LUKS1 headers - Errors and questions

[klango]

Hello guys,

this is related to the problem #656 I had before when trying to upload a 2,1MB LUKS1 headers described here: (https://github.com/s3inlc/hashtopolis/issues/656#event-4161912159)

I am using dd to extract the first 2097664 (2,1MB the exactly size of the example files listed here https://hashcat.net/misc/example_hashes/hashcat_luks_testfiles.7z ) including Luks1 sha256.

$sudo dd if=my_luks1_image.img of=my_luks1_headers.img bs=2097664 count=1 $hexdump -C -n 512 my_luks1_headers 00000000 4c 55 4b 53 ba be 00 01 61 65 73 00 00 00 00 00 |LUKS....aes.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 78 74 73 2d 70 6c 61 69 |........xts-plai| 00000030 6e 36 34 00 00 00 00 00 00 00 00 00 00 00 00 00 |n64.............| 00000040 00 00 00 00 00 00 00 00 73 68 61 32 35 36 00 00 |........sha256..| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 40 |...............@|

$ cryptsetup luksDump my_luks1_headers.img LUKS header information for my_luks1_headers.img

Version: 1 Cipher name: aes Cipher mode: xts-plain64 Hash spec: sha256 Payload offset: 4096 MK bits: 512 MK digest: 3f 99 fc a7 e2 83 3c be 84 ef 81 97 fc d7 b9 91 5a dc 04 f4 MK salt: 6d 51 6e 41 ed 55 ef 09 cf ac 01 99 55 93 d4 b0 88 3a 5c 0e c7 78 97 60 36 29 a1 a8 c7 2b 12 c2 MK iterations: 60014 UUID: 5fda21b9-b86e-4c9f-8ba7-bc7c387d9f94

Key Slot 0: ENABLED Iterations: 960234 Salt: f7 7e 6e dd 2c 7d b5 7f e7 c1 3f 4b 64 b7 91 15 bd 23 8a 80 b9 c2 48 59 ba 6f de c8 b8 47 a8 0b Key material offset: 8 AF stripes: 4000 Key Slot 1: DISABLED Key Slot 2: DISABLED Key Slot 3: DISABLED Key Slot 4: DISABLED Key Slot 5: DISABLED Key Slot 6: DISABLED Key Slot 7: DISABLED

When hashcating using a dictionary it works and cracks just fine. bruteforce-luks also works without any problems, meaning the headers are actually valid for bruteforcing. $ /opt/hashcat-6.1.1/hashcat.bin -a 0 -m 14600 my_luks1_headers.img my_dictionary.txt

The problem is when trying to add a task to hashtopolis using 14600 LUKS10. When uploading I get the error 'Required file does not exist' when trying to upload the my_luks1_header.img file. The file is locally on my Desktop. When importing the file directly to importfolder it imports but hashtopolis detects the total of 8026 hashes from this single file. When assigning to a task, a dictionary and an agent, it wont start, remaining in 0.00%. Agent logs shows: 'Speed benchmark failed' and gets automatically unassigned.

• Your current Hashcat version 0.12.0

Any ideas?

[s3inlc]

Thanks for providing such detailed information. I think there are two separate issues happening. When you try to upload via file it might be that you PHP upload limit is set too low. Did you make sure that the limit is high enough? (See https://github.com/s3inlc/hashtopolis/wiki/Server-Prerequisites) I assume you forgot to select that you add a binary hash when you tried to add it via import, as the 8000-ish hashes most likely resulted when Hashtopolis tried to split the hashes by newline characters in the binary file.

[klango]

Thanks for providing such detailed information. I think there are two separate issues happening. When you try to upload via file it might be that you PHP upload limit is set too low. Did you make sure that the limit is high enough? (See https://github.com/s3inlc/hashtopolis/wiki/Server-Prerequisites) I assume you forgot to select that you add a binary hash when you tried to add it via import, as the 8000-ish hashes most likely resulted when Hashtopolis tried to split the hashes by newline characters in the binary file.

Hi @s3inlc thanks for replying this. I did made sure that the php.ini is correct configured. Maximum upload is set to 3MB. I still get 'Required file does not exist'. As for the imported file, you are right, when importing it as a text it counts the lines as hashes but when selected as binary it wont recognize the hash and show 0 hashes. I will try to tackle the code myself and if I can get it fixed. If you want I can provide you with this header file so you can test yourself.

Best

[zyronix]

Closing old issue