Brute force truecrypt with a small known words dictionary?

Discussion in 'privacy technology' started by Mistermental, Sep 30, 2010.

Thread Status:
Not open for further replies.
  1. Mistermental

    Mistermental Registered Member

    Joined:
    Sep 30, 2010
    Posts:
    1
    Hi

    Like a complete chump I've come home and realised I've completely forgotten the password to one of my truecrypt volumes. I know for a fact that it could be one of a simple combination of words with maybe one or two simple letter substitutions and simple punctuation at the end or beginning of the password (literally a single . or @ at the beginning or end, I don't really go too complex)

    My question is what could I use to brute force these possible combinations? I know the password is made of a combination of 2 or 3 out of maybe 7 words, but I can't remember where I swapped the letters/numbers (just a vowel substitution so it narrows it down a lot) or where I put the punctuation (beginning or end of the sentence)

    IE, the password could be made of the words bear, lampshade, pirahna, wardrobe, speaker, mouse

    And they could be rendered as such

    .MouseSpeaker32
    @Bearlampshade.32
    P1rahnaWardr0be32.

    etc.

    There can't be that many combinations but I've tried as many as I can think of and I'm drawing a complete blank. You'd think with details that specific it would be easy but I'm stumped :(

    Thanks to anyone who has an idea for what I could use.
     
  2. crofttk

    crofttk Registered Member

    Joined:
    May 15, 2004
    Posts:
    1,976
    Location:
    Eastern PA, USA
    Depends on what tools you know how to use. Myself, I would generate a list of all possible combinations in an Excel spreadsheet using systematic concatenation of the elements. Then I would first review the list and see if any of them ring a bell, i.e., it clicks in your memory as "Oh yeah! That's what it was!". Failing that you then have the whole list to work through by trial and error.

    My two cents in the brute force realm.
     
  3. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    991
    Location:
    Hawaii
    Any relation to this thread?
    https://www.wilderssecurity.com/showthread.php?t=282121
    See my comments in that thread.

    A good masking password generator can help you write a wordlist you can use to brute-force your partially-forgotten password. I suggest you take a look at Password Generator Pro by Kristanix software, as this is a particularly flexible tool. It's not free, but the demo should give you an idea of how it works. You'll need to study it a bit to learn how to set up the appropriate character masks and link them to the user-defined custom dictionaries. Keep in mind that you may have to combine several runs in order to generate a complete wordlist. The resulting wordlist(s) can easily be plugged into a batchfile or some other bruteforcing tool and then run against your TrueCrypt container.

    You can also roll your own using custom text-manipulation scripts, but before any of this can be done you'll first have to write down a clear, logical explanation of all the various permutations of your possible password. Maybe if you study the Kristanix demo it will help to clarify your thinking.

    Keep in mind that if you can't narrow things down considerably then there might be too many possibilities to test. For example, a home PC would probably take several days to process a million passwords through a TrueCrypt brute-forcer.

    That is irrelevant to the current topic. The hidden volume's password is unaffected if the user accidentally overwrites his hidden volume by failing to enable the "hidden volume protection" feature, as the headers are stored outside the data area. After accidentally overwriting the contents of a hidden volume the user can still use his password to mount the volume, although its contents will be quite a mess.
     
  4. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    991
    Location:
    Hawaii
    I commented because you posted misleading information that might confuse the OP.
     
  5. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Just wanted to jump in here and make the point that the OP is an example of someone who really has forgotten his password. This is relevant to the recent debate about whether Police should have the authority to jail you if you don't give up encryption keys.
     
Loading...
Thread Status:
Not open for further replies.