While working on some assignments, I wanted to copy data from my
friends TrueCrypt Volume which was encrypted with password and he forget
password!!!! and that's my journey started towards TrueCrypt Hacking!
TrueCrypt is an open source program to create and mount virtual encrypted disks in Windows Vista/XP/2000 and Linux and OS X as well as Whole Disk Encryption on Windows. It provides two levels of plausible deniability (hidden values / no signatures to make a distinction from random data), on the fly encryption and supports AES, Serpent and Twofish. As of version 6.0 TrueCrypt now supports hidden Operating Systems under Windows only.
Favorite attack is Dictionary Based / Brute Force, for which there are multiple tools available for Linux as well as Windows.
Tools :
Also there are attacks for extracting Master Keys for TrueCrypt from Memory Dump.
TrueCrack
TrueCrack In Action with Dictionary Attack
Unprotect.info
Pure Brute Force attack with Digits :
TCHead
TCHead In Action with Dictionary Attack :
TCBrute 2
Specified Dictionary & TrueCrypt Encrypted file, but for some reason TCBrute seems unreliable as I was unable to crack password although it was present in dictionary, Visitors can cross check and comment.
Password not cracked, although it was present in mentioned dictionary file :
Passware Passwod Recovery Kit Forensic (Commercial)
First of all this is commercial tool, and can perform various known attacks agains TrueCrypt encrypted volume.
Brute Force with Digits :
Password Cracked :
Mount TrueCrypt volume using Command Line :
Command line options for TrueCrypt :
Mount TrueCrypt Encrypted Volume using Command :
/l = Drive Letter
TrueCrypt Reference Links
http://www.tateu.net/software/
http://www.autohotkey.com/board/topic/86586-tcbrute-2-truecrypt-bruteforce-password-recovery/
http://dl.securityvision.ch/TCBrute/
http://security.stackexchange.com/questions/30605/brute-forcing-password-to-a-truecrypt-encrypted-file-with-partial-knowledge
http://truecryptblooz.blogspot.in/2011/09/one-day-i-forgot-my-truecrypt-password.html
https://code.google.com/p/truecrack/
http://www.hacker10.com/other-computing/brute-force-a-truecrypt-volume-with-truecrack/
http://16s.us/software/TCHead/TCHead-0.5/
http://jeffball55.blogspot.in/2011/07/dictionary-attacking-truecrypt.html
http://www.hacker10.com/other-computing/brute-force-a-truecrypt-volume-with-truecrack/
http://unprotect.info/
http://mweissbacher.com/blog/tag/truecrypt/
http://www.truecrypt.org/docs/command-line-usage
Hope you enjoyed, I will post more interesting Information soon!
Regards,
eXpl0i13r
TrueCrypt is an open source program to create and mount virtual encrypted disks in Windows Vista/XP/2000 and Linux and OS X as well as Whole Disk Encryption on Windows. It provides two levels of plausible deniability (hidden values / no signatures to make a distinction from random data), on the fly encryption and supports AES, Serpent and Twofish. As of version 6.0 TrueCrypt now supports hidden Operating Systems under Windows only.
Favorite attack is Dictionary Based / Brute Force, for which there are multiple tools available for Linux as well as Windows.
Tools :
- TrueCrack (Most Reliable Tool)
- Unprotect.info
- TCHead
- TCBrute 2
- Passware Passwod Recovery Kit Forensic (Commercial)
- Hashcat/CudaHashcat
Also there are attacks for extracting Master Keys for TrueCrypt from Memory Dump.
TrueCrack
TrueCrack In Action with Dictionary Attack
Unprotect.info
Pure Brute Force attack with Digits :
TCHead
TCHead In Action with Dictionary Attack :
TCBrute 2
Specified Dictionary & TrueCrypt Encrypted file, but for some reason TCBrute seems unreliable as I was unable to crack password although it was present in dictionary, Visitors can cross check and comment.
Password not cracked, although it was present in mentioned dictionary file :
Passware Passwod Recovery Kit Forensic (Commercial)
First of all this is commercial tool, and can perform various known attacks agains TrueCrypt encrypted volume.
Brute Force with Digits :
Password Cracked :
Mount TrueCrypt volume using Command Line :
Command line options for TrueCrypt :
Mount TrueCrypt Encrypted Volume using Command :
/l = Drive Letter
TrueCrypt Reference Links
http://www.tateu.net/software/
http://www.autohotkey.com/board/topic/86586-tcbrute-2-truecrypt-bruteforce-password-recovery/
http://dl.securityvision.ch/TCBrute/
http://security.stackexchange.com/questions/30605/brute-forcing-password-to-a-truecrypt-encrypted-file-with-partial-knowledge
http://truecryptblooz.blogspot.in/2011/09/one-day-i-forgot-my-truecrypt-password.html
https://code.google.com/p/truecrack/
http://www.hacker10.com/other-computing/brute-force-a-truecrypt-volume-with-truecrack/
http://16s.us/software/TCHead/TCHead-0.5/
http://jeffball55.blogspot.in/2011/07/dictionary-attacking-truecrypt.html
http://www.hacker10.com/other-computing/brute-force-a-truecrypt-volume-with-truecrack/
http://unprotect.info/
http://mweissbacher.com/blog/tag/truecrypt/
http://www.truecrypt.org/docs/command-line-usage
Hope you enjoyed, I will post more interesting Information soon!
Regards,
eXpl0i13r
nice post, it's will needed someday
ReplyDelete