tag:blogger.com,1999:blog-8362173118972812468.post3291960261896359526..comments2023-10-08T01:10:12.400-07:00Comments on Delusions of Grandeur (NetSec) Blog: Cyber Defense Exercise 2013: Extracting cached passphrases in TruecryptAnonymoushttp://www.blogger.com/profile/11673717985142495697noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-8362173118972812468.post-66339520326512878832014-04-20T07:31:04.460-07:002014-04-20T07:31:04.460-07:00Great article, but hoping that you can clarify a c...Great article, but hoping that you can clarify a couple points. I was able to follow along with the posting and read the articles you discussed (RAM is key), but then got lost near the end.<br /><br />#1 - "but I just adjusted the bounds down until it worked:<br />>>> db(0xb205c000, 0x35000)"<br />-- Where does the 0x35000 come from? Did you start at 224128 and work down from there until something worked?<br /><br />#2 - "passphrase had not been chilling in plain sight"<br />--- Is the passphrase "truecryptpasswordsecure" ? (sorry, only plain site if you know what you are looking for)<br /><br />#3 - What was the O/S and what version of TrueCrypt was utilized?<br /><br />Once again, great article.Merriorahttps://www.blogger.com/profile/13658341060321775787noreply@blogger.comtag:blogger.com,1999:blog-8362173118972812468.post-24430082132828414412014-02-16T10:02:48.003-08:002014-02-16T10:02:48.003-08:00I didn`t understand anything in this but ok someon...I didn`t understand anything in this but ok someone will understandAnonymoushttps://www.blogger.com/profile/03200456238735693307noreply@blogger.com