -m 13721 -a 1 C:\Hash1.txt C:\Wordlist1.txt C:\Wordlist2.txt
C:\Hash1.txt - This is the text file where I will paste the hashcode of the veracrypt folder (once I figure out how to extract it).
C:\Wordlist1.txt - This is the text file where I will place the list of words, numbers, and characters I know I used in the password
C:\Wordlist2.txt – This is just another copy of the same word list, as above, as I do not remember the order in which I combined the words.
If I got this right, the -a 1 command is for a combinator attack which will try different combination of all the words, numbers, characters etc. from the two lists.
Please forgive my ignorance.
Any help and guidance would be GREATLY appreciated.
Thanks for your help!
I am completely new at this so please forgive me if what I ask seems trivial.
I have been trying to use hashcat to retrieve the password of a simple veracrypt folder I created and forgot.
I have an idea of the phrase and numbers I used and there is a finite number of permutations to it so I think it will be a fairly simple task to get it once I manage to figure out how to use hashcat.
I have two questions really:
First question:
How can I get the first 512 bytes of the hash [b]of the file in question in binary form?[/b]
My main problem at the moment is that I can't figure out how to get the hash of the folder/file. I have read everything I could find but still can't figure this out and I have no programming experience.
I understand that the correct way to do this is to get the first 512 bytes of the file. If I understand correctly, veracrypt hashes should be quoted in binary form instead of hex. The quote from the FAQ if Hashcat says "In all other cases (files, non-booting partitions) you need the first 512 Bytes of the file or partition."
From there on, I have no idea how to begin. I am trying to do this from a machine running Windows 10. I have tried to use powershell to get the hash but can't figure out how to get the first 512 bytes of the file or how to get or to return the hash in binary form.
All explanations of how to extract this refer to DD. I downloaded DD for windows to try and do that (http://www.chrysocome.net/dd). But I have no idea what the syntax of the command to get the correct hash should be. I am not even sure if the DD I downloaded is the correct one.
Second question:
Are my thinking and syntax (for hashcat) correct for getting back my password once I have figured out the correct hash?
I created the veracrypt folder so I know its encryption is "13721 | VeraCrypt SHA512 + XTS 512 bit".
My plan once I figure out how to extract the correct hash code is to use the following command in hashcat:
(I will be doing this through command prompt in Windows 10)
hashcat.exe -m 13721 -a 1 C:\Hash1.txt C:\Wordlist1.txt C:\Wordlist2.txt
C:\Hash1.txt - This is the text file where I will paste the hashcode of the veracrypt folder (once I figure out how to extract it).
C:\Wordlist1.txt - This is the text file where I will place the list of words, numbers, and characters I know I used in the password
C:\Wordlist2.txt – This is just another copy of the same word list, as above, as I do not remember the order in which I combined the words.
If I got this right, the -a 1 command is for a combinator attack which will try different combination of all the words, numbers, characters etc. from the two lists.
Please forgive my ignorance.
Any help and guidance would be GREATLY appreciated.
Thanks for your help!