From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-122025-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1QFRrC-0002WJ-9i
	for garchives@archives.gentoo.org; Thu, 28 Apr 2011 14:06:14 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id BC65C1C013;
	Thu, 28 Apr 2011 14:04:36 +0000 (UTC)
Received: from mail-fx0-f53.google.com (mail-fx0-f53.google.com [209.85.161.53])
	by pigeon.gentoo.org (Postfix) with ESMTP id 649751C013
	for <gentoo-user@lists.gentoo.org>; Thu, 28 Apr 2011 14:04:36 +0000 (UTC)
Received: by fxm8 with SMTP id 8so2407624fxm.40
        for <gentoo-user@lists.gentoo.org>; Thu, 28 Apr 2011 07:04:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:in-reply-to:references:date
         :message-id:subject:from:to:content-type:content-transfer-encoding;
        bh=eZV934dPFPY0Ki1h/ySDmpQEGgmakVoOV6akG2N0bag=;
        b=dJp8Xcovwo3XSMXAj6eXaDuNRcKARp2w5f72tMV+faPDTQWZW2Y6sfJ5gWmJduFTtI
         yLAv9DfjzqxnPSyoGEhfwD9JqSDc+02wTfFJ5aWIHI1OaTybEQF9UflG0MQ8NWEeOgIj
         RSy4hkSmV16Ej99zt2c2t5ZUx6CXG1Fv7nlvg=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type:content-transfer-encoding;
        b=j5QWB8WvkdH+1JzkVJ5WxS/SL4hbR3Bn5WLIsNl85X+eo0qtvcjUz51cZEQfql54cm
         aXuptS5dbxrfpuxF4SMIylYuj0E4fWtadbMDGhAcvgL3kLyg10RqMsXyd27G/397Dm4G
         0YHULOh+zl0bmvCjkOeL3WLVUHLRYiWqE6zGQ=
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.223.127.210 with SMTP id h18mr808895fas.73.1303999475569; Thu,
 28 Apr 2011 07:04:35 -0700 (PDT)
Received: by 10.223.69.132 with HTTP; Thu, 28 Apr 2011 07:04:34 -0700 (PDT)
In-Reply-To: <201104271956.18941.michaelkintzios@gmail.com>
References: <BANLkTimDXVmyPYN7UAHi-ReeqGrnwtKP0g@mail.gmail.com>
	<201104262124.55281.michaelkintzios@gmail.com>
	<20110427181546.GA19893@crowfix.com>
	<201104271956.18941.michaelkintzios@gmail.com>
Date: Thu, 28 Apr 2011 15:04:34 +0100
Message-ID: <BANLkTi=UkxofbPrOZGVuyS3TWaBpPeMUkA@mail.gmail.com>
Subject: Re: [gentoo-user] [OT] Script to crack gpg passphrase
From: Mick <michaelkintzios@gmail.com>
To: gentoo-user@lists.gentoo.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 
X-Archives-Hash: ed6282c43654322a50f620042f08b597

On 27 April 2011 19:56, Mick <michaelkintzios@gmail.com> wrote:
> On Wednesday 27 April 2011 19:15:46 felix@crowfix.com wrote:
>> On Tue, Apr 26, 2011 at 09:24:44PM +0100, Mick wrote:
>> > Back to plan A. =A0Any ideas how I can improve my script?
>>
>> Do you have any guesses as to your passphrase or is it a total shot in
>> the dark, could be anything from one word to a poem?
>>
>> Unless you can narrow it down tremendously, you're wasting time and it
>> will never be recovered.
>
> There are some candidate passphrases. =A0I tried them all with rephrase a=
nd all
> the permutations that I could think of.
>
> Now I am trying app-crypt/nasty, for brute force cracking, but I can't ge=
t it
> to work. =A0:-(
>
> It keeps popping up my pinentry and asking me for my default key passphra=
se,
> not the key I am trying to feed to it.
>
> Is there a way to change that script I posted so that it a)takes the
> passphrases from a file, or b)incrementally tries {a,b,...,z}, and/or cap=
itals
> and/or numbers?

I'm making some good progress!

First I used the key to encrypt a file:

gpg -e file.txt

Then run this script to try to decrypt it:
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
#!/bin/bash
#

# try all word in test.txt
for word in $(cat test.txt); do

  # try to decrypt with word
echo "${word}" | gpg --passphrase-fd 0 -q --batch --no-tty --output
file_success.txt -d file.txt.gpg;

  # if decrypt is successfull; stop
  if [ $? -eq 0 ]; then

    echo "GPG passphrase is: ${word}";
    exit 0;

  fi

done;

exit 1;
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

This finds the passphrase and prints it out on the terminal.  However, its
success depends on the dictionary file I use.  Also, it's not particularly
fast ...

Any idea how I can create a dictionary file?  I've used apg but it's <aheam=
!>
too random.  :-)

I have been given something like 6 passphrases that may have been used.  Th=
e
problem is that at the time of creation the passphrase was typed in
incorrectly (twice!)  So I would need to use some method of generating a
dictionary with potential typos of these known passphrases (pretty much how
the rephrase application works).  What is a good way to generate such a fil=
e
by imputing a range of candidate characters?

Finally, is there a way or parallelising the run so that it speeds up?

--=20
Regards,
Mick