Cracking truecrypt containers with truecrack
![](https://anarxus.com/wp-content/uploads/2020/08/truecrypt200px.png)
Truecrack is a software used to crack truecrypt containers using brute force or wordlist attack. It can be useful if you have created a truecrypt container and forgotten the password. The cracking speed depends on the computers CPU.
Syntax
truecrack -t [container path] [options]
Basic options :
-w [path] wordlist
-c “[characters]” charset for brute force
-s [number] minimum password length
-m [number] maximum password length
-v verbose mode
You can read Hydra’s documentation with the following command.
man truecrack
Example
For this example i have created a truecrypt container with the default options with a password ‘1234’.
![](http://192.168.1.210/wordpress/wp-content/uploads/2020/08/final0-2.png)
There are two ways to crack the container. One way is using a brute force attack and the other a wordlist attack. Lets try both.
Brute force attack
To brute force we are going to use the following command
truecrack -t sectet_container -c "1234" -s 4 -m 4 -v
Since we remember that the password contains the characters “1234” we will set the charset to “1234”, if you don’t remember the password at all then use a different charset eg. “qwertyuiopasdfghjklzxcvbnm”. The charset (sort for character set) is the list of characters used in the brute force attack.
![](http://192.168.1.210/wordpress/wp-content/uploads/2020/08/final1-2.png)
When you execute the command, truecrack will try every possible combination of characters that you entered in the charset.
![](http://192.168.1.210/wordpress/wp-content/uploads/2020/08/final2-2.png)
And the password is found.
Wordlist
To crack the container with a wordlist, we will obviously need a wordlist. For the purpose of this example, i have created a very small wordlist that contains the password.
![](http://192.168.1.210/wordpress/wp-content/uploads/2020/08/final3-2.png)
To crack the container with a wordlist use the following command
truecrack -t sectet_container -w wordlist.txt -v
![](http://192.168.1.210/wordpress/wp-content/uploads/2020/08/final4.png)
And the password is found.
Opening the container
You can open the container using truecrypt.
![](http://192.168.1.210/wordpress/wp-content/uploads/2020/08/final5.png)
And then you can view all the files within.
![](http://192.168.1.210/wordpress/wp-content/uploads/2020/08/final6.png)