View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000145Kali LinuxNew Tool Requestspublic2013-03-19 18:432013-03-27 20:39
Reportersaberzaid Assigned ToWiK  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionno change required 
Summary0000145: TCHead
Description

TCHead is software that decrypts and verifies TrueCrypt headers. TCHead supports all the current hashes, individual ciphers, standard volume headers, hidden volume headers and system drive encrypted headers (preboot authentication).

Brute-force TrueCrypt : However, TrueCrypt passwords go through many iterations and are strengthened. Cracking them takes time. Very strong passwords will not be cracked. Also, in addition to trying multiple passwords an attacker must try each password against each combination of hash and cipher (assuming they do not know what these are beforehand). System encrypted hard drives use only one hash and cipher, so attacking those is faster.

Testing TCHead: Create a TrueCrypt volume using the default hash and cipher (RIPEMD-160 and AES), set the password to "secret", then run TCHead against it like this and it will decrypt the header (provided that the word "secret" is in the word list)
Command : TCHead -f name_of_volume.tc -P words.txt

Decrypt hidden volumes:
Command : TCHead -f name_of_volume.tc -P words.txt --hidden

Multiple passwords (brute-force): Create or download a list of words in a text file (one word per line) using words that you think are likely to decrypt the header, then run TCHead against it like this. If the correct password is found, the header will be decrypted:
Command : TCHead -f name_of_volume.tc -P words.txt

download:

http://16s.us/TCHead/downloads/

Activities

dookie

dookie

2013-03-19 19:40

reporter   ~0000142

Last edited: 2013-03-19 19:40

We already have truecrack in Kali. Is this tool better? How? Why?

http://docs.kali.org/kali-policy/penetration-testing-tools-policy
th3flyboy

th3flyboy

2013-03-22 23:10

reporter   ~0000190

Last edited: 2013-03-22 23:10

The point of TCHead is to detect/crack hidden volumes, I'm not sure if TrueCrack supports that.
WiK

WiK

2013-03-23 15:00

reporter   ~0000199

Truecrypt is more for 'usage'. TCHead is more of a tool for finding/attacking Truecrypt containers/volumes
WiK

WiK

2013-03-26 01:32

reporter   ~0000218

@th3flyboy I am having issues getting it to compile in kali or any newer version of ubuntu/debian. Have you been able to get it to compile successfully?
WiK

WiK

2013-03-27 20:39

reporter   ~0000252

After messing with this tool and realizing that truecrack is already in the repo, I'm closing this ticket

Issue History

Date Modified Username Field Change
2013-03-19 18:43 saberzaid New Issue
2013-03-19 19:40 dookie Note Added: 0000142
2013-03-19 19:40 dookie Assigned To => dookie
2013-03-19 19:40 dookie Status new => feedback
2013-03-19 19:40 dookie Note Edited: 0000142
2013-03-22 18:17 WiK Assigned To dookie => WiK
2013-03-22 18:17 WiK Status feedback => assigned
2013-03-22 23:10 th3flyboy Note Added: 0000190
2013-03-22 23:10 th3flyboy Note Edited: 0000190
2013-03-23 15:00 WiK Note Added: 0000199
2013-03-26 01:32 WiK Note Added: 0000218
2013-03-27 20:39 WiK Note Added: 0000252
2013-03-27 20:39 WiK Status assigned => closed
2013-03-27 20:39 WiK Resolution open => no change required