3

I forgot my Veracrypt password, I have around 1000-2000 possible password combination and I need a software to bruteforce the password on Windows. What software would that be?

user19
  • 31
  • 1
  • 2

3 Answers3

3

You don't mention how quickly you need this done.

If time is not a concern and you only have a limited pool of possible passwords, you could easily script the mount operation to try every possible password inline and look for a success message. No guarantees this works, but something like:

veracrypt /v your_volume_name_here.tc /l x /a /p MyP@$$w0rd! /e /b

Loop this and rotate the password on each attempt. Stop when the mount was successful, and for god's sake make sure you log the found password somewhere so you don't have to do it all over again (bitter experience).

I've done this successfully with a GELI-encrypted drive (twice); it took a few days to complete each time, but I also had a smaller pool of candidates to work with than you do.

Ivan
  • 6,288
  • 3
  • 18
  • 22
  • Thanks a few days would be fine. Do I write this in the Windows command prompt? and do I have to write each password manually or can I use a txt file with all possible passwords to do it automatically and how? thanks again – user19 Feb 05 '19 at 04:11
  • Apologies for laughing at your bitter experience - it''s just the sort of thing that I would do (upvote) – Mawg says reinstate Monica Nov 06 '20 at 08:22
0

I would redirect you to either hashcat or johntheripper (google). And whether bruteforcing in your situation is feasible or not depends purely on strength of your password.

  • 2
    This answer could use some serious fleshing out. – Monica Apologists Get Out Feb 04 '19 at 21:04
  • I'd reccomend looking at this page: https://www.veracrypt.fr/en/Encryption%20Algorithms.html and adjusting your answer in order to suggest how to extract data or part of the disk in order to check if OP has the correct password. Maybe if you dig deeper into the docs or source code you can find something about how OP can check a password against the data – dGRAMOP Feb 04 '19 at 21:19
0

Just forgot my password too. I made a simple batch script (Windows):

@echo off
for /f "tokens=*" %%a in (word.list) do (
  echo ---[new check]---
  veracrypt /v {{full path to the encrypted file}} /l Q /a /p %%a /e /b /q /s
  echo Tring password:%%a
  if exist Q:\ ( echo PasswordWorks!!! ) else ( echo Wrong password...)
  veracrypt /d Q /s /q
)
 echo ---[Done]---

VeraCrypt Brute-force cracker

This is a very simple file that will help you recover a forgotten password for your VeraCrypt encrypted file. it works on windows only (I'm sure that with a some basic Bash knowladge you can translate it to linux too)

Instructions:

  1. Put the above script in VeraCrypt folder (name it VcCrack.cmd)
  2. Create a word list file (name it word.list) and put it in VeraCrypt folder
  3. Fill up the word.list with optional passwords (you can generate it if there are too many)
  4. Edit VcCrack.cmd: a. Make sure that Drive Q: isn't mounted already (or change the Q in lines 4,6,7 to a different drive) b. replace the {{full path to the encrypted file}} with the relevant full path
  5. run this command (in elevated command prompt): VcCrack.cmd >brute.log
  6. Go to do some stuff - the results will be in the log file when we finish trying all the options (about 5 seconds for an option - depends on the machine)

Example for output brute.log:

---[new check]---
TRY=123456789
Wrong password...
---[new check]---
TRY=foobar123456
PasswordWorks!!! 
---[new check]---
TRY=abcdabcd
PasswordWorks!!! 
---[new check]---
TRY=password6
Wrong password...
---[Done]---

Gist link: https://gist.github.com/YossiCohen/4336cc4e905ad3534f681082962377e8

yossico
  • 101
  • 1