Wonder if there is a way to set up a dictionary attack on one…add to the list of projects I already don't have enough time for 😉
Hi!
Interesting topic, I will start researching on it as well.
Joel.
I imagine Passware will get involved in this at some point.
They are already using memory dumps to try to crack TrueCrypt and BitLocker encrypted containers.
Just out of curiosity, has anyone tried using Passware in conjunction with memory dumps?
I've been trying memory dumps from VMs against TrueCrypt volumes using the Passware Forensic Demo, but while one tab tells me that it found a password, another tells me it was unsuccessful…
I wish their demo would at least give the first couple of characters of the password so I could tell if it worked. For some reason when someone tells me they will sell me something that they swear works (but aren't willing to prove works) for $800, my BS alarm tends to go off. Maybe I'm just not a trusting kind of guy.
I give that go Douglas )
It's defiantly an interesting topic Joel but one I'm finding quite furstrating at the moment x
I'm testing VMware Workstation 7 . The application allows you to setup a password for the workstation which must be entered before it starts. Just about to check the vmem file to see if it stores the password.