Truecrypt, a variety of bruteforcing options

A lot of people ask the question: How can I recover my truecrypt password? Others ask the question: How can I crack a truecrypt container? So out of curiousity I went on a little investigation to know what the current tools are to bruteforce a truecrypt container. So here is a small compilation of the methods I’ve found to bruteforce a truecrypt container.

First of all, if the user using truecrypt is security aware it will be IMPOSSIBLE(for the moment) to bruteforce the password/key of a truecrypt container. At least normal people will not be able to bruteforce 20+ character passwords or a 2KB random file used as keyfile. I say normal people because the (old article) USA secret service seems to be building it’s own bruteforcing botnet. According to this article:

Ultimately, the agency hopes to build the network out across all 22 federal agencies that comprise the Department of Homeland Security: It currently holds a license to deploy the network out to 100,000 systems

Pretty scary huh? Just to be a little more paranoid imagine the nsa joining them and well…I assume 8 characters passwords is a laugh for them on the other hand I also think that 20+ character passwords will be out of reach even for them. The article dates from 2006, so I imagine they have it working by now, for example in this article they state the following:

Months later, Aragon’s lawyer gave him some bad news. The Secret Service had cracked Butler’s crypto and knew more about the hacker than Aragon did -

We will just never know if the USA secret service used bruteforcing power to crack the crypto or if they abused possible crypto errors. For example truecrypt seems to suffer from a few glitches/errors/vulnerabilities like the ones mentioned here. I have no clue how true the vulnerabilities claims are and if they have been fixed in the meanwhile. So why is this relevant? Just to make  sure that everyone who uses truecrypt or any other kind of encryption software uses passwords/pass phrases with more then 20 characters and not easily guessable. Also to make sure that everyone who uses cryptographic software to protect his/her privacy stays informed about possible vulnerabilities that their product could contain and update it or use a work around.

Let’s see the first product capable of bruteforcing truecrypt containers.

If you google around you will see that if I’m not mistaken they also have specialized hardware modules which will speed up the cracking part. It will cost you money but in the end if you manage to link up enough computer it will be worth it.

I imagine that most people asking questions on how to bruteforce truecrypt containers will not have or are not willing to spend the amount of money needed to get DNA up and running. So here is another solution.

The solution explained over here  http://www.elitehackers.info/forums/showthread.php?t=11568&page=2 which actually explains two solutions:

The first one uses a third party application to speed up the manual process and actually uses the truecrypt program to bruteforce the container. Here is the script posted on the forum I linked, just in case the post gets removed someday.


dim $one, $two, $three, $four, $five, $six, $seven, $eight, $pw
dim $Array[94]
$Array[0]="a"
$Array[1]="b"
$Array[2]="c"
$Array[3]="d"
$Array[4]="e"
$Array[5]="f"
$Array[6]="g"
$Array[7]="h"
$Array[8]="i"
$Array[9]="j"
$Array[10]="k"
$Array[11]="l"
$Array[12]="m"
$Array[13]="n"
$Array[14]="o"
$Array[15]="p"
$Array[16]="q"
$Array[17]="r"
$Array[18]="s"
$Array[19]="t"
$Array[20]="u"
$Array[21]="v"
$Array[22]="w"
$Array[23]="x"
$Array[24]="y"
$Array[25]="z"
$Array[26]="A"
$Array[27]="B"
$Array[28]="C"
$Array[29]="D"
$Array[30]="E"
$Array[31]="F"
$Array[32]="G"
$Array[33]="H"
$Array[34]="I"
$Array[35]="J"
$Array[36]="K"
$Array[37]="L"
$Array[38]="M"
$Array[39]="N"
$Array[40]="O"
$Array[41]="P"
$Array[42]="Q"
$Array[43]="R"
$Array[44]="S"
$Array[45]="T"
$Array[46]="U"
$Array[47]="V"
$Array[48]="W"
$Array[49]="X"
$Array[50]="Y"
$Array[51]="Z"
$Array[52]="!"
$Array[53]="@"
$Array[54]="#"
$Array[55]="$"
$Array[56]="%"
$Array[57]="^"
$Array[58]="&"
$Array[59]="*"
$Array[60]="("
$Array[61]=")"
$Array[62]="_"
$Array[63]="+"
$Array[64]="~"
$Array[65]="`"
$Array[66]="1"
$Array[67]="2"
$Array[68]="3"
$Array[69]="4"
$Array[70]="5"
$Array[71]="6"
$Array[72]="7"
$Array[73]="8"
$Array[74]="9"
$Array[75]="0"
$Array[76]="-"
$Array[77]="="
$Array[78]="["
$Array[79]="]"
$Array[80]="\"
$Array[81]="{"
$Array[82]="}"
$Array[83]="|"
$Array[84]=";"
$Array[85]=":"
$Array[86]="'"
$Array[87]=""""
$Array[88]=","
$Array[89]="<"
$Array[90]="."
$Array[91]=">"
$Array[92]="/"
$Array[93]="?"

;Start brute Force
For $one = 0 to 93
$pw = $Array[$one]
Run(@COMSPEC & " /c " & 'C:\fubar\TrueCrypt.exe /q background /s /p "' & $pw & '" /e /m ro /m rm /v "c:\fubar\fubar.ENC"' )
Next

for $two = 0 to 93
for $one = 0 to 93
$pw = $Array[$one]
$pw &= $Array[$two]
Run(@COMSPEC & " /c " & 'C:\fubar\TrueCrypt.exe /q background /s /p "' & $pw & '" /e /m ro /m rm /v "c:\fubar\fubar.ENC"' )
Next
Next

for $three = 0 to 93
for $two = 0 to 93
for $one = 0 to 93
$pw = $Array[$one]
$pw &= $Array[$two]
$pw &= $Array[$three]
Run(@COMSPEC & " /c " & 'C:\fubar\TrueCrypt.exe /q background /s /p "' & $pw & '" /e /m ro /m rm /v "c:\fubar\fubar.ENC"' )
Next
Next
Next

for $four = 0 to 93
for $three = 0 to 93
for $two = 0 to 93
for $one = 0 to 93
$pw = $Array[$one]
$pw &= $Array[$two]
$pw &= $Array[$three]
$pw &= $Array[$four]
Run(@COMSPEC & " /c " & 'C:\fubar\TrueCrypt.exe /q background /s /p "' & $pw & '" /e /m ro /m rm /v "c:\fubar\fubar.ENC"' )
Next
Next
Next
Next

for $five = 0 to 93
for $four = 0 to 93
for $three = 0 to 93
for $two = 0 to 93
for $one = 0 to 93
$pw = $Array[$one]
$pw &= $Array[$two]
$pw &= $Array[$three]
$pw &= $Array[$four]
$pw &= $Array[$five]
Run(@COMSPEC & " /c " & 'C:\fubar\TrueCrypt.exe /q background /s /p "' & $pw & '" /e /m ro /m rm /v "c:\fubar\fubar.ENC"' )
Next
Next
Next
Next
Next

FOR $six = 0 to 93
for $five = 0 to 93
for $four = 0 to 93
for $three = 0 to 93
for $two = 0 to 93
for $one = 0 to 93
$pw = $Array[$one]
$pw &= $Array[$two]
$pw &= $Array[$three]
$pw &= $Array[$four]
$pw &= $Array[$five]
$pw &= $Array[$six]
Run(@COMSPEC & " /c " & 'C:\fubar\TrueCrypt.exe /q background /s /p "' & $pw & '" /e /m ro /m rm /v "c:\fubar\fubar.ENC"' )
Next
Next
Next
Next
Next
Next

for $seven = 0 to 93
FOR $six = 0 to 93
for $five = 0 to 93
for $four = 0 to 93
for $three = 0 to 93
for $two = 0 to 93
for $one = 0 to 93
$pw = $Array[$one]
$pw &= $Array[$two]
$pw &= $Array[$three]
$pw &= $Array[$four]
$pw &= $Array[$five]
$pw &= $Array[$six]
$pw &= $Array[$seven]
Run(@COMSPEC & " /c " & 'C:\fubar\TrueCrypt.exe /q background /s /p "' & $pw & '" /e /m ro /m rm /v "c:\fubar\fubar.ENC"' )
Next
Next
Next
Next
Next
Next
Next

for $eight = 0 to 93
for $seven = 0 to 93
FOR $six = 0 to 93
for $five = 0 to 93
for $four = 0 to 93
for $three = 0 to 93
for $two = 0 to 93
for $one = 0 to 93
$pw = $Array[$one]
$pw &= $Array[$two]
$pw &= $Array[$three]
$pw &= $Array[$four]
$pw &= $Array[$five]
$pw &= $Array[$six]
$pw &= $Array[$seven]
$pw &= $Array[$eight]
Run(@COMSPEC & " /c " & 'C:\fubar\TrueCrypt.exe /q background /s /p "' & $pw & '" /e /m ro /m rm /v "c:\fubar\fubar.ENC"' )
Next
Next
Next
Next
Next
Next
Next
Next

The second solution seems to be a java application coded for linux which also use the truecrypt program to bruteforce the container. Both solutions take time and are not easily expandable to so that the bruteforcing work could be speed up.

One of the last and imo most flexible solutions in my search for current truecrypt bruteforcers where the following articles and websites I found.

All of the above are imo the essential building blocks to build a truecrypt bruteforce application or a truecrypt distributed bruteforce application. Just in case the sites go down you can download a zip with all the sources here, I still need to fix a http server for this kind of stuff so for the moment beeing rapidshare is the choice. The best part is that the code presented in the blog which explains truecrypt works!! Reason I'm so excited about that is because often enough when I download example/poc sourcecode it just doesn't work and it needs minor changes. For the curious ones here is the output from a small test I run with the sourcecode on a truecrypt volume(I only tested the truecrypt5 source):

Progress: Is this a normal volume?
Progress: Trying SHA-512
Progress: ...['Rijndael']
Progress: ...['Serpent']
Progress: ...['Twofish']
Progress: ...['Twofish', 'Rijndael']
Progress: ...['Serpent', 'Twofish', 'Rijndael']
Progress: ...['Rijndael', 'Serpent']
Progress: ...['Rijndael', 'Twofish', 'Serpent']
Progress: ...['Serpent', 'Twofish']
Progress: Trying RIPEMD-160
Progress: ...['Rijndael']
Progress: ...['Serpent']
Progress: ...['Twofish']
Progress: ...['Twofish', 'Rijndael']
Progress: ...['Serpent', 'Twofish', 'Rijndael']
Progress: ...['Rijndael', 'Serpent']
Progress: ...['Rijndael', 'Twofish', 'Serpent']
Progress: ...['Serpent', 'Twofish']
Progress: Trying Whirlpool
Progress: ...['Rijndael']
Progress: ...['Serpent']
Progress: ...['Twofish']
Progress: ...['Twofish', 'Rijndael']
Progress: ...['Serpent', 'Twofish', 'Rijndael']
Progress: ...['Rijndael', 'Serpent']
Progress: ...['Rijndael', 'Twofish', 'Serpent']
Progress: Success!

Some of you might argue that using a scripting language for a bruteforcing purpose is just plain stupid. I'd have to agree with that. So that's why the last option is to write your own bruteforcer in C or asm or modify the truecrypt sourcecode.  But for the ones in need of a quick client to recover their password the above solutions should work just fine, assuming you still remember certain parts of the password and thereby reducing the keyspace from millions to like a few thousand options.

If anyone has found more nice tools or sourcecodes or has got nice ideas please share, it's always fun to learn about new things.

About these ads

66 Responses to “Truecrypt, a variety of bruteforcing options”

  1. 2arkeo: For example, Passcovery Suite can work with TrueCrypt whole volume.

    The problem is in the following – it is hardly possible that you will be able to search for all passwords even with the speeds demonstrated by GPU password recovery if you don’t have an idea of the password structure.

  2. What about whole volumes? Entire devices?
    All I’ve found so far are methods/apps/scripts to brute-force on TrueCrypt container files…

    It’s an external USB drive that I seldom use (last time 6 months ago), but I’m pretty sure I’m entering the correct password. Even if I’m not, I know it’s just lower-case letters and numbers, 7-28 in length. I’d just like to be sure that the drive is somehow corrupted, before formatting it all…

    Thanks in advance…

  3. [...] exploited to reduce the complexity of the brute force attack. 3) In 2006 (or perhaps earlier), the US Secret Service started building a botnet of up to 100,000 computers, eventually to encompass all of Homeland Security – for the express [...]

  4. There is available the new version of TrueCrack. It’s a very useful brute-force password cracker for TrueCrypt volumes that, provide you have plenty of horsepower available, may just solve your problem. As you can see below, performance is enhanced using GPU mode so depending on the tooling that you have available your performance may vary. http://code.google.com/p/truecrack/

  5. Thanks man!

    For any who is able to read/program Pascal Code see attached Source.
    I had a password like “abc1234def” where the numbers were unknown. So it tries all combinations.

    Changes are very easy to make as soon as you understand the logic. Most important is the TrueCrypt call.

    Please note: this will just try to mount the TC-Container and cache the password.

    http://pastebin.com/0SwcRZ4d

  6. Does anyone know a good program for a 30 some password?
    I know all the characters accept three of them…

  7. I has keyfile that I can open normal volume. But it has hidden volume, I forgot password to open. Any suggestion to crack please ?

  8. I got tc container. I got keyfile. I can mount. But I forgot hidden container password/keyfile. Is there any way that I can recover hidden from known key files ?

  9. hi
    thank u. i try this. i collect all my possible key files and then i try.

    can me somebody help, where i can find/download the compiled version of true brute (i can only found the visual studio source code)?
    but i don’t have visual studio.

    has somebody the same problem with truecrack?
    i have a passwordlist of 3200 passwords.
    it runs a long time and than i get a memory access error.
    i work not with cuda.
    i compiled it with make and make install.
    i start it with truecrack -t container -w passwordfile

    i hope somebody can help me

    if somebody knows other software to recover passwords / keys or simular for truecrypt, please post some infos or links.

    thank u for help

    klaus

  10. I came across an old TC file which I remembered the password for, but not the keyfiles I had used. I knew I had them somewhere on a shared drive and I knew I had used more than one, but how could I possibly try all possible combinations of keyfiles in truecrypt without doing it by hand? I made a python script called tckeyfilehack. It’s not the most efficient or cleanly written piece of code, but it works.

    Anyway, you can find the python script on google code here:
    https://code.google.com/p/tckeyfilehack/

  11. hello

    i have a problem with truecrack
    i have a password list with 2400 passwords.
    when i run the program, it runs for a long time and then it will stopped with “memory access error”.
    if i take a short password list with a test container and a password that matched, it works fine.

    are there currently new tools to crack a container.
    i forget my password and i know only parts of the pasword.

    is it possible to crack a container, that protected with key files and a password?

    i see here, the program tcbrute, but i don’t have the visual studio.
    where can i download the binary?

    thank u for help

  12. My issue is I have recovered my password, but can’t figure out which keyfile (s) I used. I’m nearly certain I used 2 image files, and even which folder they may be in, but to try every combination of pictures in the folder will take me ages. Is there any way to “brute force” check a number of keyfile combinations if it’s at least narrowed down?

  13. i need help the other way round: i think i deleted the salt but know the exact password algorithms and format of the drive

    any suggestions?

  14. I forgot my external Truecrypt drive pw and true.crypt.brute.1.9b stops and opens Truecrypt on the same pw from a 2 million pw list at about word 3000, but it does not open the volume. This could be the right pw though it doesn’t ring bells. In a test run with a test volume it opened Truecrypt and listed the drive volume for opening and provided a notification with the pw. Not so now. Are there any characters that will stop true.crypt.brute.1.9b like that or does it signal a pw is found? Any suggestions?

    Also, how is the pw list separated? In wordpad it can look like words strung together with no separators so it is sometimes impossible to tell when one pw ends and the next beings. That makes it difficult to try the previous pws to the one that stopped and opened Truecrypt.

    One last question. Can a copy of characters from the wordlist be different than the actual characters so that the paste into Truecrypt will be different that what true.crypt.brute.1.9b used from the list?

    Thanks all for the article and comments. They were helpful and hopefully these questions make sense.

  15. thankyou, you save my day! i forgot my password (hiks i have temporary memory lost) then google took me to your blog… thank you

  16. I make a little software in C, based on TrueCrypt source code, to crack the passwords of a volume file. The principle is a simple bruteforce attack with a dictionary of word or a charset of characters. It can run on the GPU cores (nvidia cuda technology) to increase considerably the performance. Now it only works for a single volume file with the default cipher algorithms: PBKDF2 (defined in PKCS5 v2.0) based on RIPEMD160 Key derivation function, and XTS block cipher mode of operation used for hard disk encryption based on AES.
    http://code.google.com/p/truecrack/
    I hope this helps forgetful person as me.

  17. you can just use a ntfs alternate data stream file for the container and it will mess up all your bruteforcing if you even find the hidden ads file anyway :P

  18. Responses do not work to this article. Help!!

  19. I downloaded the “java based application”, known as “CrackTC”. It does not seem to work. It contains the java source code (which is spaghetti to me). It also contains a test truecrypt file and a test password file.

    Unfortunately, when I run the program it stops immediately and says that the first password in the lists is the password–but it’s not.

  20. After long hours of research I found and used true.crypt.brute.1.9b.zip/
    Worked fine with me but I had only 4 char to find
    http://securityvision.ch/index.php?option=com_phocadownload&view=file&id=1:true.crypt.brute&Itemid=54

  21. I’ve tried many solutions, and the VBScript posed by PJAC was the best for me. It was more versatile than the others, much easier to implement. It was also the fastest because it hits TrueCrypt with several attempts at a time and then waits for it to catch up. It averaged 5 to 6 attempts per second, which is twice as fast as the others. The prefix and suffix functions are a life saver. However, it’s a major problem if you overlook the fact that the command to TrueCrypt is actually commented out, and without uncommenting it, the process actually does nothing.

    I reprogrammed it with a lot of new functionality. Since I know that my forgotten password does not repeat any of the characters, I added the ability to configure it to exclude any attempts with repetitions of the characters. This reduced the number of attempts required by well over 90%, and well over 99% with larger passwords. Many passwords have character repetition only at the beginning, and that can be used in the prefix.

    Since I also did not know how many characters were in a password, I also added the ability to specify a range in number of characters to attempt.

    I also added a report to the end of the process, in which it displays the number of attempts, the process time, and the number of attempts per process.

    Lastly, I removed and commented out all of the verbiage that would reveal what this thing is actually doing. That way it processes discreetly on screen.

    With the prefix and suffix functions, and with the functions I’ve added here, I was able to reduce the dycryption time for my password from nearly a million years to just a few hours.

    Option Explicit
    dim tcCommandline
    dim container
    dim driveToMount
    dim repeatChars
    dim charString
    dim objShell
    dim filesys
    dim dtmStartTime
    dim dtmEndTime
    dim attempts
    dim TotalSeconds

    force_cscript
    SetupEnvironment
    Start

    ‘ sub taken from http://tek-tips.com/viewthread.cfm?qid=1175727
    sub force_cscript
    dim args : args=””
    dim i, wshshell
    If right(lCase(wscript.fullname),11)= “wscript.exe” then
    for i=0 to wscript.arguments.count-1
    args = args & wscript.arguments(i) & ” ”
    next
    set wshshell=createobject(“wscript.shell”)
    wshshell.run wshshell.ExpandEnvironmentStrings(“%comspec%”) & _
    ” /k cscript.exe //nologo “”” & wscript.scriptfullname & “””” & args ‘change to /k for stay
    set wshshell=nothing
    wscript.quit
    end if
    end sub

    Sub SetupEnvironment()
    set objShell = CreateObject(“WScript.Shell”)
    set filesys = CreateObject(“Scripting.FileSystemObject”)

    tcCommandline = “C:\TrueCrypt\TrueCrypt.exe”

    container = “\Device\Harddisk1\Partition0″
    ‘container = “c:\myContainer.tc”

    driveToMount = “z:”

    repeatChars = false

    charString = “[];’,./”

    End Sub

    Sub ShowHeader()
    dim headerText
    headerText = vbCRLF
    headerText = headerText & “VBScript TrueCrypt brute force attempt program” & vbCRLF
    headerText = headerText & “==============================================” & vbCRLF & vbCRLF

    headerText = headerText & “Settings” & vbCRLF
    headerText = headerText & “——–” & vbCRLF
    headerText = headerText & “Path to TrueCrypt: ” & tcCommandline & vbCRLF
    headerText = headerText & “Path to Container: ” & container & vbCRLF
    headerText = headerText & “Drive to mount: ” & driveToMount & vbCRLF
    headerText = headerText & “Characters to use: ” & charString & vbCRLF
    headerText = headerText & vbCRLF
    headerText = headerText & “NB: to change these, edit this VBScript file – specifically “”Sub SetupEnvironment””” & vbCRLF
    headerText = headerText & vbCRLF

    headerText = headerText & “Parameters” & vbCRLF
    headerText = headerText & “———-”

    ‘WScript.Echo headerText
    End Sub

    Sub Start()
    ShowHeader

    dim pwPrefix
    dim pwSuffix
    dim charsToGenerate
    dim charsBeginNum
    dim charsEndNum

    pwPrefix = UserInput(“Prefix:”, false)
    pwSuffix = UserInput(“Suffix:”, false)
    charsBeginNum = UserInput(“Number of chars begin:”, true)
    charsEndNum = UserInput(“Number of chars end:”, true)

    ‘charsToGenerate = UserInput(“Number of chars:”, true)

    dtmStartTime = Timer

    WScript.Echo “Attempting pattern ” & pwPrefix & “{” & charsBeginNum & “-” & charsEndNum & ” chars}” & pwSuffix

    for charsToGenerate = charsBeginNum to charsEndNum
    RunBruteForce charString, pwPrefix, pwSuffix, charsToGenerate
    next

    WScript.Echo “Not Found”
    WScript.Echo attempts & ” Attempts”
    Wscript.Echo GetElapsedTime
    Wscript.Echo Round(attempts/TotalSeconds,2) & ” Attempts Per Second”

    WScript.Quit
    End Sub

    Sub RunBruteForce(charString, pwPrefix, pwSuffix, charsToGenerate)
    dim counter
    for counter = 1 to len(charString)
    ‘WScript.Echo “counter = ” & counter
    dim pwNew
    pwNew = mid(charString, counter, 1)
    ‘WScript.Echo “charsToGenerate = ” & charsToGenerate
    ‘WScript.Echo “pwPrefix = ” & pwPrefix
    ‘WScript.Echo “pwNew = ” & pwNew
    if (InStr(1,pwPrefix,pwNew,0) = 0 or repeatChars) then
    if (1 = charsToGenerate) then
    if counter = len(charString) Then
    AttemptPassword pwPrefix & pwNew & pwSuffix, true
    else
    AttemptPassword pwPrefix & pwNew & pwSuffix, false
    end if
    else
    RunBruteForce charString, pwPrefix & pwNew, pwSuffix, charsToGenerate-1
    end if
    else
    ‘WScript.Echo pwPrefix & pwNew & ” Duplicate ” & pwNew & ” in ” & pwPrefix
    end if
    next
    End Sub

    Sub AttemptPassword(pwToTry, waitState)
    dim commandline
    attempts = attempts + 1
    commandline = “%comspec% /c ” & tcCommandline & ” /q background /s /p “”” & pwToTry & “”” /e /m ro /m rm /v “”” & container & “”” /l ” & driveToMount & “”

    if UCase( Right( WScript.FullName, 12 ) ) = “\CSCRIPT.EXE” then
    WScript.Echo pwToTry
    ‘WScript.Echo pwToTry & ” (” & waitState & “)”
    ‘WScript.Echo “Command: ” & commandline
    end if

    objShell.Run commandline, 7, waitState
    If filesys.DriveExists(driveToMount) Then
    WScript.Echo “”
    WScript.Echo “Password Found!!!”
    ‘WScript.Echo “Password = ” & pwToTry
    WScript.Echo “Drive ” & driveToMount & ” Mounted.”
    WScript.Quit
    End If
    End Sub

    Function GetElapsedTime
    Const SECONDS_IN_DAY = 86400
    Const SECONDS_IN_HOUR = 3600
    Const SECONDS_IN_MINUTE = 60
    Const SECONDS_IN_WEEK = 604800

    dim dtmEndTime
    dtmEndTime = Timer

    dim seconds
    dim minutes
    dim hours
    dim days

    TotalSeconds = Round(dtmEndTime – dtmStartTime, 2)
    seconds = TotalSeconds
    If seconds < SECONDS_IN_MINUTE Then
    GetElapsedTime = seconds & " seconds "
    Exit Function
    End If
    If seconds < SECONDS_IN_HOUR Then
    minutes = seconds / SECONDS_IN_MINUTE
    seconds = seconds MOD SECONDS_IN_MINUTE
    GetElapsedTime = Int(minutes) & " minutes " & seconds & " seconds "
    Exit Function
    End If
    If seconds < SECONDS_IN_DAY Then
    hours = seconds / SECONDS_IN_HOUR
    minutes = (seconds MOD SECONDS_IN_HOUR) / SECONDS_IN_MINUTE
    seconds = (seconds MOD SECONDS_IN_HOUR) MOD SECONDS_IN_MINUTE
    GetElapsedTime = Int(hours) & " hours " & Int(minutes) & " minutes " & seconds & " seconds "
    Exit Function
    End If
    If seconds < SECONDS_IN_WEEK Then
    days = seconds / SECONDS_IN_DAY
    hours = (seconds MOD SECONDS_IN_DAY) / SECONDS_IN_HOUR
    minutes = ((seconds MOD SECONDS_IN_DAY) MOD SECONDS_IN_HOUR) / SECONDS_IN_MINUTE
    seconds = ((seconds MOD SECONDS_IN_DAY) MOD SECONDS_IN_HOUR) MOD SECONDS_IN_MINUTE
    GetElapsedTime = Int(days) & " days " & Int(hours) & " hours " & Int(minutes) & " minutes " & seconds & " seconds "
    Exit Function
    End If
    End Function

    Function UserInput(userPrompt, mustBeInt)
    dim result
    If UCase( Right( WScript.FullName, 12 ) ) = "\CSCRIPT.EXE" Then
    ' If so, use StdIn and StdOut
    WScript.StdOut.Write userPrompt & " "
    result = WScript.StdIn.ReadLine
    Else
    ' If not, use InputBox( )
    result = InputBox(userPrompt)
    End If
    if (mustBeInt = true) then
    If IsNumeric(result) Then
    ' Here, it still could be an integer or a floating point number
    If CLng(result) Then
    UserInput = Clng(result)
    Else
    WScript.Echo "Not a number – please try again."
    UserInput = UserInput(userPrompt, mustBeInt)
    End If
    else
    WScript.Echo "Not a number – please try again."
    UserInput = UserInput(userPrompt, mustBeInt)
    End if
    else
    UserInput = result
    end if
    End Function

  22. Saucer Says:

    http://www.hammerofgod.com/passwordcheck.aspx

    Test your your password strength against a Class -F Network – (1,000,000,000) Passwords a second cluster. Enjoy :-)

  23. I did what sgc says, but the .bat file won’t execute. I looked up why the .bat file won’t execute and did exactly what should be done, but still didn’t work. I was wondering if I don’t know the order of the password or the exact number of letters, how I can organize the search to be more precise. For example, if my password was fishdogcat, but I wasn’t sure if it was in that order, it might have been dogfishcat or fishcatdog, but to make matters a little more complicated, I also think I may have capitalized a letter or made the word dogsfishcats or dogsfishescats . . . how would I edit the gendic properly to account for this? I may have even capitalized a letter and made it Dogfishcat or Dogsfishcats or fishDogscat . . . any help would be appreciated. I have everything backed up except my movies I converted out from my dvds to Mp4 to play with my cell phone and I had over 130+ movies and aren’t looking forward to doing that over again . . .

  24. Hey Guys,

    I’m trying to use TrueCrypt5, but where I indicate the volume path? And, can you post the minor changes you made on it?

    Thanks.

  25. Fairly simple VBScript variant of the above. Particularly useful if you know the first part of the password, but easy enough to modify.

    Make changes to the SetupEnvironment section (lines 29-42 of the VBS file) for your particular setup. Example values are present. Note that you should use the short form for all paths.

    Program will stop once the drive you are trying to create is found. Password will be one of the last ones shown. Program also pauses every cycle of last character to allow TrueCrypt to catchup and not max out your processor or memory.

    I’ve used this to crack a TC container with 4 forgotten chars.

    Code:

    Option Explicit
    dim tcCommandline
    dim container
    dim driveToMount
    dim charString
    dim objShell
    dim filesys

    force_cscript
    SetupEnvironment
    Start

    ' sub taken from http://tek-tips.com/viewthread.cfm?qid=1175727
    sub force_cscript
    dim args : args=""
    dim i, wshshell
    If right(lCase(wscript.fullname),11)= "wscript.exe" then
    for i=0 to wscript.arguments.count-1
    args = args & wscript.arguments(i) & " "
    next
    set wshshell=createobject("wscript.shell")
    wshshell.run wshshell.ExpandEnvironmentStrings("%comspec%") & _
    " /k cscript.exe //nologo """ & wscript.scriptfullname & """" & args 'change to /k for stay
    set wshshell=nothing
    wscript.quit
    end if
    end sub

    Sub SetupEnvironment()
    set objShell = CreateObject("WScript.Shell")
    set filesys = CreateObject("Scripting.FileSystemObject")

    tcCommandline = "C:\Progra~2\TrueCrypt\TrueCrypt.exe"

    container = "\Device\Harddisk1\Partition0"
    'container = "c:\myContainer.tc"

    driveToMount = "e:"

    charString = "123abc"
    'charString = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!""£$%^&*()-=_+[]{};'#:@~,./?\|`¬"
    End Sub

    Sub ShowHeader()
    dim headerText
    headerText = vbCRLF
    headerText = headerText & "VBScript TrueCrypt brute force attempt program" & vbCRLF
    headerText = headerText & "==============================================" & vbCRLF & vbCRLF

    headerText = headerText & "Settings" & vbCRLF
    headerText = headerText & "--------" & vbCRLF
    headerText = headerText & "Path to TrueCrypt: " & tcCommandline & vbCRLF
    headerText = headerText & "Path to Container: " & container & vbCRLF
    headerText = headerText & "Drive to mount: " & driveToMount & vbCRLF
    headerText = headerText & "Characters to use: " & charString & vbCRLF
    headerText = headerText & vbCRLF
    headerText = headerText & "NB: to change these, edit this VBScript file - specifically ""Sub SetupEnvironment""" & vbCRLF
    headerText = headerText & vbCRLF

    headerText = headerText & "Parameters" & vbCRLF
    headerText = headerText & "----------"

    WScript.Echo headerText
    End Sub

    Sub Start()
    ShowHeader

    dim pwPrefix
    dim pwSuffix
    dim charsToGenerate

    pwPrefix = UserInput("Password prefix:", false)
    pwSuffix = UserInput("Password suffix:", false)
    charsToGenerate = UserInput("Number of chars to generate:", true)

    WScript.Echo "Attempting passwords in the pattern '" & pwPrefix & "{" & charsToGenerate & "xChar}" & pwSuffix & "'"

    RunBruteForce charString, pwPrefix, pwSuffix, charsToGenerate
    WScript.Quit
    End Sub

    Sub RunBruteForce(charString, pwPrefix, pwSuffix, charsToGenerate)
    dim counter
    for counter = 1 to len(charString)
    dim pwNew
    pwNew = pwPrefix & mid(charString, counter, 1)
    if (1 = charsToGenerate) then
    if counter = len(charString) then
    AttemptPassword pwNew & pwSuffix, true
    else
    AttemptPassword pwNew & pwSuffix, false
    end if
    else
    RunBruteForce charString, pwNew, pwSuffix, charsToGenerate-1
    end if
    next
    End Sub

    Sub AttemptPassword(pwToTry, waitState)
    dim commandline
    commandline = "%comspec% /c " & tcCommandline & " /q background /s /p """ & pwToTry & """ /e /m ro /m rm /v """ & container & """ /l " & driveToMount & ""

    if UCase( Right( WScript.FullName, 12 ) ) = "\CSCRIPT.EXE" then
    WScript.Echo "Password: " & pwToTry & " (wait: " & waitState & ")"
    'WScript.Echo "Command: " & commandline
    end if

    'objShell.Run commandline, 7, waitState
    If filesys.DriveExists(driveToMount) Then
    WScript.Quit
    End If
    End Sub

    Function UserInput(userPrompt, mustBeInt)
    dim result
    If UCase( Right( WScript.FullName, 12 ) ) = "\CSCRIPT.EXE" Then
    ' If so, use StdIn and StdOut
    WScript.StdOut.Write userPrompt & " "
    result = WScript.StdIn.ReadLine
    Else
    ' If not, use InputBox( )
    result = InputBox(userPrompt)
    End If
    if (mustBeInt = true) then
    If IsNumeric(result) Then
    ' Here, it still could be an integer or a floating point number
    If CLng(result) Then
    UserInput = Clng(result)
    Else
    WScript.Echo "Not a number - please try again."
    UserInput = UserInput(userPrompt, mustBeInt)
    End If
    else
    WScript.Echo "Not a number - please try again."
    UserInput = UserInput(userPrompt, mustBeInt)
    End if
    else
    UserInput = result
    end if
    End Function

  26. Hi guys,

    How much time it will take to crack a password of 30 char, char present in the array of 94 describe up there?

    How many possibilties ?

    Thanks and have a nice day!

  27. I see comments saying code which cracks at 2 pw/s is fast. Well, I used Passware Enterprise 10.1 (10.1 uses CUDA acceleration) and cracked a TC volume at 434 pw/s avg with an i3-540 and GTX460. I bet with a SLI config and the right cards you could achieve over a 1000 pw/s.

  28. http://diablohorn.wordpress.com/2009/01/01/truecrypt-variety-of-bruteforcing-options/

    i am not good in programming. i tried to compile the Autoit code but not sure about the @COMSPEC and what to change for the C:\fubar\…

    Let’s say the truecrypt container is PersonalVolume in C:\Temp folder and TC is installed in program file

  29. Howdy: Do you have 500 million quadrillion terabytes free on your hard drive? Assuming you already have a supercomputer available that can test 1 million passwords / second, are you willing to wait 47 billion times the current age of the universe to test the entire list? If not, a list of every upper/lower case password of length 20 is not going to be helpful since there will be (2*26)^20 = 2 * 10^34 combinations!

    If you wrote all of the passwords of length 8 to a file it would still be 400 TB. Testing those combinations would take over a year at 1 million tests/sec, which would require a cluster of many, many computers.

  30. hmm, i would like to create a word file for a 20 character password consisting of upper and lower case letters. how would i do that? ive downloaded a couple of programs but some only go to 8 letters.

    I just want a word file that contains all the possibilites for a 20 character password that consists of upper and lower case.

    Hope someone can help :)

  31. Here’s a step by step guide for using Python on Windows to generate a dictionary:

    1. Download and install the latest version of Python
    Currently http://www.python.org/ftp/python/2.7/python-2.7.msi

    2. Run a Python test program.
    Open IDLE from the Python Start Menu group. Type the command below and press enter. You should see test echoed back. Close IDLE.

    print “test”

    3. Copy permute.py.
    Go to http://mail.python.org/pipermail/python-list/2006-December/1064842.html . Copy everything from the beginning:
    # -*- coding: utf-8 -*-
    import itertools

    to the end:
    def permute(p):
    return list(ipermute(p))

    4. Save permute.py
    Create an empty folder somewhere on your filesystem and open it. Right click in the blank space > New > Text Document. Name it permute.py. Right click on it and there should be an Edit with IDLE option. Choose that, paste the script, save and close.

    5. Copy and save gendic.py
    Copy the script below. As above, create a file named gendic.py in the same folder, open with IDLE, and paste the script. The code will be slightly mangled by being posted here so you will need to fix the doubles quotes and add a tab at the beginning of the print s line.

    from permute import *

    pattern = r”[Xx]yz”

    for s in ipermute( pattern ):
    print s

    6. Test gendic.py
    With gendic.py still open in IDLE, press F5 to run it. You should see:
    Xyz
    xyz

    7. Edit the pattern inside the double quotes to match your password.
    Letters and numbers can be used as-is. Symbols may require a \ before them so they are not interpreted as having a special meaning. Square brackets can be used to specify a list or range, each of which will be tried. ? means to try with and without the previous character.

    Press F5 to test your pattern as you go. Note that it will take much longer to output to screen than to file so you may only want to work on a section of your pattern at a time until you have the whole thing figured out. Close gendic.py when you are finished.

    Examples:
    [Xx]yz matches Xyz, xyz
    xyz[1-3] matches xyz1, xyz2, xyz3
    [A-Ca-c]yz matches Ayz, Byz, Cyz, ayz, byz, cyz
    xy?z matches xyz, xz
    xy[Zz]? matches xyZ, xyz, xy

    8. Create gendic.bat
    In the same folder, create a text file and name it gendic.bat. Right click > Edit. It should open in notepad. Copy and paste the line below, save, exit.

    gendic.py > tests.txt

    9. Run gendic.bat
    Double click to run. A command line window will open while it is running. Once it finishes there will be a tests.txt file which contains one password possibility per line. Use this as the dictionary file for true.crypt.brute

  32. I need help writing the script or using a script to generate the dictionary. I know the pieces of the password but cant figure out how to create the permutations for the brute program I found on here. I’m trying to use the Python scrypt but I’ve never used Python and havent scripted since basic on an apple IIe.

  33. I tried the crackTC under Ubuntu, but after I run the example in the archive, it opens up the password entry dialog in truecrypt and the terminal app freezes by the first entry in password.txt.
    So it just shows the first pass in the txt file and that’s it. If I put the correct pass (test) in the first line it works and mounts the tc file.
    Thankx,
    Rob

  34. Thanks for this post. I don’t really know if it will help me as I’m not programmer (only I have some basic knowledge about PHP/JS) but I will try ;)

    Btw. It would be great if someone would make some tutorial for non-programmers ;)

  35. widowmaker Says:

    I AM NOT GOOD AT PROGRAMING AT ALL, I KNOW SOME BASIC TECHNIQUES. Just like the rest of you i forgot part of my password, I know that it is in all lower case but i can’t remeber the last 4-6 characters. I have the true.crype.brute. Can anyone offer some specific help.

  36. diablohorn, tnx alot for sharing these infos here ! GJ dude !

    ~ i Love u JAmeS !

    http://securityvision.ch/download.php

    it saved me ! well, it was a 25 characters pass but i had only around 10k possibilities to brute ! so i made the word-list & the tool did the job in less than 1 hour ! tnx for sharing your info here man, u saved me some hours of searchin !

    TnX bros

  37. Note that “print s” in gendic.py in the above post should be indented.

  38. I was able to successfully recover a truecrypt archive. I remembered the alphabetic characters of the password but had forgotten the capitalization and symbol substitutions.

    I used true.crypt.brute with a Python script to generate the dictionary. I found a Python module permute.py which generates all permutations of a string that satisfy a given regular expression. It is available here:

    http://mail.python.org/pipermail/python-list/2006-December/1064842.html

    I installed Python (python.org), saved the module from the posting above to permute.py, and saved the following to gendic.py:

    from permute import *

    pattern = r”[Xx]yz”

    for s in ipermute( pattern ):
    print s

    Then ran “gendic.py > tests.txt” at the command line and opened true.crypt.brute to start the search using tests.txt as the dictionary. So the above example would match “Xyz” or “xyz”. I only used bracket expressions so I can’t speak for how well the permute.py module will handle other regex operators.

    Fortunately I only had a few thousand combinations to try and the correct password was found within a few hours.

    I hope this helps someone out there!

  39. Hi to all, like the name states I am a newbie to any type of code, in fact I’m not into software at all. I came across this site in the hopes that I could recover my password for the truecrypt drive I encrypted…YES you read right I stupidly encrypted an entire drive the first time I installed truecrypt.

    I can’t remember the password, but I don’t need to crack the password per se, I know the exact words and numbers that go into the password, the passcode has no special characters and just 3 numbers repeated in sequence. The problem lays in the fact that I can’t remember the exact order and where the numbers go. It’s no more than 6 words, so I’m certain that it wouldn’t take too long to figure out the password with some sort of app.

    I was just wondering if anyone here can help me with an app or directing me how to write one for windows xp.

    Thank You.

  40. diablohorn Says:

    The file has been restored try downloading it.

  41. Any update on re-posting the .zip?

  42. diablohorn Says:

    I’m working on it, hope to have it back soon. Check back in like a week. Else I’ll reupload on rapidshare or something like that.

  43. Mikesch72 Says:

    Sorry, the Link to the Python-File (truecrypt_brute_building_blocks.zip) is dead :-(. Can you reup?

  44. LiquidMK Says:

    Wow, [b]james[/b] described really magic algorithm of forgotten password recovery! I’d made dictionary with Excel macro and with true.crypt.brute it took just about 5 minutes to recover my data! )
    I’m happy!!!

  45. Hi guys,

    could you tell me how to use that software now exactly concerning the word file. do i just have to copy and paste it?

    more important: how can i edit or modify it in such way that there are just some letters left which habe to be combined to brute force the correct password? i wanna reduce it to the letters i’m sure that they are the right one, i just lost the sequence…

    Cheers!!!

  46. Thanks for the info Diablohorn & James, i changed my password while drunk and now dont remember it :( i usually use a combo of about 3-4 diff words out of 10 or so that are personal to me so am hoping the excel and macro method will help me out, again thanks for sharing your info

  47. diablohorn Says:

    here is a new link and the link above has been adjusted:

    http://diablohorn.tbhost.eu/distribute/truecrypt_brute_building_blocks.zip

  48. The link above to the zip is dead (rapid share). says been removed?

  49. Saiketsu Says:

    James, i’m gald to see that someone used the same method than me to create a super-password, then lost it and recovered it with a BF. I’m going to try your method. Thanks ! :)

  50. Christoph Says:

    @dezrah: You’re chances are actually pretty good to crack the password. Assuming you have an alphabet of 11 characters and a 9 character password. If you did not use duplicates, you have about 20 million combinations.

    If you did use multiples, your search space is 285 billion. However, again assuming that you would not use a word like fffffffff (e.g. limit to max. character reuse of 2) you might end up with something like more manageable like in the lower hundred millions or so ;-)

  51. This is interesting information. I’m glad you found your password. It will always be worth a shot if some information is known about the password.

  52. So after running overnight the password was waiting for me on my desktop. Definitely a solution that works, at least in my example; turned out my password was a combination I would never have thought of. I ran a word list that had 14k possibilities, using Excels to combine 7? passwords 4 deep into every possible combination (always 4 deep). If you are reading this then good luck and keep your passwords strong and write them down somewhere…my “super password” was 40 characters long…without knowing what made it up I think I would have needed a Cray or something to get it done, and then I probably would have had to wait a few years.

  53. I found your information informative, but not very useful. I tried the script mentioned with the autoit program and could not get it to work. Searching through the autoit forums found that the guy that wrote it (the real author) was asking about how to get it to run and ditched it because it was flawed. I could not get my BT4 running on my VMWare Fusion and did not have a thumbdrive handy, so I went with a VMWare Windows solution. I found a program called true.crypt.brute that runs dictionary attacks against truecrypt containers. It can be found at securityvision.ch/download.php. I had to create a custom dictionary because my problem was as follows: I got paranoid and put a bunch of personal files into one giant container (20gb), and used 4 or 5 strong passwords (that I routinely use) to generate a super-password. Unfortunately I forgot to write the awesome password down, so I didn’t know the order the smaller passwords were in. In my own defense I was on some powerful painkillers at the time, but that is another story. I needed an automated way to find the password. So…after much searching came to the brute forcer mentioned. I did some more searching for the dictionary fix, and came up with using Excels and a macro, which can be found by “googling” google answers phrase permutation. With these two tools I have generated over 12k possibilities. Unfortunately the brute forcer takes approximately .5 seconds per try. When it is completed it will pop up with the correct password…I’ll let you know when it finishes. I would guess that all of this research took 12 hours or so. I did find some other useful, easy to use tools in my search, including a great password generator (unfortunately it will only mix 2 deep vice the 4-5 I needed). It is called s-wordlist tool, though I don’t remember where I found it. It was written by “beda” and has a link in it, “beda.securiboxDOTnet”. I could not find it in 5 min and am done researching, but it is a great dictionary creation tool with more options than I found anywhere else.

  54. @dezrah there are scripts out there to help build dictionaries for brute forcing. You could modify one of these to only use the 11 letters, and generate all possible 9 character combinations. This would make things much faster. If you know you could have only used each letter at most say 3 times, you can reduce the number of possibilities further.

  55. All i can say is good luck bruteforcing it. You will spend years brute forcing it with a regular home based pc, even if you knew most of the password.

  56. I’m in the same boat. I know it’s 9 char password, and I know the 11 possible chars that I used, but the precise combination is lost to me.

    Any help for a newb?

  57. Yak2009 Says:

    Great article for those who know something about programming. But for someone who is very limited in programming experience (Ok practically none except for some VBA in MS Excel), is still a bit complex for trying to modify program for my personal situation. Like so many other people, I know the approx length of PW and have a list of the possible missing phrases and characters but have yet to be able to understand how to get one of these ‘codes’ to work.

  58. When it comes to random passwords, in my opinion the whole rule of 20+ characters is quite the myth. For example: if you use a 10 character random password comprised of letters and digits (and the attacker knows you didn’t use anything else!), you might have to try up to 62^10 = 839,299,365,868,340,224 passwords. At 500,000 passwords per second (an extraordinary rate when it comes to decrypting AES containers) this would take more than 53,228 years. At 15 characters we exceed 48,763,933,596,446 years. Good look with optimization, maybe you manage to crack password one billion times faster than estimated here – it just wouldn’t make any differende whatsoever (at least in the second example) ;)

    Seriously now, with a good password it is much simpler to attack the crytographic key itself instead of the password. Fortunatlely it might still take several centuries. The trick is to avoid any password vulnerable to a dictionary attack (like “house”), even if it’s a modified attack (like “myhouse” or “house05″).

  59. eh. really like it

  60. diablohorn Says:

    The link has been renewed :)

  61. diablohorn, The link to TC brute building blocks ziparchiv is dead. Can you please renew it.

    Would be very appreciate.

  62. diablohorn Says:

    Well afaik bruteforcing the password is the only method. You could try out a few of the methods I mentioned. Seeing as you know the characters it should be doable depending on the length of your password. Good luck with the bruteforce approach.

  63. I have truecrypt and I was using it a while back to store some data. I haven’t used it in a while and was wondering, I know the password, at least all the characters, and I still have the keyfile I used, but is there a quicker way to get back to my files? I feel silly that I forgot how I wrote my password, but I need some help.

  64. I wonder what sort of damage could be done if someone malicious were able to gain access to a machine on a federal botnet?

    I can see it now… “Hacker gains access to secret service botnet, uses botnet to brute force password dumps from top secret NSA computer systems.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 32 other followers

%d bloggers like this: