in this thread I´d like to announce an awesome Project around a Tool from Coder "IsNull", which I´m amazed of. As you might know, even to the most skilled security professionals might happen an error - simply because we´re humans. But what to do when the password to a TrueCrypt-Volume containing extremely important data has been completely forgotten? In this case, the data is probably lost. But those who still remember parts of the password do in fact have a chance to gain access again. How? Through brute-forcing the password using a dictionary-attack...
"What exactly is TrueCrypt?"
Wikipedia wrote:TrueCrypt is a software application used for on-the-fly encryption (OTFE). It is distributed without cost and the source code is available. It can create a virtual encrypted disk within a file or encrypt a partition or (under MS Windows except Windows 2000) the entire storage device (pre-boot authentication). Further information available HERE.
To sum it up, TrueCrypt is an extremely useful tool - provided one know how to correctly operate it...
"I forgot my password – is there any way ("backdoor") to recover the files from my TrueCrypt volume?"
Truecrypt FAQ wrote:TrueCrypt does not contain any mechanism or facility that would allow partial or complete recovery of your encrypted data without knowing the correct password or the key used to encrypt the data. The only way to recover your files is to try to "crack" the password or the key, but it could take thousands or millions of years depending on the length and quality of the password/keyfiles, on software/hardware efficiency, and other factors. If you find this hard to believe, consider the fact that even the FBI was not able to decrypt a TrueCrypt volume after a year of trying.
Like the FAQ of TrueCrypt tells you, not even the FBI has been able to decrypt one of the TrueCrypt-Containers, even after years of trying. Go figure. Those who were eager enough to search for a solution within Google will find numerous Threads and Posts about the topic - but very unlikely a satisfactory solution. Don´t even expect to get help in the TrueCrypt-Forums. And that´s exactly where I come into play:
Due to the fact that you do (hopefully) remember parts of your won password (or you might even remember the complete contents, but not the exact order of the characters), here´s what I recommend you to do:
1. Create a custom Wordlist using CRUNCH erstellen (A big THANKS goes out to developer "bofh28"!).
A really useful and throughly written manual to operate CRUNCH correctly is to be found HERE.
2. Download the supercool Tool true.crypt.brute from within the download section of SecurityVision.
3. Configure the settings (locate TrueCrypt, set the path to the Wordlist, TC-Container as well as the drive letter for the volume):
4. Now BRUTE it and get a steaming hot coffee in between. As always the rule applies: Your Fu is just as strong as your Wordlist. So pay attention and try to remember as many characters of the password as possible when generating your Wordlist.
The projects future:
- true.crypt.brute will be re-written in C#
- Project will be OpenSource and hosted on gitorious
- Solves some common problems
- Cross-platform-compatibility (.NET depended)
- Improvements of speed through usage of native code
- Multi-Thread BruteForce-Tasks for a maximum of speed
You´ve got questions regarding the tools? Please take a look at the true.crypt.brute-FAQ! Suggestions and possible Improvements in mind? Write a message to the coder "IsNull" ! DONATIONS for development of the project as well as usable feedback are explicitly welcome any time!
Good luck with this excellent tool!
Feel free to share further questions, usable critics and possible improvemend suggestions with me.