LUKS encryption with external header file

[d7volker]

Hi,

in the past I used a external header for full disk encryption. That means I have the header already available. But when I start hashcat I got the following:

d7v@nano:~/src/hashcat$ hashcat -a 3 -m 14600 ./xheader.img
hashcat (v6.1.1) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
CUDA API (CUDA 10.2)
====================
* Device #1: NVIDIA Tegra X1, 2475/3964 MB, 1MCU

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

Hashfile './xheader.img': Disabled LUKS key detected
No hashes loaded.

Started: Mon Feb 15 15:18:43 2021
Stopped: Mon Feb 15 15:18:43 2021


Any ideas about the error?

My header file looks as the following:

d7v@nano:~/src/hashcat$ file xheader.img
xheader.img: LUKS encrypted file, ver 1 [aes, xts-plain64, sha512] UUID: e205e22c-f4bc-4555-a17d-d8440db7e1b6

d7v@nano:~/src/hashcat$ cryptsetup luksDump  --key-file - xheader.img
LUKS header information for xheader.img

Version:        1
Cipher name:    aes
Cipher mode:    xts-plain64
Hash spec:      sha512
Payload offset: 4096
MK bits:        512
MK digest:      c1 d1 92 50 ae 05 b4 1c 20 70 72 9b e2 00 31 96 b4 f0 40 fc
MK salt:        5b d2 5b 40 1a 9f be d3 b1 3a 3d 1b 48 10 2b 12
                2f 27 ee c0 f6 c3 90 9f f5 c2 a6 aa e9 b6 c7 24
MK iterations:  341250
UUID:          e205e22c-f4bc-4555-a17d-d8440db7e1b6

Key Slot 0: ENABLED
        Iterations:            2727029
        Salt:                  6c 61 ca 9d 89 ec 0e 19 6c 17 68 46 ff ce 28 b6
                                1c a1 85 d1 1f 9a c0 08 d9 a7 28 83 41 7f 1d e5
        Key material offset:    8
        AF stripes:            4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED



Thank You!
Volker

[d7volker]

It seems to be impossible to do this with hashcat, as it doesn't support external LUKS headers.

My header is 2097152 bytes long, if I pad the header to 2097664 bytes, hashcat does run on it, but it didn't find the password. I know the password, it was just a test case.

If I extract the header out of the disk it works. But this doesn't help me, because I need to get it working with the original header which I created in a file some time ago.

What needs to be done in hashcat that it recognized the external header?

[d7volker]

I made test. I created a header exactly like I did it 2 years ago. My header was created like this:

# truncate -s 2M xheader.img
# cryptsetup luksFormat /dev/sda --hash=sha512 --key-size=512 --align-payload 4096 --header xheader.img

.... password is: test

# ls -l xheader.img
-rw-r--r-- 1 root root 2097152 Feb 15 20:59 xheader.img

Then I padded the file to 2097664 bytes:

# truncate -s 2097664 xheader
# ls -ltr xheader
-rw-rw-r-- 1 root root 2097664 Feb 15 21:08 xheader

Then hashcat:

# hashcat -a 3 -m 14600 xheader.img test -o out
hashcat (v6.1.1) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
CUDA API (CUDA 10.2)
====================
* Device #1: NVIDIA Tegra X1, 1850/3964 MB, 1MCU

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers applied:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
* Slow-Hash-SIMD-LOOP

Watchdog: Hardware monitoring interface not found on your system.
Watchdog: Temperature abort trigger disabled.

Host memory required for this attack: 81 MB

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Name........: LUKS
Hash.Target......: xheader.img
Time.Started.....: Mon Feb 15 20:51:52 2021 (1 min, 13 secs)
Time.Estimated...: Mon Feb 15 20:53:05 2021 (0 secs)
Guess.Mask.......: test [4]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:        0 H/s (1.65ms) @ Accel:16 Loops:64 Thr:64 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 1/1 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:2726976-2727028
Candidates.#1....: test -> test

Started: Mon Feb 15 20:51:47 2021
Stopped: Mon Feb 15 20:53:06 2021




I am asking myself if I did something wrong. Any help is appreciated.

Thank you,
Volker

[d7volker]

It seems to work when I write a filesystem on the device.

Now, I have another problem - my original disk is full encrypted. Tomorrow I try to merge the header file with data from the disk. However I think the first header is a header from a volume group instead of a filesystem.

[dekao]

Can you tell how you created the header file? I always get invalid LUKS identifier or Device not a valid LUKS device.

[Alcanjp]

I have the same problem with a test file that I know the password:

Hashfile 'Luks_Partition_500gb.dd': Disabled LUKS key detected

No hashes loaded.

I extracted the header with this

sudo dd if=Luks_Partition_500gb.001 of=LUKS_Header.dd bs=512 count=4079

Hashfile 'paddedLuks_Partition_500gb.dd': Invalid LUKS identifier
No hashes loaded.

I padded it and now I get this

And the password was not found in the dictionary that I KNOW is this one since it was a TEST

Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 14600 (LUKS)
Hash.Target......: paddedLuks_Partition_500gb.dd
Time.Started.....: Wed Mar 30 08:28:06 2022 (6 secs)
Time.Estimated...: Wed Mar 30 08:28:12 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (Dictionary.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 0 H/s (0.42ms) @ Accel:128 Loops:256 Thr:1 Vec:8
Recovered........: 0/1 (0.00%) Digests
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 1/1 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:2216704-2216861
Candidate.Engine.: Device Generator
Candidates.#1....: Known Password -> Known Password
Hardware.Mon.#1..: Temp: 42c Util: 12%


The problem is that I have a real issue where I want to crack the password and It may not work because of this....


What is the issue?

[Alcanjp]

Someone pointed out this https://hashcat.net/forum/thread-6225.html
But it does not make sense!

[Alcanjp]

Found the issue it was this
sudo dd if=test_Luks_Partition.001 of=test_Luks_Partition.dd bs=512 count=4079
Changed it to
dd if=/dev/sda1 of=header.luks bs=512 count=4097
Cracked!! Hope it helps