New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Custom cracking algorithm #1730

Open
ricsirigu opened this Issue Oct 26, 2018 · 2 comments

Comments

Projects
None yet
2 participants
@ricsirigu

ricsirigu commented Oct 26, 2018

Hi everyone,

we are trying to add a new custom cracking algorithm to bruteforce a disk encrypted using the crypto apis on linux kernel 2.4
The algorithms we are going to use is Twofish with a key of 256 bits and the password is hashed with ripemd160.
I saw that Twofish and ripemd160 are already implemented in hashcat,

Could someone give us some pointers on where to put our hands in order to implement this new algorithm?

Thank you

@jsteube

This comment has been minimized.

Member

jsteube commented Oct 31, 2018

Which disk encryption are you talking about? Is that somehow different than the LUKS implementation we already have?

@ricsirigu

This comment has been minimized.

ricsirigu commented Oct 31, 2018

@jsteube yes, it's different. The encryption scheme used is the one before LUKS, using the cryptoapi of the 2.4 kernel.

The old disk can be mounted with the current kernel using the command

cryptsetup create --cipher twofish-cbc-plain --key-size 256 --hash ripemd160 crypted disk.raw

in our case we know that the encrypted data contains an ext3 file system and this information is useful to know if the tried password is a correct guess or not.

Decrypting 16 bytes at offset 600h in a ext2/ext3 file system should produce 16 bytes of 00h.

Unlike LUKS, that has an header with the information of the cipher used and the keys encrypted, in the 2.4 kernel there is no header but only raw data.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment