Crack a VeraCrypt Volume Password with Hashcat

Introduction

VeraCrypt is a popular open-source tool for on-the-fly encryption. While it provides strong security, passwords can sometimes be the weakest link. Understanding how to test the strength of these passwords is a critical skill in security auditing and penetration testing.

In this lab, you will step into the role of a security analyst. You will first create an encrypted VeraCrypt volume with a password that follows a known pattern. Then, you will learn how to extract the necessary hash data from this volume. Finally, you will use Hashcat, a powerful password recovery tool, to perform a "mask attack" to crack the password. This process will give you hands-on experience with fundamental techniques used in digital forensics and ethical hacking.

Create a Small Encrypted VeraCrypt Volume

In this step, you will use the VeraCrypt command-line interface to create a new, encrypted file container. This container will act as our target for the password recovery exercise. We will intentionally use a simple password structure to demonstrate the effectiveness of a mask attack in later steps.

You will be guided through an interactive creation process. Please follow the instructions carefully.

First, run the command to create a new volume. The -t flag enables text mode, and -c stands for create.

veracrypt -t -c

The program will now ask you a series of questions. Respond to them as follows:

Volume Type: Press Enter to select the default Normal.
Volume Location: Type myvolume.hc and press Enter. This will create the volume file in your current directory (~/project).
Volume Size: Type 1M (for 1 Megabyte) and press Enter. A small size is sufficient for this lab.
Encryption Algorithm: Press Enter to select the default AES.
Hash Algorithm: Press Enter to select the default SHA-512.
Filesystem: Press Enter to select the default FAT.
Password: This is a critical step. For this lab, enter the password LabEx2024 and press Enter.
Re-enter Password: Enter LabEx2024 again and press Enter.
PIM: Press Enter to use the default (no PIM).
Keyfiles: Press Enter to skip using keyfiles.
Entropy Collection: The tool will ask you to type at least 320 random characters to generate cryptographic entropy. Just type random characters on your keyboard until the progress bar is full, and then press Enter.

After the final step, VeraCrypt will create the file. You can verify its creation with the ls command.

ls -l myvolume.hc

You should see output similar to this, confirming the file exists and its size is approximately 1MB.

-rw-r--r-- 1 labex labex 1048576 Dec 01 12:34 myvolume.hc

You have now successfully created an encrypted VeraCrypt volume.

Extract the First 512 Bytes as the Hash

In this step, you will extract the password hash from the VeraCrypt volume you just created. For standard VeraCrypt containers using hash algorithms like SHA-512 or RIPEMD-160, the necessary data for password verification is stored within the first 512 bytes of the volume file. Hashcat can use this data directly to perform a cracking attack.

We will use the dd command, a powerful utility for copying and converting data.

Use the following command to read the first 512 bytes from myvolume.hc and write them to a new file called veracrypt.hash.

if=myvolume.hc: Specifies the input file.
of=veracrypt.hash: Specifies the output file.
bs=512: Sets the block size to 512 bytes.
count=1: Specifies to copy only 1 block.

dd if=myvolume.hc of=veracrypt.hash bs=512 count=1

The command will execute and show a summary of the operation.

1+0 records in
1+0 records out
512 bytes copied, 0.00012345 s, 4.1 MB/s

Now, verify that the new hash file has been created and is exactly 512 bytes in size.

ls -l veracrypt.hash

The output should look like this:

-rw-r--r-- 1 labex labex 512 Dec 01 12:35 veracrypt.hash

You have successfully extracted the hash data that Hashcat will use for the attack.

Identify the Correct Hashcat Mode for VeraCrypt

In this step, you will learn how to find the correct "hash mode" for Hashcat. Hashcat supports hundreds of different hash types, and you must tell it exactly which type you are trying to crack. Each type is identified by a unique number.

Since we created our volume with AES encryption and the SHA-512 hash algorithm, we need to find the corresponding mode in Hashcat. You can do this by searching through Hashcat's help output.

Use the following command to display Hashcat's help information and filter it for lines containing "VeraCrypt". The grep -i command performs a case-insensitive search.

hashcat --help | grep -i veracrypt

The output will list all hash modes related to VeraCrypt.

...
13711 | VeraCrypt RIPEMD160 + XTS 512 bit                           | Operating System
13712 | VeraCrypt RIPEMD160 + XTS 1024 bit                          | Operating System
13713 | VeraCrypt RIPEMD160 + XTS 1536 bit                          | Operating System
13721 | VeraCrypt SHA512 + XTS 512 bit                              | Operating System
13722 | VeraCrypt SHA512 + XTS 1024 bit                             | Operating System
13723 | VeraCrypt SHA512 + XTS 1536 bit                             | Operating System
13731 | VeraCrypt SHA256 + XTS 512 bit                              | Operating System
13732 | VeraCrypt SHA256 + XTS 1024 bit                             | Operating System
13733 | VeraCrypt SHA256 + XTS 1536 bit                             | Operating System
13751 | VeraCrypt Whirlpool + XTS 512 bit                           | Operating System
13752 | VeraCrypt Whirlpool + XTS 1024 bit                          | Operating System
13753 | VeraCrypt Whirlpool + XTS 1536 bit                          | Operating System
...

Look through the list. Based on our choices in Step 1 (SHA512), the correct mode for our volume is 13721. You will use this mode number in the final step to tell Hashcat how to interpret the veracrypt.hash file.

Construct a Mask Attack for a Known Password Structure

In this step, you will construct a "mask" for a Hashcat attack. A mask attack is incredibly efficient when you have some knowledge about the password's structure. For our lab, we know the password is LabEx2024. Let's pretend we only know the structure: the word "LabEx" followed by four digits (like a year).

Hashcat uses special placeholders, or "charsets," to define a mask:

?l = a lowercase letter (a...z)
?u = an uppercase letter (A...Z)
?d = a digit (0...9)
?s = a special character (!, @, #, etc.)

Based on our assumed structure ("LabEx" + four digits), the mask would be LabEx?d?d?d?d. This tells Hashcat to try all combinations starting with the literal string "LabEx" and ending with any four-digit sequence from 0000 to 9999.

Let's do a dry run to see what passwords this mask will generate. The -a 3 flag specifies a mask attack, and --stdout tells Hashcat to print the generated candidates to the screen instead of performing a real attack.

hashcat --stdout -a 3 LabEx?d?d?d?d

This command will quickly print thousands of potential passwords to your terminal, starting with LabEx0000, LabEx0001, and so on, until it reaches LabEx9999. You can press Ctrl+C to stop the output at any time.

This confirms our mask is correctly constructed to include the target password, LabEx2024.

Execute the Attack to Recover the Volume Password

In this final step, you will combine all the pieces to launch the attack and recover the VeraCrypt volume password. You have the hash file (veracrypt.hash), the hash mode (13721), and the attack mask (LabEx?d?d?d?d).

Let's assemble the final Hashcat command:

-m 13721: Sets the hash mode for VeraCrypt (SHA512).
-a 3: Sets the attack mode to a mask attack.
veracrypt.hash: The target hash file.
LabEx?d?d?d?d: The password mask to use.

Now, execute the command in your terminal:

hashcat -m 13721 -a 3 veracrypt.hash LabEx?d?d?d?d

Hashcat will start. Since the password space is small, the attack should finish very quickly. You will see status updates, and then the final result.

...
Session..........: hashcat
Status...........: Cracked
Hash.Name........: VeraCrypt SHA512 + XTS 512 bit
Hash.Target......: veracrypt.hash
Time.Started.....: ...
Time.Estimated...: 0 secs
Guess.Mask.......: LabEx?d?d?d?d [9]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:  XXXXXX H/s (0.01ms) @ Accel:X Loops:X
Recovered........: 1/1 (100.00%) Digests
Progress.........: 10000/10000 (100.00%)
Rejected.........: 0/10000 (0.00%)
Restore.Point....: 10000/10000 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1
Candidates.#1....: LabEx0000 -> LabEx9999
Hardware.Mon.#1..: Util: 99%

veracrypt.hash:LabEx2024

All hashes have been recovered.
...

Success! The line veracrypt.hash:LabEx2024 shows that Hashcat has successfully recovered the password.

Hashcat automatically saves cracked passwords to a file called hashcat.potfile. You can view the recovered password anytime using the --show option:

hashcat -m 13721 --show veracrypt.hash

This will simply output the cracked hash and password again.

veracrypt.hash:LabEx2024

Congratulations, you have successfully cracked a VeraCrypt volume password using Hashcat!

Summary

In this lab, you gained practical experience in password security analysis by targeting a VeraCrypt encrypted volume.

You successfully performed the key steps of a password recovery process:

Created an encrypted container using VeraCrypt's command-line tools.
Extracted the 512-byte hash data required for an offline attack.
Used Hashcat's help system to identify the correct hash mode for your target.
Constructed and tested a targeted mask attack based on a known password structure.
Executed the attack to successfully recover the volume's password.

These skills are fundamental in the fields of ethical hacking and digital forensics, demonstrating how password policies and structures can be tested for weaknesses. Understanding these attack vectors is the first step toward building stronger defenses.