Abstract
When working as a forensic examiner, it is not uncommon to encounter encrypted files, entire partitions, or even devices. When that is the case, the encrypted data must be decrypted in order for the forensic expert to be able to examine it. The intent of this chapter is to provide the reader with a practical overview of the steps commonly involved in the process of cracking encrypted data. While know-how and experience may be the most important skills in successful cracking, everyone needs a good tool for assistance. As such, this chapter also presents and discusses the open-source tool Hashcat that can be used for the purpose of password cracking. The chapter will also present tools for creating custom wordlists which can be utilized by Hashcat. Thus, this chapter provides the reader with a practical implementation of the theoretical knowledge that was previously introduced.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Kävrestad, J., Birath, M., Clarke, N. (2024). Cracking. In: Fundamentals of Digital Forensics. Texts in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-031-53649-6_13
Download citation
DOI: https://doi.org/10.1007/978-3-031-53649-6_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-53648-9
Online ISBN: 978-3-031-53649-6
eBook Packages: Computer ScienceComputer Science (R0)