06-14-2013, 12:03 AM
[Disclaimer--this is my first foray into password cracking using such an awesome tool, so I'm naïve at most of this. Be gentle.]
My scenario: I have an encrypted container created by a program called MyWinLocker 3 (aka Yo-Safe) in a child exploitation case. My suspect gave me some of his former passwords and I think the keyspace I'm dealing with is about 8 to 10 characters. The password itself is probably in plain English and has a few numbers slapped together. The part I don't understand is whether hashcat can be used to directly attack the encrypted container to find which password allows it to be decrypted. The application developer website claims the app is using AES based encryption, though I don't know in what bit strength.
My question: Can I used hashcat to attack this encrypted container with some known password permutations and have any real chance of succeeding without knowing where a password hash would exist?
The app has a GUI and lets me guess infinitely (it doesn't lock me out,) but being forced to use the GUI and wait a few seconds between each attempt is brutally futile.
Thanks for any and all help and replies!
My scenario: I have an encrypted container created by a program called MyWinLocker 3 (aka Yo-Safe) in a child exploitation case. My suspect gave me some of his former passwords and I think the keyspace I'm dealing with is about 8 to 10 characters. The password itself is probably in plain English and has a few numbers slapped together. The part I don't understand is whether hashcat can be used to directly attack the encrypted container to find which password allows it to be decrypted. The application developer website claims the app is using AES based encryption, though I don't know in what bit strength.
My question: Can I used hashcat to attack this encrypted container with some known password permutations and have any real chance of succeeding without knowing where a password hash would exist?
The app has a GUI and lets me guess infinitely (it doesn't lock me out,) but being forced to use the GUI and wait a few seconds between each attempt is brutally futile.
Thanks for any and all help and replies!