What software would allow me to crack TrueCrypt passwords when parts of it are known?

[BirdDad]

Containers not whole drives.
Preferably windows but I'll take what I can get.
For example the passwords are cascaded by Twofish/Serpent and a Whirlpool hash.
Example: don'tCumKnocking10105050HaGotYa%
where the unknown is two character injected between the 1010 and 5050
so if the unknown was L* would be: don'tCumKnocking1010L*5050HaGotYa%
Can someone please help me to do this?
Thank you.

 

[BirdDad]

All that I am trying to do is :
the password starts with don'tCumKnocking1010
then it is two characters which I do not know, I need to test for all of them
then the password ends with :
5050HaGotYa%
so it if the two characters are AB then :
don'tCumKnocking1010AB5050HaGotYa%
would be the complete password.
Is there an easy way to do this?
Thank you

 

[matricks]

It depends. Do you find scripting easy? I'm not sure there is a ready-made tool to do this, but it doesn't seem to difficult. An obstacle would be if Truecrypt dialogs have some "defenses" against automated guessing.

For this kind of thing, I would do it with AutoIt. Automating manual operations in Windows is what it's designed to do. Of course, most languages can do this, but it seems like an excellent tool for the job. Basically, what you want to do:

1. Define all the possible characters that you will be guessing (AaBbCcDd...)
2. Iterate over all the characters in step 1 to create a list of all possible two-character combinations.
3. Wait for the Truecrypt password dialog to appear.
4. When it appears, enter the first known sequence, followed by the first character combination to try, followed by the second known sequence.
5. Test if successful (I don't use Truecrypt, but just make a new container to check what dialogs appear/do not appear on success/failure.
6. Repeat steps 3-5 until successful.
7. Display and save the successful passphrase.

Enhancements would be to save tested passphrases and being able to load them at start, so you can continue where it stopped if that happens.

 

[BirdDad]

Are you saying that I would have to enter the 1st known + the unknown guess + the 2nd known every time?
I tried this with copy and paste, I didn't get very far.
Thank you.

 

[matricks]

No, that's what the script is supposed to do. You write an AutoIt script to perform the numbered steps, then set it to run and wait for it to finish. Here's a start:

; Some definitions
Local $firstpart = don'tCumKnocking1010
Local $lastpart = 5050HaGotYa%
Local $possibleChars = "AaBbCcDdEeFf"
Local $possibleCharsArray = StringSplit($possibleChars)
Local $possibleCombos[UBound($possibleCharsArray)^2]

; Generate the possible combinations
Local $currentIndex = 0
For $firstChar In $possibleCharsArray
  For $secondChar In $possibleCharsArray
    $possibleCombos[$currentIndex] = $firstChar & $secondChar
  Next
Next


For $combo In $possibleCombos
  WinWaitActive("My Truecrypt container passphrase dialog")
  Send($firstpart & $combo & $lastpart) ; type entire passphrase into field
  Sleep(200) ; wait a little
  Send({ENTER}) ; press Enter 
  
  If WinExists("Truecrypt container opened!") ;if opening was successful, inform & break loop
    MsgBox("The passphrase was " & $firstpart & $combo & $lastpart)
    ExitLoop()
  EndIf ; If not successful, will try next combo
Next

It needs some adaptation to how Truecrypt actually works, because I don't use it. $possibleChars also needs to actually contain every possible character to be tested. I haven't actually run this through AutoIt either to check for syntax and such, but from memory and the reference it looks right.

 

[John Connor]

I have a program that will I think do this. I'll have to search for it. I'm on my laptop atm and it's on the desktop.

 

[BirdDad]

Thanks John Connor

 

[John Connor]

Okay, will search for it. If I find it I'll give you a PM. Like I said though it might not do what you want. I do know it brute forces.