iantho/VeraCryptPasswordHunter.py

## VeraCryptPasswordHunter.py
"""
The MIT License (MIT)

Copyright (c) 2025 Ian Thomas

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
"""

import os
import itertools
import subprocess

# SETTINGS ====================================================================

verbose_mode = False
max_combination_size = 3
password_components_file = "password_components.txt"
veracrypt_device = os.path.join("/", "dev", "rdisk4s1")
veracrypt_exe = os.path.join("/", "Applications", "VeraCrypt.app", "Contents", "MacOS", "VeraCrypt")
veracrypt_timeout = 3 # typically, if VeraCrypt hasn't finished quickly (e.g. 3 secs) it's probably the wrong password

# MAC ONLY ====================================================================

# VeraCrypt requires sudo privileges to run on macOS. To allow this script to
# run VeraCrypt without a password, add the following line to your sudoers file:

# e.g. Add the following to /etc/sudoers.d/sudoers:
# <username> ALL = NOPASSWD: /Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt

# FUNCTIONS ===================================================================

def read_password_components():

    if not os.path.exists(password_components_file):
        raise RuntimeError("Password components file not found: '%s'" % password_components_file )
    file = open( password_components_file, "r" )

    password_components = file.readlines()
    if not password_components:
        raise RuntimeError("Password components file is empty")

    password_components = list( map( lambda s: s.strip(), password_components ) ) # strip trailing newlines from each line
    print(f"Read {len(password_components)} password components: {password_components}")

    return password_components

def find_password_combination( password_components, combination_size ):

    print(os.linesep, f"Trying passwords of combination size {combination_size:d}...", os.linesep)
    product = itertools.product( password_components, repeat=combination_size )

    for prod in product:

        password = ''.join(prod)
        print(f"\tTrying password: '{password}'")

        veracrypt_command = ["sudo", veracrypt_exe, "--text", "--non-interactive", "--mount-options=ro", f"--password={password}", veracrypt_device]
        if verbose_mode:
            print("\t\t" + " ".join(veracrypt_command))

        try:
            completed_process = subprocess.run(veracrypt_command, capture_output=True, timeout=veracrypt_timeout, text=True)
            if verbose_mode:
                print("\t\t", completed_process)
        except subprocess.TimeoutExpired as ex:
            print(f"\t\tVeraCrypt timed out after {veracrypt_timeout} seconds - probably the wrong password, trying next password...")
            if verbose_mode:
                print(f"\t\t{ex}")
                if ex.stdout is not None:
                    print(f"\t\tStdout: {ex.stdout}")
                if ex.stderr is not None:
                    print(f"\t\tStderr: {ex.stderr}")
            continue

        if completed_process.returncode == 0:
            print(os.linesep + f"Password found: {password}")
            return True

        if completed_process.stderr:
            if "Incorrect password" in completed_process.stderr:
                continue
            else:
                raise RuntimeError(f"VeraCrypt error: {completed_process.stderr}")

    return False

def find_password():

    if not os.path.exists(veracrypt_device):
        raise RuntimeError(f"VeraCrypt device not found: '{veracrypt_device}'")
    print(f"Hunting VeraCrypt password for device '{veracrypt_device}'")

    if not os.path.isfile(veracrypt_exe):
        raise RuntimeError(f"VeraCrypt executable not found: {veracrypt_exe}")
    print(f"Using VeraCrypt here: {veracrypt_exe}")

    password_components = read_password_components()

    for i in range( 1, max_combination_size + 1 ):
        if find_password_combination( password_components, i ):
            return True

    return False

# MAIN ========================================================================

try:
    success = find_password()
    if success:
        print("Success!")
    else:
        print("Failed!")
except Exception as ex:
    print(f"Fatal Error: {ex}")
	"""
	The MIT License (MIT)

	Copyright (c) 2025 Ian Thomas

	Permission is hereby granted, free of charge, to any person obtaining a copy
	of this software and associated documentation files (the "Software"), to deal
	in the Software without restriction, including without limitation the rights
	to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	copies of the Software, and to permit persons to whom the Software is
	furnished to do so, subject to the following conditions:

	The above copyright notice and this permission notice shall be included in
	all copies or substantial portions of the Software.

	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
	IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
	AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
	LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
	OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
	THE SOFTWARE.
	"""

	import os
	import itertools
	import subprocess

	# SETTINGS ====================================================================

	verbose_mode = False
	max_combination_size = 3
	password_components_file = "password_components.txt"
	veracrypt_device = os.path.join("/", "dev", "rdisk4s1")
	veracrypt_exe = os.path.join("/", "Applications", "VeraCrypt.app", "Contents", "MacOS", "VeraCrypt")
	veracrypt_timeout = 3 # typically, if VeraCrypt hasn't finished quickly (e.g. 3 secs) it's probably the wrong password

	# MAC ONLY ====================================================================

	# VeraCrypt requires sudo privileges to run on macOS. To allow this script to
	# run VeraCrypt without a password, add the following line to your sudoers file:

	# e.g. Add the following to /etc/sudoers.d/sudoers:
	# <username> ALL = NOPASSWD: /Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt

	# FUNCTIONS ===================================================================

	def read_password_components():

	if not os.path.exists(password_components_file):
	raise RuntimeError("Password components file not found: '%s'" % password_components_file )
	file = open( password_components_file, "r" )

	password_components = file.readlines()
	if not password_components:
	raise RuntimeError("Password components file is empty")

	password_components = list( map( lambda s: s.strip(), password_components ) ) # strip trailing newlines from each line
	print(f"Read {len(password_components)} password components: {password_components}")

	return password_components

	def find_password_combination( password_components, combination_size ):

	print(os.linesep, f"Trying passwords of combination size {combination_size:d}...", os.linesep)
	product = itertools.product( password_components, repeat=combination_size )

	for prod in product:

	password = ''.join(prod)
	print(f"\tTrying password: '{password}'")

	veracrypt_command = ["sudo", veracrypt_exe, "--text", "--non-interactive", "--mount-options=ro", f"--password={password}", veracrypt_device]
	if verbose_mode:
	print("\t\t" + " ".join(veracrypt_command))

	try:
	completed_process = subprocess.run(veracrypt_command, capture_output=True, timeout=veracrypt_timeout, text=True)
	if verbose_mode:
	print("\t\t", completed_process)
	except subprocess.TimeoutExpired as ex:
	print(f"\t\tVeraCrypt timed out after {veracrypt_timeout} seconds - probably the wrong password, trying next password...")
	if verbose_mode:
	print(f"\t\t{ex}")
	if ex.stdout is not None:
	print(f"\t\tStdout: {ex.stdout}")
	if ex.stderr is not None:
	print(f"\t\tStderr: {ex.stderr}")
	continue

	if completed_process.returncode == 0:
	print(os.linesep + f"Password found: {password}")
	return True

	if completed_process.stderr:
	if "Incorrect password" in completed_process.stderr:
	continue
	else:
	raise RuntimeError(f"VeraCrypt error: {completed_process.stderr}")

	return False

	def find_password():

	if not os.path.exists(veracrypt_device):
	raise RuntimeError(f"VeraCrypt device not found: '{veracrypt_device}'")
	print(f"Hunting VeraCrypt password for device '{veracrypt_device}'")

	if not os.path.isfile(veracrypt_exe):
	raise RuntimeError(f"VeraCrypt executable not found: {veracrypt_exe}")
	print(f"Using VeraCrypt here: {veracrypt_exe}")

	password_components = read_password_components()

	for i in range( 1, max_combination_size + 1 ):
	if find_password_combination( password_components, i ):
	return True

	return False

	# MAIN ========================================================================

	try:
	success = find_password()
	if success:
	print("Success!")
	else:
	print("Failed!")
	except Exception as ex:
	print(f"Fatal Error: {ex}")
No results found