Please note, this is a STATIC archive of website hashcat.net from October 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: VeraCrypt Decryption [mac OSX]
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello dear community, 

I have a problem and I need your help. I can't get it done for days. 
Hopefully you can help me and this problem can help others who have the same problem. 

I have forgotten my VeraCrypt password and want to recover it. I also know the word combinations, which could help me with the Combinator attack. 

---------------------

Information about the VeraCrypt-File:

Encryption Alg.: AES

Primary Key Size: 256 bits
Secondery key size (XTS mode): 256 bits
PKCS-5 PRF: HMAC-SHA-512
Hidden Volume Protected: no

Information about my operating system and Hashcat:

I am using Mac-Pro and installed hashcat via terminal link (GitHub).

---------------------

Problems:

1st problem: Combinator Attack does not work 
./hashcat -a 1 -m 0 example0.hash mydict2.dict mydict2.dict 

It is executed, but the words in mydict2.dict do not combine.
In mydict2.dict are words (letters, numbers). 

-------

2nd Problem: Brute-force attack 
./hashashcat -m 13721 -a 3 Vera.txt

I saved my VeraCrypt container as Vera. Then I added.txt after Vara, so hashcat recognizes the file (Vera.txt).

Where is the error here?

I would be very happy if you could help me!


Kind regards
(07-13-2018, 07:17 PM)yupa Wrote: [ -> ]It is executed, but the words in mydict2.dict do not combine.
In mydict2.dict are words (letters, numbers). 
How did you determine that?

(07-13-2018, 07:17 PM)yupa Wrote: [ -> ]I saved my VeraCrypt container as Vera. Then I added.txt after Vara, so hashcat recognizes the file (Vera.txt).

First, hashcat does not care about file extensions. Second, you can't just point hashcat to the volume. You have to extract the necessary information from the file. See https://hashcat.net/wiki/doku.php?id=fre...pt_volumes
Third, you're doing a mask attack but are not specifying a mask.