From: Milan Broz <gmazyland@gmail.com>
To: Volker Dormeyer <vd@d7informatics.de>, dm-crypt@saout.de
Subject: Re: [dm-crypt] How to attached a detached header?
Date: Wed, 17 Feb 2021 21:27:50 +0100 [thread overview]
Message-ID: <2afcb532-01e8-55f5-0535-64218dfbc2e4@gmail.com> (raw)
In-Reply-To: <9dc20f6a-e2eb-3f46-09fa-34060958c8d2@d7informatics.de>
On 17/02/2021 21:14, Volker Dormeyer wrote:
> Hi Milan,
>
> thank you for your explanation. See, my comments below.
>
> On 2/17/21 8:09 PM, Milan Broz wrote:
>
>> On 17/02/2021 19:12, Volker Dormeyer wrote:
>>> Hi all,
>>>
>>> I have a question. I have a detached header for a drive I created years
>>> ago, where I lost the password for. So, I plan to find the password with
>>> a brute-force attack. For this I have to attached the header again. I
>>> thought, this would result in problems - and it did. I build for testing
>>> purposes the whole situation in a VM. It seems I have to align the data
>>> offset somehow.
>> Why do you want to attach it to device for brute-force check?
>> Header should be enough to run it.
>
> Hashcat for example requires a bit more then simply the header. If you
> are interrested, you can read it here:
>
> https://hashcat.net/forum/thread-6225.html
>
> I proof it, it does not work by feeding it with the header file alone.
Ah, ok, if it uses known signature from the decrypted data disk to
check for the correct key, then yes, you need data there.
(And yes, it IS the correct way how to speed up brute-force, LUKS header key
digest is intentionally slow to exactly not allow easy brute-force just
with the header.)
>
>> You can use cryptsetup for it:
>>
>> cryptsetup luksHeaderRestore <data device> --header-backup-file <luks header>
>>
>> Or did I miss anything here?
>>
> It does work in my VM. I never thougth it would be that simple. That is
> the base to start my real brute-force work.
Why it should be more complicated than needed? :-)
It is simple, unless you are using some non-standard parameters.
(But even then it is quite easy to manually hack it.)
Thanks,
Milan
_______________________________________________
dm-crypt mailing list
dm-crypt@saout.de
https://www.saout.de/mailman/listinfo/dm-crypt
next prev parent reply other threads:[~2021-02-17 20:28 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-17 18:12 [dm-crypt] How to attached a detached header? Volker Dormeyer
2021-02-17 19:09 ` Milan Broz
2021-02-17 20:14 ` Volker Dormeyer
2021-02-17 20:27 ` Milan Broz [this message]
2021-02-18 9:49 ` Arno Wagner
2021-03-01 9:11 ` Volker Dormeyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2afcb532-01e8-55f5-0535-64218dfbc2e4@gmail.com \
--to=gmazyland@gmail.com \
--cc=dm-crypt@saout.de \
--cc=vd@d7informatics.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).