FM03 - 250pts

Briefing

Download the Veracrypt volume and find a way to get the flag. Contents: dir_volume
Challenge Files:

Solution

  1. 1.
    During the competition, a hint was emailed out that said the file for this challenge is a VeraCrypt encrypted volume since no one had solved the challenge after 24 hours.
  2. 2.
    We can try a brute force approach to decrypt the volume since no other files are provided, such as a memory dump of the system that could contain the password. More information about potential attacks can be found in the VeraCrypt User Manual (Internet Archive Link).
  3. 3.
    Brutefocing this volume is possible because the password is early in the rockyou.txt password list. My GTX 1060 Mobile GPU can do about 150 H/s without any configuration changes to hashcat.
  4. 4.
    The following modes are available in hashcat:
    1
    137XY | VeraCrypt | Full-Disk Encryption (FDE)
    2
    X | 1 = PBKDF2-HMAC-RIPEMD160 | Full-Disk Encryption (FDE)
    3
    X | 2 = PBKDF2-HMAC-SHA512 | Full-Disk Encryption (FDE)
    4
    X | 3 = PBKDF2-HMAC-Whirlpool | Full-Disk Encryption (FDE)
    5
    X | 4 = PBKDF2-HMAC-RIPEMD160 + boot-mode | Full-Disk Encryption (FDE)
    6
    X | 5 = PBKDF2-HMAC-SHA256 | Full-Disk Encryption (FDE)
    7
    X | 6 = PBKDF2-HMAC-SHA256 + boot-mode | Full-Disk Encryption (FDE)
    8
    X | 7 = PBKDF2-HMAC-Streebog-512 | Full-Disk Encryption (FDE)
    9
    Y | 1 = XTS 512 bit pure AES | Full-Disk Encryption (FDE)
    10
    Y | 1 = XTS 512 bit pure Serpent | Full-Disk Encryption (FDE)
    11
    Y | 1 = XTS 512 bit pure Twofish | Full-Disk Encryption (FDE)
    12
    Y | 1 = XTS 512 bit pure Camellia | Full-Disk Encryption (FDE)
    13
    Y | 1 = XTS 512 bit pure Kuznyechik | Full-Disk Encryption (FDE)
    14
    Y | 2 = XTS 1024 bit pure AES | Full-Disk Encryption (FDE)
    15
    Y | 2 = XTS 1024 bit pure Serpent | Full-Disk Encryption (FDE)
    16
    Y | 2 = XTS 1024 bit pure Twofish | Full-Disk Encryption (FDE)
    17
    Y | 2 = XTS 1024 bit pure Camellia | Full-Disk Encryption (FDE)
    18
    Y | 2 = XTS 1024 bit pure Kuznyechik | Full-Disk Encryption (FDE)
    19
    Y | 2 = XTS 1024 bit cascaded AES-Twofish | Full-Disk Encryption (FDE)
    20
    Y | 2 = XTS 1024 bit cascaded Camellia-Kuznyechik | Full-Disk Encryption (FDE)
    21
    Y | 2 = XTS 1024 bit cascaded Camellia-Serpent | Full-Disk Encryption (FDE)
    22
    Y | 2 = XTS 1024 bit cascaded Kuznyechik-AES | Full-Disk Encryption (FDE)
    23
    Y | 2 = XTS 1024 bit cascaded Kuznyechik-Twofish | Full-Disk Encryption (FDE)
    24
    Y | 2 = XTS 1024 bit cascaded Serpent-AES | Full-Disk Encryption (FDE)
    25
    Y | 2 = XTS 1024 bit cascaded Twofish-Serpent | Full-Disk Encryption (FDE)
    26
    Y | 3 = XTS 1536 bit all | Full-Disk Encryption (FDE)
    Copied!
  5. 5.
    Let's try mode 13722 since that is the default in VeraCrypt. Starting cracking with: hashcat -a 0 -m 13722 dir_volume /usr/share/wordlists/rockyou.txt.
    hashcat output:
    1
    dir_volume:redwings
    2
    3
    Session..........: hashcat
    4
    Status...........: Cracked
    5
    Hash.Type........: VeraCrypt PBKDF2-HMAC-SHA512 + XTS 1024 bit
    6
    Hash.Target......: dir_volume
    7
    Time.Started.....: Thu Apr 8 18:43:44 2021 (4 mins, 34 secs)
    8
    Time.Estimated...: Thu Apr 8 18:48:18 2021 (0 secs)
    9
    Guess.Base.......: File (/home/hhhgohn/Downloads/rockyou.txt)
    10
    Guess.Queue......: 1/1 (100.00%)
    11
    Speed.#1.........: 149 H/s (8.48ms) @ Accel:64 Loops:16 Thr:64 Vec:1
    12
    Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
    13
    Progress.........: 40960/14344384 (0.29%)
    14
    Rejected.........: 0/40960 (0.00%)
    15
    Restore.Point....: 0/14344384 (0.00%)
    16
    Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:499984-499999
    17
    Candidates.#1....: 123456 -> loser69
    18
    Hardware.Mon.#1..: Temp: 87c Util:100% Core:1835MHz Mem:3802MHz Bus:16
    19
    20
    Started: Thu Apr 8 18:42:40 2021
    21
    Stopped: Thu Apr 8 18:48:20 2021
    Copied!
    The password redwings is shown in the hashcat output.
  6. 6.
    We can mount the volume using VeraCrypt's GUI with password redwings. The flag is in Flag/flag.txt.

Flag

Copy link