I own a TrueCrypt container and I can't open it. I remember part of its password. So I want to bruteforce attack on it. I tried many parameters in oclHashCat but none worked (parameter problem). Can someone tell me please; how to pass correct parameters to oclHashCat to bruteforce my password?
Thank you
This is a good starting point to learn how the Mask Attack from oclHashcat works: https://hashcat.net/wiki/doku.php?id=mask_attack
You need to add the commandline-parameter -a 3 so hashcat knows your going to use a mask attack.
Hashcat comes with some predefined mask's (you can define your own also):
?l = abcdefghijklmnopqrstuvwxyz
?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
?d = 0123456789
?s = «space»!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
?a = ?l?u?d?s
?b = 0x00 - 0xff
Example:
Lets take this as the password you are looking for: PASSWDfA89
You remember the PASSWD part but you didnt remember the other part: fA89
We see that the fA89 part has lowercase and uppercase letters and numbers,
then we need this mask: ?l?u?d, but hashcat doesnt have it predefined so we need to use a custom mask.
For this, we need to add another commandline-parameter: -1 [CUSTOM MASK HERE]
The custom mask permits us to create our own charsets (up to 4) but we only need one.
The custom charset should look like this: -1 ?l?u?d
At the end, our command should be something like:
./oclHashcat-plus64.bin -m 6211 test.tc -a 3 -1 ?l?u?d PASSWD?1?1?1?1 -n 32 -u 2000
This is the important part: -a 3 -1 ?l?u?d PASSWD?1?1?1?1
