search

gcode-mirror / truecrack

Automatically exported from code.google.com/p/truecrack
GNU General Public License v3.0
0 stars 1 forks source link

character attack does not work ... #22

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?

I create a test Truecrypt file called test, and encrypt it with password set to 
"password". I then try to use the character attack approach:

1. nohup truecrack -t test -m16 -c paswd  -v > test.out 2> testErr.out &

What is the expected output? What do you see instead?

I would have expected that truecrypt would try every possible combination of 
the characters paswd up to 16 character long password, but it doesn't do that 
at all. Instead, the command finishes VERY quickly with the following output 
printed:

TrueCrack v2.5
Website: http://code.google.com/p/truecrack
Contact us: infotruecrack@gmail.com
1 - 0/5 >> p : NO MATCH
1 - 1/5 >> a : NO MATCH
1 - 2/5 >> s : NO MATCH
1 - 3/5 >> w : NO MATCH
1 - 4/5 >> d : NO MATCH
Found password: "p" of length "1", try "5" words.

Clearly, all it's doing is trying each character in the set as a single 
character password, and it's not trying any combinations at all.

What version of the product are you using? On what operating system?

RHEL 5, Truecrack Version 2.5 (compiled with enable-cpu=yes)

Please provide any additional information below.

The website seems to suggest there should be a "-s" option, to specify a lower 
bound on the password length, but the executable does not support that. It says 
that option is incorrect.

I also tried the dictionary approach, but that only works if the case sensitive 
word "password" is in the list. So, is this basically suggesting that the 
dictionary file is simply a list of all possible passwords you want to try? Is 
there some automated way of generating that given a set of characters? you know 
for a fact make up the password. Basically, a way to do what the character 
attack approach is supposed to do but to generate a dictionary file that 
truecrypt can search.

Original issue reported on code.google.com by bgmarch...@gmail.com on 28 Jan 2013 at 4:59

GoogleCodeExporter commented 9 years ago 
Sorry this should have been the command listed in my original question above:

nohup truecrack -t test -m8 -c pasword -v > bma.out 2> bmaError.out &

And here's the output:

TrueCrack v2.5
Website: http://code.google.com/p/truecrack
Contact us: infotruecrack@gmail.com
1 - 0/7 >> p : NO MATCH
1 - 1/7 >> a : NO MATCH
1 - 2/7 >> s : NO MATCH
1 - 3/7 >> w : NO MATCH
1 - 4/7 >> o : NO MATCH
1 - 5/7 >> r : NO MATCH
1 - 6/7 >> d : NO MATCH
Found password: "p" of length "1", try "7" words.

Original comment by bgmarch...@gmail.com on 28 Jan 2013 at 5:02

GoogleCodeExporter commented 9 years ago 
I suggest to use the latest svn version (v2.9), it implements the "-s" option.

truecrack -t volume -c pasword -m8 -v
TrueCrack v2.9
Website: http://code.google.com/p/truecrack
Contact us: infotruecrack@gmail.com

PWDSIZE - COMBINATION/MAXCOMBINATION >> PWD : RESULT
1 - 0/7 >> p : NO MATCH
1 - 1/7 >> a : NO MATCH
1 - 2/7 >> s : NO MATCH
1 - 3/7 >> w : NO MATCH
1 - 4/7 >> o : NO MATCH
1 - 5/7 >> r : NO MATCH
1 - 6/7 >> d : NO MATCH
2 - 0/49 >> pp : NO MATCH
2 - 1/49 >> ap : NO MATCH

or with "-s" option:

truecrack -t volume -c pasword -s6 -m8 -v
TrueCrack v2.9
Website: http://code.google.com/p/truecrack
Contact us: infotruecrack@gmail.com

PWDSIZE - COMBINATION/MAXCOMBINATION >> PWD : RESULT
6 - 0/117649 >> pppppp : NO MATCH
6 - 1/117649 >> appppp : NO MATCH
6 - 2/117649 >> sppppp : NO MATCH

Original comment by luck87 on 4 Feb 2013 at 10:42

GoogleCodeExporter commented 9 years ago

Original comment by luck87 on 10 Feb 2013 at 10:41