--truecrypt-keyfiles: more sophisticated attack?
#1
Hello,

I have a TC container from which I have not only forgotten the password but also the keyfiles (and hash/encryption).

Hashcat deals nicely with the first one (by design). The large number of possible hash types can be broken down to three (6213 for all cipher combinations with RIPEMD160, 6223 for all cipher combinations with SHA512 and 6233 for all cipher combinations with Whirlpool).

Only the keyfiles seem to be an issue. Currently I am wrapping a python script around hashcat that loops over all combinations of 3 out of 15 files and on top of that over 6213,6223 and 6233. This takes forever and time is dominated by the call/setup times.

Unfortunately I did not have luck to crack my (own forgotten!) password yet.

Is there any way to create a dictionary out of keyfiles or supply the hashes (I think it's just a cumulative CRC32 for TrueCrypt keyfiles??) as part of the dictionary? I could very easily generate a file containing all possible ~455 file combinations.

Thanks!
Reply