1
#!/usr/bin/env python3
2

3
#
4
# Author......: See docs/credits.txt
5
# License.....: MIT
6
#
7

8
from argparse import ArgumentParser, ArgumentTypeError
9

10

11
SALT_LENGTH = 64
12
DATA_LENGTH = 448
13
HEADER_LENGTH = SALT_LENGTH + DATA_LENGTH
14

15
SIGNATURE = "$veracrypt$"
16

17
BOOTABLE_OFFSET = 31744  # 62 * 512
18
HIDDEN_OFFSET = 65536  # 64K
19

20

21
def validate_offset(offset):
22
    # see also https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_do_i_extract_the_hashes_from_veracrypt_volumes
23
    if offset == "bootable":
24
        offset = BOOTABLE_OFFSET
25
    elif offset == "hidden":
26
        offset = HIDDEN_OFFSET
27
    elif offset == "bootable+hidden":
28
        offset = BOOTABLE_OFFSET + HIDDEN_OFFSET
29
    try:
30
        offset = int(offset)
31
    except ValueError as e:
32
        raise ArgumentTypeError("value is nether number nor allowed string") from e
33
    if offset < 0:
34
        raise ArgumentTypeError("value cannot be less than zero")
35
    return offset
36

37

38
if __name__ == "__main__":
39
    parser = ArgumentParser(description="veracrypt2hashcat extraction tool")
40
    parser.add_argument(
41
        "--offset",
42
        default=0,
43
        type=validate_offset,
44
        required=False,
45
        help="select between bootable, hidden, bootable+hidden or custom one (default: 0)",
46
    )
47
    parser.add_argument("path", type=str, help="path to VeraCrypt container")
48

49
    args = parser.parse_args()
50

51
    try:
52
        with open(args.path, "rb") as file:
53
            file.seek(args.offset)
54

55
            header = file.read(HEADER_LENGTH)
56

57
        if len(header) < HEADER_LENGTH:
58
            parser.error("file contains less data than needed")
59

60
        salt, data = header[:SALT_LENGTH], header[SALT_LENGTH:]
61

62
        hash = SIGNATURE + salt.hex() + "$" + data.hex()
63
        print(hash)
64
    except IOError as e:
65
        parser.error(e.strerror.lower())
66

67