We updated Elcomsoft System Recovery and Elcomsoft Forensic Disk Decryptor. Elcomsoft System Recovery can now create a bootable flash drive allowing experts boot macOS computers and extract data required to launch attacks on full-disk encryption. Elcomsoft Forensic Disk Decryptor receives support for VeraCrypt volumes.
We updated Elcomsoft System Recovery with support for macOS computers. With Elcomsoft System Recovery, experts can now create a flash drive to boot macOS computers. The bootable flash drive allows experts extract hashes from HFS+ and APFS-formatted FileVault 2 volumes to quickly initiate password attacks on encrypted volumes without imaging the whole drive.
We have also updated Elcomsoft Forensic Disk Decryptor with VeraCrypt extraction support. Elcomsoft Forensic Disk Decryptor helps extract hash data from VeraCrypt containers, and pre-configure password attacks by specifying the range of encryption and hashing options.
Elcomsoft System Recovery delivers support for HFS+ and APFS encrypted volumes on macOS computers, offering faster access to encrypted evidence compared to the traditional workflow. Once you boot the Mac or MacBook from the ESR flash drive, the tool will automatically detect full-disk encryption, extract and store the data that is required to brute-force passwords to encrypted volumes. Even if the keyboard and mouse are not available, the tool will start a countdown timer to capture the required hashes and store them on the bootable flash drive automatically.
Elcomsoft System Recovery makes it easy to process full-disk encryption by simply booting the macOS computer from a flash drive. The tool extracts and saves information required to brute-force passwords to encrypted HFS+ and APFS volumes.
VeraCrypt is the most popular successor to open-source disk encryption tool TrueCrypt. Compared to the original, VeraCrypt supposes a wider range of encryption methods and hash algorithms. In this update, Elcomsoft Forensic Disk Decryptor receives full support for VeraCrypt volumes, enabling experts extracting hash data from VeraCrypt containers to launch brute-force or smart dictionary attacks with Distributed Password Recovery.
Elcomsoft System Recovery 7.2 change log:
Elcomsoft Forensic Disk Decryptor 2.11 change log:
Read more• Read an article «Breaking VeraCrypt containers» in our blog