Hey,
first, thanks for adding TC-support!
I want to try and compare the performance to my commercial apps, but Ive got a problem extracting the correct input hash for hashcats truecrypt boot mode. What is exactly necessary? I read "first 512 bytes of HD" or "severel MB of the HD" ... In the the fst sector I see nothing else than the (plain text) bootloader. Do you mean the first 512 bytes of the encrypted system partition? I can't imagine because as I know only the truecrypt header is encrypted with the users passwords; the partition is encrypted with the master key, which resides in the encrypted head, which resides not within the partition ... d'oh.
so... I would much appreciate if you could explain where to extract the hash![Smile]( "Smile")
thx & regards
first, thanks for adding TC-support!
I want to try and compare the performance to my commercial apps, but Ive got a problem extracting the correct input hash for hashcats truecrypt boot mode. What is exactly necessary? I read "first 512 bytes of HD" or "severel MB of the HD" ... In the the fst sector I see nothing else than the (plain text) bootloader. Do you mean the first 512 bytes of the encrypted system partition? I can't imagine because as I know only the truecrypt header is encrypted with the users passwords; the partition is encrypted with the master key, which resides in the encrypted head, which resides not within the partition ... d'oh.
so... I would much appreciate if you could explain where to extract the hash
thx & regards