TrueCrypt password OTFBrutusGUI and possible bug

Discussion in 'encryption problems' started by Marc05, Jan 5, 2013.

Thread Status:
Not open for further replies.
  1. Marc05

    Marc05 Registered Member

    Joined:
    Oct 31, 2011
    Posts:
    8
    This program is my last chance at recovering important data, please help.
    I've forgotten which password pattern I've used for my TrueCrypt hidden container. I've ran what I'm sure are the only possible patterns, but OTFBrutusGUI didn't find anything. I ran a test scan on a test container to see if I was typing the pattern syntax correctly and I even saved the word list generated by the program (which contained the correct password as the first item). So, why did OTFBrutusGUI not detect the password? Here's what I did:

    TrueCrypt Container:
    Whirlpool | XTS | AES, Twofish, Serpent
    ---Outer Container---
    keyfile: yes (1)
    password (without quotes): "1234"
    ---Hidden Container---
    keyfile: no
    password (without quotes): " 1234~"

    OTFBrutusGUI settings:
    Whirlpool | XTS | AES, Twofish, Serpent

    ---Outer Container Tests [1]---
    keyfile: yes (same keyfile)
    pattern (without quotes): "(1234| |~){0-3:1}"
    ==results==
    Tried: 15
    Skipped: 25
    Total: 40
    Found: false
    ---Outer Container Tests [2]---
    keyfile: yes (same keyfile)
    pattern (without quotes): "1234"
    ==results==
    Tried: 1
    Skipped: 0
    Total: 1
    Found: true

    ---Hidden Container Tests [3]---
    keyfile: no
    pattern (without quotes): "(1234| |~){0-3:1}"
    ==results==
    Tried: 15
    Skipped: 25
    Total: 40
    Found: true

    Why did the first test fail? The password list generated contains "1234" as the first item, which is the correct password, yet OTFBrutusGUI returned a false-negative. My real password is somewhat more complex, and in hopes that the developer replies as he has before, I pose the following question:
    Can I combine both () and [] in the password pattern? For example:
    "(a|b|c){0-2:1}[x-z]{1}" to find the password "ayb"
    If not, how would I go about solving this?

    I would ask this at tateu.net but for some reason, I am not able to register an account due to my IP being blacklisted. I've tried different locations (with different ISPs) and have had no luck in registering an account. The message links to http://search.atlbl.com/search.php?q=IP.OMITTED and from what I can tell, that site is no longer working as intended. I'm guessing that the registration form is checking that site against known bad IPs and blocking everyone in the process.
     
  2. tateu

    tateu Registered Member

    Joined:
    Dec 10, 2010
    Posts:
    60
    Location:
    Los Angeles, CA USA
    The issue with "Outer Container Tests [1]" is definitely a bug, probably in my multithreading code. If I set it to 1 thread, it always finds the password. And it seems to only fail when the correct password is one of the first few items in a list. If I save your pattern out as a word list, move "1234" down a few rows and then rerun OTFBrutusGUI using the modified word list, it always works.

    I've never been happy with how I did the multithreading code but I don' really know how to do it correctly. I'll look into atleast fixing this bug, though. No promises on a time frame, maybe a week or three.


    Yes, you can combine both () and [] in the password pattern but "(a|b|c){0-2:1}[x-z]{1}" will not find "ayb." Each () or [] contains one character class and they are inserted only in the order in which you input them. You do not have a character class after "[x-z]{1}" so the last character in your generated password will always be x, y or z.

    If you want "ayb" you need something like:
    (a|b|c){0-2:1}[bx-z]{1-2}
    (a|b|c){0-2:1}[x-z]{1}(a|b|c){1}
     
  3. Hermann1871

    Hermann1871 Registered Member

    Joined:
    Feb 26, 2013
    Posts:
    2
    Tateu's website is down by one week. What's happened? I have no saved copy of OTFBrutus, is there a place where I can find it? Thanks.
     
  4. tateu

    tateu Registered Member

    Joined:
    Dec 10, 2010
    Posts:
    60
    Location:
    Los Angeles, CA USA
    I am moving my domain registrar and web host but I didn't realize it took 1-2 weeks to complete. I took the website offline, when I started the process, so I could make a complete backup of it and get it loaded on my new web host. And then I forgot about it when I had some issues getting my domain transferred. They said it should be up "soon." I'm not exactly sure "when" that is.

    In the meantime, you can get to the old software page now: http://www.tateu.net/software/
     
  5. Hermann1871

    Hermann1871 Registered Member

    Joined:
    Feb 26, 2013
    Posts:
    2
    I'm happy that your site is coming back. Thanks for your very good job!
     
Loading...
Thread Status:
Not open for further replies.