[gentoo-user] [OT] Script to crack gpg passphrase
Mick
when one forgets the passphrase and has no revocation cert handy.
I am trying to come up with a script to crack the passphrase, but my
poor scripting ability (non-existent really) hampers my efforts.
Looking at google I ended up with this modified example:
=======================================
#!/bin/bash
#
# try all word in test.txt
for word in $(cat test.txt); do
# try to encrypt with $word passphrase
echo "${word}" | gpg --passphrase-fd 0 --no-tty -a --export
seckey.gpg -o file;
# if decrypt is successfull; stop
if [ $? -eq 0 ]; then
echo "GPG passphrase is: ${word}";
exit 0;
fi
done;
exit 1;
=======================================
The file test.txt has a list of passwords (one in each line, no
spaces) I am told 'sound like' the passphrase the user had set.
The output file is not created (therefore I assume that the script
does not work) but prints out the public key and only the first
passphrase in the list:
=======================================
$ ./crackgpg.sh
gpg: enabled debug flags: memstat
gpg: writing to stdout
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (GNU/Linux)
[snip ...]
-----END PGP PUBLIC KEY BLOCK-----
random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
outmix=0 getlvl1=0/0 getlvl2=0/0
secmem usage: 0/32768 bytes in 0 block
GPG passphrase is: sebpirleydrodujrem
=======================================
Any idea what I could use in the above script to make it try one word
at a time, not ask for confirmation and print the *successful*
passphrase word at the end? Any other scripting suggestions also
welcome.
--
Regards,
Mick
Paul Hartman
> This is less sinister than what it sounds, but nevertheless necessary
> when one forgets the passphrase and has no revocation cert handy.
>
> I am trying to come up with a script to crack the passphrase, but my
> poor scripting ability (non-existent really) hampers my efforts.
Haven't tried it, but Google led me to this:
Mick
Thanks Paul, it seems no longer maintained (compiled for 2.4 kernel and gcc3).
--
Regards,
Mick
fe...@crowfix.com
> Back to plan A. Any ideas how I can improve my script?
Do you have any guesses as to your passphrase or is it a total shot in
the dark, could be anything from one word to a poem?
Unless you can narrow it down tremendously, you're wasting time and it
will never be recovered.
--
... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._.
Felix Finch: scarecrow repairman & rocket surgeon / fe...@crowfix.com
GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933
I've found a solution to Fermat's Last Theorem but I see I've run out of room o
Mick
> On Tue, Apr 26, 2011 at 09:24:44PM +0100, Mick wrote:
> > Back to plan A. Any ideas how I can improve my script?
>
> Do you have any guesses as to your passphrase or is it a total shot in
> the dark, could be anything from one word to a poem?
>
> Unless you can narrow it down tremendously, you're wasting time and it
> will never be recovered.
There are some candidate passphrases. I tried them all with rephrase and all
the permutations that I could think of.
Now I am trying app-crypt/nasty, for brute force cracking, but I can't get it
to work. :-(
It keeps popping up my pinentry and asking me for my default key passphrase,
not the key I am trying to feed to it.
Is there a way to change that script I posted so that it a)takes the
passphrases from a file, or b)incrementally tries {a,b,...,z}, and/or capitals
and/or numbers?
--
Regards,
Mick
Mick
I'm making some good progress!
First I used the key to encrypt a file:
gpg -e file.txt
Then run this script to try to decrypt it:
==========================================
#!/bin/bash
#
# try all word in test.txt
for word in $(cat test.txt); do
# try to decrypt with word
echo "${word}" | gpg --passphrase-fd 0 -q --batch --no-tty --output
file_success.txt -d file.txt.gpg;
# if decrypt is successfull; stop
if [ $? -eq 0 ]; then
echo "GPG passphrase is: ${word}";
exit 0;
fi
done;
exit 1;
==========================================
This finds the passphrase and prints it out on the terminal. However, its
success depends on the dictionary file I use. Also, it's not particularly
fast ...
Any idea how I can create a dictionary file? I've used apg but it's <aheam!>
too random. :-)
I have been given something like 6 passphrases that may have been used. The
problem is that at the time of creation the passphrase was typed in
incorrectly (twice!) So I would need to use some method of generating a
dictionary with potential typos of these known passphrases (pretty much how
the rephrase application works). What is a good way to generate such a file
by imputing a range of candidate characters?
Finally, is there a way or parallelising the run so that it speeds up?
--
Regards,
Mick
Michael Orlitzky
> This finds the passphrase and prints it out on the terminal. However, its
> success depends on the dictionary file I use. Also, it's not particularly
> fast ...
>
> Any idea how I can create a dictionary file? I've used apg but it's <aheam!>
> too random. :-)
>
> I have been given something like 6 passphrases that may have been used. The
> problem is that at the time of creation the passphrase was typed in
> incorrectly (twice!) So I would need to use some method of generating a
> dictionary with potential typos of these known passphrases (pretty much how
> the rephrase application works). What is a good way to generate such a file
> by imputing a range of candidate characters?
>
> Finally, is there a way or parallelising the run so that it speeds up?
>
If you know the actual passphrase is "close" to some known passphrase,
read up on the concept of Levenshtein distance:
http://en.wikipedia.org/wiki/Levenshtein_distance
If you can define a function that computes all passwords of Levenshtein
distance 1 from a given password, then you can run that function twice
to get the password of distance 2,3... Three or four is probably a good
place to stop.
Then you can take those six known passwords, and compute all words of
distance 1,2,3 from all of them. Stick those in a list, and try them.