From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QEj9g-0004Z0-DC for garchives@archives.gentoo.org; Tue, 26 Apr 2011 14:22:20 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 519F61C00C; Tue, 26 Apr 2011 14:20:47 +0000 (UTC) Received: from mail-fx0-f53.google.com (mail-fx0-f53.google.com [209.85.161.53]) by pigeon.gentoo.org (Postfix) with ESMTP id E01CF1C00C for ; Tue, 26 Apr 2011 14:20:46 +0000 (UTC) Received: by fxm8 with SMTP id 8so592076fxm.40 for ; Tue, 26 Apr 2011 07:20:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:date:message-id:subject:from:to :content-type; bh=ltb3Qm0+8ttm2Yb6xnfRWVjI4eyZ/QgRMJTrdTYPLZI=; b=D+IBpLvCKChv8WJ2Y9JRdVLDOhocfGrT7bbTFYhjqTE+U5LVaEI3hpouyIXDYWcrlb uyc+pev8dsNjjCg1AluX87iGwfgVp8vlkdCIOcJGBsMicQTfT7o0rmiR6Eto9DdNmL2n YMs7QzGIz+wVpV4Zrj/26dY1hxa8FRGVHAVFk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=xyxwTrQZKYT4hunqTLngTi903QJQVsDPrFcF0dcvKmCUOTwiCTyEr63/GKY2EtQ/I4 fYiUMwyX9VL+SWhiopL36X3yX/ORq+yvC1oJD7uXCaPbPByOWI9P053eE61+Wu3pDLhA 3eXxxOt0nOTReMc/J9qkcqiPNVm9kpkst9H8k= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.223.6.198 with SMTP id a6mr896701faa.130.1303827645338; Tue, 26 Apr 2011 07:20:45 -0700 (PDT) Received: by 10.223.69.132 with HTTP; Tue, 26 Apr 2011 07:20:44 -0700 (PDT) Date: Tue, 26 Apr 2011 15:20:44 +0100 Message-ID: Subject: [gentoo-user] [OT] Script to crack gpg passphrase From: Mick To: gentoo-user Content-Type: text/plain; charset=ISO-8859-1 X-Archives-Salt: X-Archives-Hash: 493ffaee3bbed447cbdb858fe28bd892 This is less sinister than what it sounds, but nevertheless necessary when one forgets the passphrase and has no revocation cert handy. I am trying to come up with a script to crack the passphrase, but my poor scripting ability (non-existent really) hampers my efforts. Looking at google I ended up with this modified example: ======================================= #!/bin/bash # # try all word in test.txt for word in $(cat test.txt); do # try to encrypt with $word passphrase echo "${word}" | gpg --passphrase-fd 0 --no-tty -a --export seckey.gpg -o file; # if decrypt is successfull; stop if [ $? -eq 0 ]; then echo "GPG passphrase is: ${word}"; exit 0; fi done; exit 1; ======================================= The file test.txt has a list of passwords (one in each line, no spaces) I am told 'sound like' the passphrase the user had set. The output file is not created (therefore I assume that the script does not work) but prints out the public key and only the first passphrase in the list: ======================================= $ ./crackgpg.sh gpg: enabled debug flags: memstat gpg: writing to stdout -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.17 (GNU/Linux) [snip ...] -----END PGP PUBLIC KEY BLOCK----- random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/32768 bytes in 0 block GPG passphrase is: sebpirleydrodujrem ======================================= Any idea what I could use in the above script to make it try one word at a time, not ask for confirmation and print the *successful* passphrase word at the end? Any other scripting suggestions also welcome. -- Regards, Mick