Follow

PRTK TrueCrypt Attack

Created by: Herman Wong
Created date:
Last Updated date:

Question

How can I create a file from a volume encrypted with Truecrypt for PRTK/DNA to attack?

Answer

Depending on the type of Truecrypt data, either extract the first or last several kb of raw data, save to a file, and submit the file to DNA/PRTK.

E.g. Extract the first 64K of raw physical data from the boot disk, save it to a file and submit this file to DNA/PRTK. 

Specific Detail About Header Or Footer Data Needed

Amount of Header Data Needed For the Job:

64K for encrypted boot disks.

2K for DiskCryptor container files and encrypted physical partitions (except boot partitions).

1K for TrueCrypt and VeraCrypt container files and encrypted physical partitions (except boot partitions), unless the hidden volume job is selected, in which case 80K are needed.

For hidden volumes created by TrueCrypt versions earlier than version 6.0, the last 64K are needed.

 

Applies to

PRTK

DNA

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk