- Cracked (Free
TrueCrypt Password Cracking)
TCHead won two first place prizes at Defcon 20
Steps to submit the first 32,768 bytes of a hard drive
- dd if=image.bin of=32768.bin bs=32k count=1 OR
if=/dev/sdX of=32768.bin bs=32k count=1
- Email 32768.bin as an attachment to firstname.lastname@example.org
- If the password is cracked, it will be posted below along with
the sha1sum of 32768.bin
- You must be familiar with disk imaging. I cannot help you with
step 1. If you have done it correctly, the command strings
32768.bin | grep True will return TrueCrypt Boot Loader.
The file will also fail an entropy test (it will not be random).
Submissions that fail these tests are
automatically discarded. 95% of submitted files are incorrect and
thus rejected. Run the strings command (listed above) before
- This only works with system encrypted hard drives that have
been encrypted by TrueCrypt 7.0 or later.
- If you'd rather the cracked password not be posted below, I
will just email it to you.
- 32768.bin contains the first 32,768 bytes of a hard
- Strong passwords will not be cracked. It's not possible.
||sha1sum of 32768.bin