Brute-Force VeraCrypt Encryption
What’s good y’all?
In this episode we’ll take a look at brute-forcing a VeraCrypt container using Hashcat.
For starters I want to say that I’m a huge VeraCrypt fan and use it all the time, for a long time. Long enough to remember when it was, originally, called TrueCrypt before the project was abandoned.
I caught myself thinking: how long would it actually take to brute-force specific password masks? That’s when I decided to put it to the test using Hashcat and an operating system equipped with a graphics card.
Let’s find out! 🙂
Extracting VeraCrypt Hash
For this tutorial we’ll be using a standard VeraCrypt container along with the default encryption and hash algorithms. I’ll provide the links with instructions for a hidden volume and a boot volume as well below.
So assuming you have a standard container set up, we have to extract the encrypted key.
In this case, it will be the first 512 bytes of the container file. We’ll use dd command to extract it:
dd.exe if=..\encrypted\target of=..\encrypted\target_hash.tc bs=512 count=1
You’ll notice I’m running it under Windows (.exe) so that I can do the whole process in one shot. For this I had to download dd for Windows. If you are using Linux then you should already have dd in there by default.
In the command above we specify the input file (if=), then the output file (of=), number of bytes to read (512) and the count which is 1 — number of times it should read the amount of bytes specified.
The result is we should have a file called: target_hash.tc (this is the encrypted key we’ll decrypt)
If you are looking for instructions for a hidden or boot volume, check this link: Hashcat – VeraCrypt.
Brute-Forcing Using Hashcat
Now that we have the hash, let’s get to cracking!
Make sure you’ve downloaded hashcat and extracted it to a safe location. Note that it should already be included with Kali Linux, Parrot and pretty much every other security-based Linux distro – although the GPU drivers, not so much.
If you’re unfamiliar with hashcat, its an advanced “password recovery” tool. 😉
Advanced in the sense that you can use CPU, GPU, pool computers together over the network and much more.
Anyway, let’s say we encrypted our container with a 4 digit numeric password, we’d run the following command:
hashcat.exe -a 3 -w 1 -m 13721 hash.tc ?d?d?d?d
Let’s break it down:
- -a 3 is the attack mode for brute-force/mask
- -w 1 is the workload profile (where 1 is low profile and 4 is the max)
- -m 13721 is the specific mode for cracking VeraCrypt’s SHA 512 bytes encryption
- hash.tc is the hash we generated in the step before
- ?d?d?d?d is the mask (where ?d represents a numeric value 0-9)
Another option would be to use a wordlist, like so:
hashcat.exe -w 1 -m 13721 hash.tc wordlist.txt
Pretty much all parameters are the same, with the exception that we have to provide a wordlist file.
In my computer I was able to decrypt the 4 digit numeric password in about 4 minutes – although to be fair, I have quite an old graphics card at this point (Radeon 580, 8GB) – which is still a reasonable timeframe.
Hope y’all enjoyed the tutorial, ’til next time!
I was having issues with “dd for windows”, I kept running the dd.exe to no avail. After considerable effort I opened up Windows\System32 on a Win7 and a Win10 machine. Then, recounting ‘faded’ MS-DOS commands, I managed to create output files but to do so my command had to begin with dd and NOT dd.exe. Secondly the outputs were both 1K and not 512kb.
At this point I haven’t used hashcat.
My post was more to show that DD for Windows will operate under Win10.