Trying to brute force TrueCrypt

Yes, I was operating under the assumption that this was his exact assembly pattern (including the nulls), based on the descriptions and the examples he posted. I realize that his descriptions might not be complete, but I was just going with it.

Hey, was that your avatar that went up on the space shuttle yesterday? He looks a little wild. Let's hope he behaves himself!

 

A dedicated null character would be great! But using printable ASCII characters might interfere with a password search. Perhaps we could enter it via Alt+Numeric keypad. It's already possible to enter a special character into the password pattern (e.g. Alt+0134 = †) and you can then generate the wordlist and replace them with nothing, but that's a lot of extra work.

 

Actually, now that I think about it, there are a lot of tricks that could be used to signify the inclusion of a null character.

For instance:

(....){.} or [...]{.} to signify no null character inclusion

and

((....)){.} or [[....]]{.} to signify a null character inclusion.


So, it probably doesn't have to be a specific character, but it could be useful.

 

Anything with a backslash in front of it can turn into a special character. The backslash is an escape character. In the current version, if you want a \ character to be part of you password pattern you have to escape it with \\. So if you really wanted your password pattern to contain \0 you would actually have to enter \\0. This is why I suggested just \0 as the null character. **null** or a special alt num pad character could easily be implemented too. I just thought \0 would be easier/shorter for the user...

And it looks like I should have the Save Word List function ask you if you want to overwrite a file that already exists...ooops.

I do not know of any off hand. OTFBrutus's main purpose, though, is not really to brute force random TC containers but, instead, to brute force your own container with a partially forgotten password using a custom generated list based on what you remember. There's a good Python regex based generator script floating around the Net and OTFBrutus has its own, less functional, but still mostly usable regex based generator.

 

Okay.

I noticed that. Perhaps you could also include an option to append to the end of an existing text document as well. That way, you don't have to try multiple files if you have multiple runs of your generator.

 

Is that true for the | character as well? I noticed that it doesn't show up in the wordlist results, even when used as a character in a string pattern, e.g. (s1|s2|s3||)

 

Hey, if it's okay, I'd like to suggest something else as well.

Right now, this is the input format:

(red|blue|black|yellow|alpha|omega|zeta){2}


How about something like this as well:

(red|blue|black|yellow|alpha|omega|zeta){2-4;6}


Using this format, you could say I want to generate 2,3,4, and 6 string patterns.

Sorry if it seems like too many suggestions, but your program is close to perfect already. Just thought I'd add a few suggestions.

 

Dantz, if my password was "Password" with a forgotten number between 0 and 999 after it (password1, or password 900), instead of entering all of them into a dictionary file, could I use a password pattern, and what would it be?

 

I don't mind the suggestions at all. I welcome them. It's always good to have other people to toss ideas around with.

I tried that one a few months ago, though. I just can't figure out the programming logic to implement it. I'd love to use a library such as pcre (Perl Compatible Regular Expressions) and have it "generate" the password list similar to how it is used to search a document for string matches.

That's another feature (character sets) I need to figure out how to add. If my generator was more complete you could use
password[1-900]{1}
but that feature is not currently supported.

Currently, you will have to employ some of dantz's trickery to accomplish it.
I think using three separate generators will get you there (with a few extra passwords for your trouble)
password(0|1|2|3|4|5|6|7|8|9){1}
password(0|1|2|3|4|5|6|7|8|9){2}
password(0|1|2|3|4|5|6|7|8|9){3}

 

I'm not looking at the code right now...but I believe it is true for all of the following special characters:
\ ( ) [ ] |

If you want them to be part of your pattern then you need to escape them
\\
\(
\[
etc.

 

The null character as \0 has been added and I am currently testing it. It seems to work, so far. Expect a new version sometime in the coming days...

And I found a nice perl script from 2003 to generate a list of strings from a regex. Here is the forum thread where it was mentioned:
http://www.perlmonks.org/index.pl?node_id=284513

The link is posted in the 2nd to last message from the above discussion by CombatSquirrel (Hermit) on Aug 18, 2003 at 16:17 UTC and leads here:
http://www.perlmonks.org/index.pl?node_id=284626

 

I'm still not sure if the new features are 100% stable, but, if anyone wants to give it a go:
http://www.tateu.net/software/dl.php?f=OTFBrutusGUI_beta

The download contains the 32 bit exe, the 64 bit exe and source code.

Changes are as follows:

Code:

0.1.0.6    2011-02-26
	Added \0 to be used as a null character in password pattern generator
		This will generate some duplicate values, as seen in the example below, but it does allow you to generate variable length passwords
		[12\0]{3} will generate
			111 112  11 121 122  12  11  12   1 211 212  21 221 222  22  21  22   2
	Added option to password generator to limit the number of duplicated characters in a password section
		[12\0]{3:2} will generate a 3 character password with a max of 2 duplicated characters
			    112  11 121 122  12  11  12   1 211 212  21 221      22  21  22   2
	Added Fileoverwrite confirmation to Save Word List

0.1.0.5    2010-12-19
	Slightly increase speed of saving custom password pattern to a word list file
	Added associated Drive Letter to Select Devices Dialog
	Added code to compile x86 (32 bit) and x64 (64 bit) versions.
		RipeMD, SHA512 and SHA1 are 12-15% faster on a Dual XEON X5550 but Whirlpool is 12% slower

 

I'm impressed by how quickly you did that.

I had a response which I subsequently deleted because I realized I made a mistake. I'm currently trying to work out how to both use the null character and still limit duplicates, both new features that you added.

One of the benefits of the null is that you can fill any position with it. The benefits of limiting the duplicates is obvious.

But what if you want to limit duplicates but still allow the null character to duplicate? I'm still trying to grasp that aspect.

But good work.

Edit: I hope I didn't lead you down the wrong path with the null character inclusion.

 

Okay, I'm trying to gauge the program by trying to solve a problem we've been working on, namely piotreg's problem.

By assuming that piotreg had no string duplications in his password, I initially tried this:

(s1|s2|s3|s4|s5|s6|s7|^|@| |\0){5:1}

And I got back 50,400 possible passwords, which I thought was a huge improvement over the 161,051 that we previously had by allowing duplicates.


Then I realized that I wasn't getting any fewer than 4 string passwords, when we should have been going down to 2. So, I tried this:

(s1|s2|s3|s4|s5|s6|s7|^|@| |\0|\0|\0){5:1}

I think this is it. By allowing 3 null characters with no duplicates of any other strings, we get 2 string to 5 string passwords. And we're down to 118,800 possible passwords, which is nearly 30% less.

And the null character seems to work well, as far as I can tell.

So, correct me if anything I've done seems wrong.

 

Also, by doing this:

(s1|s2|s3|s4|s5|s6|s7|^|@| ){5:1}
(s1|s2|s3|s4|s5|s6|s7|^|@| ){4:1}
(s1|s2|s3|s4|s5|s6|s7|^|@| ){3:1}
(s1|s2|s3|s4|s5|s6|s7|^|@| ){2:1}

You get 36,090 possible passwords. By not allowing duplicates, you get a huge improvement over the 111,100 possible passwords when you had no choice but to allow duplicated.

So, it seems like great work all around.

 

hmm, yes. Good catch. I didn't think about the fact that the null character also gets limited in that way. I can easily remove it from the duplicate checking function.

Avoiding the null character and using separate passes like you have above is probably the best solution. The way I implemented the null character causes a lot of duplicate password strings to be tried. I haven't thought of a better way to do it but I figured it might be useful in some situations. I don't know how to keep track of and eliminate duplicate password values.

When using the null, the password may be created in several different ways that all result in the exact same value:
123\04 and 1\0234 both evaluate to 1234 when you delete the null (\0).

 

I initially thought that removing the duplicate checking from the null would be the best way to go, but there is also some benefit from being able to specify the number of nulls. For instance, if I wanted to go from 3 string passwords to 5, I would include 2 nulls instead of 3.

Something to consider. It could go either way, but it's not really a huge deal to specify extra null characters.


EDIT:

I agree, and I can't think of any way to solve it either at this time.

 

I initially sent this message as a PM to tateu, but I figured there's no problem posting it.

I was thinking that if you're ever able to get a variable number of strings/characters in a password, it would probably make the null character useless.

For instance, looking at dantz technique:

[^@ \0]{1}(s1|s2|s3|s4|s5|s6|s7){1}[^@ \0]{1}(s1|s2|s3|s4|s5|s6|s7){1}[^@ \0]{1}


The null character was useful in that you could say take either zero or one of the following characters: [^@ ]

But if you could somehow specify that without using the null, it would probably make the null useless.

For instance:

[^@ ]{0-1}(s1|s2|s3|s4|s5|s6|s7){1}[^@ ]{0-1}(s1|s2|s3|s4|s5|s6|s7){1}[^@ ]{0-1}

Using dantz example, the utility of being able to choose the number of characters becomes obvious, because he's doing multiple of these in one pass of the generator.

In my example, the choice of number of strings/characters is less useful, but the way dantz does it, it could be very useful.

I know you said you had trouble figuring out how to do it, but if you ever do, you could probably take out the null with no problems.

 

I agree. Hopefully, one of these nights I'll wake up at 3 or 4am, rush to the computer and quickly type in a genius formula to handle it before it fades away...

And I just found a bug with the new null character...I was trying to cut down some of the duplicates but, evidently, I cut out some valid values also. It's probably better to end up trying some duplicate passwords instead of skipping some valid ones.

With:

(a1|a2|\0){1}(b1|b2){1}

you would expect to end up with:
a1b1 a1b2 a2b1 a2b2 b1 b2

but v0.1.0.6 throws away all passwords that begin with a null and only gives you:
a1b1 a1b2 a2b1 a2b2

Fixed (I think) in v0.1.0.7, available at the same link:
http://www.tateu.net/software/dl.php?f=OTFBrutusGUI_beta

 

Me confused.

Tried this again:

(s1|s2|s3|s4|s5|s6|s7|^|@| |\0|\0|\0){5:1}

But I got 154,440 this time, which is really no major improvement over:

(s1|s2|s3|s4|s5|s6|s7|^|@| |\0){5}

I think there's some problem with repeating the null character. But it's sleepy time. My brain's already asleep.


I hope we didn't scare off piotreg. I'm almost certain between dantz, tateu, and myself, we can generate a good password list for you if your memory of your password construction and strings is correct.

 

Yes, it looks like the null character is not stable at all. Back to the drawing board I go...

 

Ha ha.

Keep in mind that I'm half asleep, but I think you were right when you said you needed to remove the duplicate checking from the null character.

By adding additional null characters, I think you're just increasing the possible password count.

Sorry, I think it was my bad.

 

I've been mostly tied up for the past couple of days, but I'm finally starting to get some free time, so soon I'll be able to try out the new features. Actually, I'm quite excited about it.

 

Well, I'm still not happy about how the null character is working, but I removed it from the duplicate string checking code and it seems better...fingers crossed.

(s1|s2|s3|s4|s5|s6|s7|^|@| |\0){5:1}
returns 63590 passwords of varying length from 1 to 5 with each string/character (except for null) limited to 1 per password.

v0.1.0.8 at the same link as before:
http://www.tateu.net/software/dl.php?f=OTFBrutusGUI_beta

and if you want the older versions for comparison:
http://www.tateu.net/software/dl.php?f=OTFBrutusGUI_v0.1.0.6a_beta.7z
http://www.tateu.net/software/dl.php?f=OTFBrutusGUI_v0.1.0.7a_beta.7z

 

Hey, I'll test it out some more, but I think you've probably worked the kinks out. And it's a totally optional character. No one has to use it.

Besides, it's a very reasonable number of possible passwords for piotreg, and it never hurts to be able to give someone a single line that will generate a text file that will almost certainly contain their password in it.

p.s. Something didn't quite sit right with me when I initially said just add more null character, and I had a feeling something was wrong with it, but it turns out that the previous bug that you fixed probably gave an artificially low number of possible passwords with adding extra null characters. So, they sort of cancelled out, and I just got lazy in terms of thinking about it. But I think you have it right now.