Monday, March 16, 2009
Bruteforce TrueCrypt - some hints
So someone I know recently forgot their password to a TrueCrypt volume and asked me to try getting into it. Obviously, I'm not much of a hacker but I wrote a little perl script to attempt a bunch of password iterations thought I would share some parts. The main thing to share is the list of arguments:
Then the more dynamic parts (obviously, pass needs to come from some kind of password dictionary or password-generating subroutine). @prog is the loop-local copy of @tc_opt.
Then the last bit:
$? will be true on failure and false on success (1 vs 0) or you can get fancy and also test for negative values.
I was unable to recover the password because I didn't have enough information and I can only test one password/few seconds on my poor, slow computer, so a massive dictionary attack is out of the question, but if you're in the same boat this should get you started on the recovery.
my $tc = "/Applications/TrueCrypt.app/Contents/MacOS/TrueCrypt";
my @tc_opt = ($tc, "--text", "--verbose", "--mount-options=ro", "--filesystem=none", "--non-interactive");
Then the more dynamic parts (obviously, pass needs to come from some kind of password dictionary or password-generating subroutine). @prog is the loop-local copy of @tc_opt.
push(@prog, "--password=\"$pass\"");
push(@prog, "$file");
Then the last bit:
my $strprog = join(" ", @prog);
system("$strprog");
if ( $? )
...
$? will be true on failure and false on success (1 vs 0) or you can get fancy and also test for negative values.
I was unable to recover the password because I didn't have enough information and I can only test one password/few seconds on my poor, slow computer, so a massive dictionary attack is out of the question, but if you're in the same boat this should get you started on the recovery.
Labels: perl programming
# posted by matthew sporleder @ 6:53 PM 
