# FM03 - 250pts

## Briefing

> Download the Veracrypt volume and find a way to get the flag. Contents: dir\_volume

Challenge Files:

* [fm03.zip](https://github.com/HHousen/NCS-Competition/tree/e3a1ab990b675bd865fdddd9e5fa5cd7895b3b02/Forensics/FM03/fm03.zip)

## Solution

1. During the competition, a hint was emailed out that said the file for this challenge is a VeraCrypt encrypted volume since no one had solved the challenge after 24 hours.
2. We can try a brute force approach to decrypt the volume since no other files are provided, such as a memory dump of the system that could contain the password. More information about potential attacks can be found in the [VeraCrypt User Manual](https://www.veracrypt.fr/code/VeraCrypt/plain/src/Release/Setup%20Files/VeraCrypt%20User%20Guide.pdf?id=e6ebc63c665dfd38802f63ad8882f573e66cd208) ([Internet Archive Link](https://web.archive.org/web/20210408232357/https://www.veracrypt.fr/code/VeraCrypt/plain/src/Release/Setup%20Files/VeraCrypt%20User%20Guide.pdf?id=e6ebc63c665dfd38802f63ad8882f573e66cd208)).
3. Brutefocing this volume is possible because the password is early in the [`rockyou.txt` password list](https://github.com/danielmiessler/SecLists/blob/master/Passwords/Leaked-Databases/rockyou.txt.tar.gz). My GTX 1060 Mobile GPU can do about 150 H/s without any configuration changes to `hashcat`.
4. The following modes are available in `hashcat`:

   ```
    137XY | VeraCrypt                                        | Full-Disk Encryption (FDE)
       X  | 1 = PBKDF2-HMAC-RIPEMD160                        | Full-Disk Encryption (FDE)
       X  | 2 = PBKDF2-HMAC-SHA512                           | Full-Disk Encryption (FDE)
       X  | 3 = PBKDF2-HMAC-Whirlpool                        | Full-Disk Encryption (FDE)
       X  | 4 = PBKDF2-HMAC-RIPEMD160 + boot-mode            | Full-Disk Encryption (FDE)
       X  | 5 = PBKDF2-HMAC-SHA256                           | Full-Disk Encryption (FDE)
       X  | 6 = PBKDF2-HMAC-SHA256 + boot-mode               | Full-Disk Encryption (FDE)
       X  | 7 = PBKDF2-HMAC-Streebog-512                     | Full-Disk Encryption (FDE)
        Y | 1 = XTS  512 bit pure AES                        | Full-Disk Encryption (FDE)
        Y | 1 = XTS  512 bit pure Serpent                    | Full-Disk Encryption (FDE)
        Y | 1 = XTS  512 bit pure Twofish                    | Full-Disk Encryption (FDE)
        Y | 1 = XTS  512 bit pure Camellia                   | Full-Disk Encryption (FDE)
        Y | 1 = XTS  512 bit pure Kuznyechik                 | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit pure AES                        | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit pure Serpent                    | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit pure Twofish                    | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit pure Camellia                   | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit pure Kuznyechik                 | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit cascaded AES-Twofish            | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit cascaded Camellia-Kuznyechik    | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit cascaded Camellia-Serpent       | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit cascaded Kuznyechik-AES         | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit cascaded Kuznyechik-Twofish     | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit cascaded Serpent-AES            | Full-Disk Encryption (FDE)
        Y | 2 = XTS 1024 bit cascaded Twofish-Serpent        | Full-Disk Encryption (FDE)
        Y | 3 = XTS 1536 bit all                             | Full-Disk Encryption (FDE)
   ```
5. Let's try mode `13722` since that is the default in VeraCrypt. Starting cracking with: `hashcat -a 0 -m 13722 dir_volume /usr/share/wordlists/rockyou.txt`.

   `hashcat` output:

   ```
    dir_volume:redwings                              

    Session..........: hashcat
    Status...........: Cracked
    Hash.Type........: VeraCrypt PBKDF2-HMAC-SHA512 + XTS 1024 bit
    Hash.Target......: dir_volume
    Time.Started.....: Thu Apr  8 18:43:44 2021 (4 mins, 34 secs)
    Time.Estimated...: Thu Apr  8 18:48:18 2021 (0 secs)
    Guess.Base.......: File (/home/hhhgohn/Downloads/rockyou.txt)
    Guess.Queue......: 1/1 (100.00%)
    Speed.#1.........:      149 H/s (8.48ms) @ Accel:64 Loops:16 Thr:64 Vec:1
    Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
    Progress.........: 40960/14344384 (0.29%)
    Rejected.........: 0/40960 (0.00%)
    Restore.Point....: 0/14344384 (0.00%)
    Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:499984-499999
    Candidates.#1....: 123456 -> loser69
    Hardware.Mon.#1..: Temp: 87c Util:100% Core:1835MHz Mem:3802MHz Bus:16

    Started: Thu Apr  8 18:42:40 2021
    Stopped: Thu Apr  8 18:48:20 2021
   ```

   The password `redwings` is shown in the `hashcat` output.
6. We can mount the volume using VeraCrypt's GUI with password `redwings`. The flag is in `Flag/flag.txt`.

### Flag

`Us3_5tr0ng_P@55w0Rds!`


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ncs2021.haydenhousen.com/forensics/fm03.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.