Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 21 May 2015 14:30:11 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Recovering truecrypt pass-phrase with known keyfile

On Thu, May 21, 2015 at 1:36 PM, magnum <john.magnum@...hmail.com> wrote:
> On 2015-05-21 19:27, Dhiru Kholia wrote:
>>
>> On Thu, May 21, 2015 at 5:28 PM, Marek Wrzosek <marek.wrzosek@...il.com>
>> wrote:
>>>
>>> Lately I've been reading TrueCrypt User Guide and I'm curious. Is it
>>> possible to recover pass-phrase of truecrypt volume with known keyfile
>>> using JtR? If not, are there any plans of adding this to john in the
>>> future?
>>
>>
>> Seems to be simple enough,
>>
>> https://github.com/bwalex/tc-play/blob/master/crypto.c#L201
>
>
> I see nothing there. Isn't that part of the code using already decrypted
> keyfile data?
If I recall from TC's doc's it read the first 1024 bytes of the
keyfile and used that as the second part of the password.
<quote>
Any kind of file (for example, .txt, .exe, mp3, .avi) may be used as a
TrueCrypt keyfile. However,
we recommend that you prefer compressed files, such as .mp3, .jpg,
.zip, etc. Note that TrueCrypt
never modifies the keyfile contents. Therefore, it is possible to use,
for example, five files in your
large mp3 collection as TrueCrypt keyfiles (and inspection of the
files will not reveal that they are
used as keyfiles).

WARNING: If you lose a keyfile or if any bit of the first 1024
kilobytes of the keyfile is corrupted, it
will not be possible to mount any volume that uses the keyfile!
</quote>
I'll find my old versions and get some samples over to the wiki later
tonight if no one else does :) You can/could use key-files and no
password too.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.