1

Bad news, I lost my VeraCrypt password. (Yes, it was extremely stupid.) Good news I used a self-created formula to build the password. I do this because it makes the password long and complex, but easier for me to remember.

Well, it didn’t work like I had hoped. I ended up going an extended time without needing to use the password, and repeated use at the beginning helps me to remember it. (i.e. I spaced, and forgot to keep it up.)

Here’s what I have. I have 168 pieces of data that could have been used in the password. I narrowed it down to these, combining pieces so there wouldn’t be any repeating parts.

The password is between 22 and 38 characters. I give about a 90% chance I got all the parts. This would give about 14,196 possible choices. (If it chose all possible choices, which shouldn’t be needed with the limit on the size.) I am fairly certain I could do it by hand, but that would be immensely tedious, though I know I could dramatically reduce the number of choices.

While I would love to have this opened right now, I really don’t need to be in a rush. I can be patient. But I believe something automated should do this fairly quickly, even with how long it takes between passwords.

But at this point, I am confused as to what to do. I think setting up the password to be repeatedly tested would be the best option, but I wouldn’t know how to do that, or if there is a tool that would do that for me. I looked into HashCat, and am not sure it’s the right tool for this. Would the file be what I am supposed to supply?

I looked at the source text files for HashCat, and set up a text file with the same information. But I am not sure if it uses each choice once, or if it will build passwords, because that is what I would need.

I used a dual encryption, figuring that was strong enough. I believe I know which one I used, if not it is most likely another one, and unlikely a third. I wouldn’t even know if HashCat works with a double encryption.

If HashCat worked with the main file, 14K possible combinations shouldn’t really take that long if it isn’t encountering the pause.

So, any advice?

ChasteD
  • 11
  • 2
  • I assume you already read: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_do_i_extract_the_hashes_from_veracrypt_volumes ? – Bakuriu Oct 26 '21 at 06:33
  • Any advice about what? This is a long story with lots of elements. What do you want to do? – schroeder Oct 26 '21 at 08:22
  • I want to decrypt the file, and wasn't exactly sure how to go about doing that. Right now I am trying to figure out how to get the top 512 bytes of the file from the link Bakuriu sent. Sorry this was so long but I find if I am not specific people will spend time telling me to do things I already have done. – ChasteD Oct 26 '21 at 08:57
  • @ChasteD I don't get it, you seem to know the partial passphrase, but are you sure about the order of characters? That isn't clear. If you know 90% of the characters but you can't remember the order of the right ones, i doubt you could have reached a 14k number of attempts. If you think you could do it by hand, why don't you write a Python script to automate this? Sure, its not optimal, but its just 14k attempts. Even if it takes you 1 month, its still nothing. – Souza Oct 26 '21 at 12:47
  • https://security.stackexchange.com/questions/30605/brute-forcing-password-to-a-truecrypt-encrypted-file-with-partial-knowledge – shadowbq Oct 26 '21 at 14:59
  • Sorry, I'm 90% sure I have all the "pieces". So I believe I have the passphrase, just not sure how I set it up. I have the basics of coding, but I never really got too deep into it. The closest is Ren'Py which sits on Python, and still learning that. Anything else I learned is getting "rusty". Though seems simple enough. I would probably break it up by combining the possibilities, and deleting anything below 20 characters, or above 45, and anything that doesn't start with the right characters. Then another to test them all out. So I could write the pseudocode. – ChasteD Oct 26 '21 at 16:15
  • @ChasteD This means for example, that you know complete words for sure? This makes it more complicated to use off-the-shelf tools from hashcat only. You can use hashcat permutation Attack, or combinator Attack, but neither will make it easy to have good combinations. You NEED to generate a permutations/combinations dictionary. You can then use hashcat brute force abilities (They can do cascading ciphers) Creating such script in python would be ideal, but you can give a try to wordlist generators (most are written in python nowadays), like: cook wordlist generator; – Souza Oct 26 '21 at 23:06
  • I am pretty sure I know the "words" I used. I just spent time on excel creating a list by merging the words. Turned out my math was off. But the big issue was extracting the first 512K of the file. I don't have the tools, and I am not on linux. I decided to try to see if it would work to bring the file into notepad++, then delete from the end to the beginning until it hit 512K. I worry that is not the right way to do this. I finally got hashcat running, made some adjustments with msi afterburner, but I there aren't any updates to tweak it. – ChasteD Oct 27 '21 at 00:16
  • I encrypted a test file with the password "password", and created a word file that was a bunch of random words, and password. It didn't work, so the 512 byte file (sorry, not 512k) that I am "extracting" isn't working, unfortunately. So I need to figure out how to do that. – ChasteD Oct 27 '21 at 07:12
  • They recommend the dd command from unix/linux. You can use a live version of Linux or instantiate a virtual machine, then extract the data you need: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_do_i_extract_the_hashes_from_truecrypt_volumes I'll give it a try and see if it works – Souza Oct 27 '21 at 12:30
  • I knew about dd, But was hoping I didn't have to deal with the step of creating a Linux setup. But looks like that is the way I will go. I didn't think of a virtual machine though. That's a good idea. Though I could probably install it onto an old hard drive I wiped and plug that into an old computer. – ChasteD Oct 27 '21 at 16:42
  • Ended up taking a break due to external events. But I put Unbuntu ont a USB, but still trying to figure out how to use DD, and how to extract a 512 byte file with it. I did find a comment somewhere else that mentioned using a hex editor, so I tried that with a test file I made, and a list that included the password. I simply removed everything past the 512 byte mark and saved it. But it didn't find the password, which was password. Now I don't know if it was the hex editor, or if I am entering the wrong information into Hashcat. – ChasteD Nov 10 '21 at 07:18

0 Answers0