This is less sinister than what it sounds, but nevertheless necessary
when one forgets the passphrase and has no revocation cert handy.

I am trying to come up with a script to crack the passphrase, but my
poor scripting ability (non-existent really) hampers my efforts.
Looking at google I ended up with this modified example:
=======================================
#!/bin/bash
#

# try all word in test.txt
for word in $(cat test.txt); do

# try to encrypt with $word passphrase
echo "${word}" | gpg --passphrase-fd 0 --no-tty -a --export
seckey.gpg -o file;

# if decrypt is successfull; stop
if [ $? -eq 0 ]; then

echo "GPG passphrase is: ${word}";
exit 0;

fi

done;

exit 1;
=======================================

The file test.txt has a list of passwords (one in each line, no
spaces) I am told 'sound like' the passphrase the user had set.

The output file is not created (therefore I assume that the script
does not work) but prints out the public key and only the first
passphrase in the list:

=======================================
$ ./crackgpg.sh
gpg: enabled debug flags: memstat
gpg: writing to stdout
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (GNU/Linux)
[snip ...]

-----END PGP PUBLIC KEY BLOCK-----
random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
outmix=0 getlvl1=0/0 getlvl2=0/0
secmem usage: 0/32768 bytes in 0 block
GPG passphrase is: sebpirleydrodujrem
=======================================

Any idea what I could use in the above script to make it try one word
at a time, not ask for confirmation and print the *successful*
passphrase word at the end? Any other scripting suggestions also
welcome.
--
Regards,
Mick

On Tue, Apr 26, 2011 at 9:20 AM, Mick <michaelkintzios@gmail.com> wrote:
> This is less sinister than what it sounds, but nevertheless necessary
> when one forgets the passphrase and has no revocation cert handy.
>
> I am trying to come up with a script to crack the passphrase, but my
> poor scripting ability (non-existent really) hampers my efforts.

Haven't tried it, but Google led me to this:

http://www.roguedaemon.net/rephrase/

On 26 April 2011 15:34, Paul Hartman <paul.hartman+gentoo@gmail.com> wrote:
> On Tue, Apr 26, 2011 at 9:20 AM, Mick <michaelkintzios@gmail.com> wrote:
>> This is less sinister than what it sounds, but nevertheless necessary
>> when one forgets the passphrase and has no revocation cert handy.
>>
>> I am trying to come up with a script to crack the passphrase, but my
>> poor scripting ability (non-existent really) hampers my efforts.
>
> Haven't tried it, but Google led me to this:
>
> http://www.roguedaemon.net/rephrase/

Thanks Paul, it seems no longer maintained (compiled for 2.4 kernel and gcc3).
--
Regards,
Mick

On Tuesday 26 April 2011 16:42:50 Mick wrote:
> On 26 April 2011 15:34, Paul Hartman <paul.hartman+gentoo@gmail.com> wrote:
> > On Tue, Apr 26, 2011 at 9:20 AM, Mick <michaelkintzios@gmail.com> wrote:
> >> This is less sinister than what it sounds, but nevertheless necessary
> >> when one forgets the passphrase and has no revocation cert handy.
> >>
> >> I am trying to come up with a script to crack the passphrase, but my
> >> poor scripting ability (non-existent really) hampers my efforts.
> >
> > Haven't tried it, but Google led me to this:
> >
> > http://www.roguedaemon.net/rephrase/
>
> Thanks Paul, it seems no longer maintained (compiled for 2.4 kernel and
> gcc3).

Actually, it installs and runs! Thank you. :-)

Alas though, it didn't crack the suspected passphrase. :-(

Back to plan A. Any ideas how I can improve my script?
--
Regards,
Mick

On Tue, Apr 26, 2011 at 09:24:44PM +0100, Mick wrote:
> Back to plan A. Any ideas how I can improve my script?

Do you have any guesses as to your passphrase or is it a total shot in
the dark, could be anything from one word to a poem?

Unless you can narrow it down tremendously, you're wasting time and it
will never be recovered.

--
... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._.
Felix Finch: scarecrow repairman & rocket surgeon / felix@crowfix.com
GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933
I've found a solution to Fermat's Last Theorem but I see I've run out of room o

On Wednesday 27 April 2011 19:15:46 felix@crowfix.com wrote:
> On Tue, Apr 26, 2011 at 09:24:44PM +0100, Mick wrote:
> > Back to plan A. Any ideas how I can improve my script?
>
> Do you have any guesses as to your passphrase or is it a total shot in
> the dark, could be anything from one word to a poem?
>
> Unless you can narrow it down tremendously, you're wasting time and it
> will never be recovered.

There are some candidate passphrases. I tried them all with rephrase and all
the permutations that I could think of.

Now I am trying app-crypt/nasty, for brute force cracking, but I can't get it
to work. :-(

It keeps popping up my pinentry and asking me for my default key passphrase,
not the key I am trying to feed to it.

Is there a way to change that script I posted so that it a)takes the
passphrases from a file, or b)incrementally tries {a,b,...,z}, and/or capitals
and/or numbers?
--
Regards,
Mick

On 27 April 2011 19:56, Mick <michaelkintzios@gmail.com> wrote:
> On Wednesday 27 April 2011 19:15:46 felix@crowfix.com wrote:
>> On Tue, Apr 26, 2011 at 09:24:44PM +0100, Mick wrote:
>> > Back to plan A. *Any ideas how I can improve my script?
>>
>> Do you have any guesses as to your passphrase or is it a total shot in
>> the dark, could be anything from one word to a poem?
>>
>> Unless you can narrow it down tremendously, you're wasting time and it
>> will never be recovered.
>
> There are some candidate passphrases. *I tried them all with rephrase and all
> the permutations that I could think of.
>
> Now I am trying app-crypt/nasty, for brute force cracking, but I can't get it
> to work. *:-(
>
> It keeps popping up my pinentry and asking me for my default key passphrase,
> not the key I am trying to feed to it.
>
> Is there a way to change that script I posted so that it a)takes the
> passphrases from a file, or b)incrementally tries {a,b,...,z}, and/or capitals
> and/or numbers?

I'm making some good progress!

First I used the key to encrypt a file:

gpg -e file.txt

Then run this script to try to decrypt it:
==========================================
#!/bin/bash
#

# try all word in test.txt
for word in $(cat test.txt); do

# try to decrypt with word
echo "${word}" | gpg --passphrase-fd 0 -q --batch --no-tty --output
file_success.txt -d file.txt.gpg;

# if decrypt is successfull; stop
if [ $? -eq 0 ]; then

echo "GPG passphrase is: ${word}";
exit 0;

fi

done;

exit 1;
==========================================

This finds the passphrase and prints it out on the terminal. However, its
success depends on the dictionary file I use. Also, it's not particularly
fast ...

Any idea how I can create a dictionary file? I've used apg but it's <aheam!>
too random. :-)

I have been given something like 6 passphrases that may have been used. The
problem is that at the time of creation the passphrase was typed in
incorrectly (twice!) So I would need to use some method of generating a
dictionary with potential typos of these known passphrases (pretty much how
the rephrase application works). What is a good way to generate such a file
by imputing a range of candidate characters?

Finally, is there a way or parallelising the run so that it speeds up?

--
Regards,
Mick

On 04/28/2011 10:04 AM, Mick wrote:
> This finds the passphrase and prints it out on the terminal. However, its
> success depends on the dictionary file I use. Also, it's not particularly
> fast ...
>
> Any idea how I can create a dictionary file? I've used apg but it's <aheam!>
> too random. :-)
>
> I have been given something like 6 passphrases that may have been used. The
> problem is that at the time of creation the passphrase was typed in
> incorrectly (twice!) So I would need to use some method of generating a
> dictionary with potential typos of these known passphrases (pretty much how
> the rephrase application works). What is a good way to generate such a file
> by imputing a range of candidate characters?
>
> Finally, is there a way or parallelising the run so that it speeds up?
>

If you know the actual passphrase is "close" to some known passphrase,
read up on the concept of Levenshtein distance:

http://en.wikipedia.org/wiki/Levenshtein_distance

If you can define a function that computes all passwords of Levenshtein
distance 1 from a given password, then you can run that function twice
to get the password of distance 2,3... Three or four is probably a good
place to stop.

Then you can take those six known passwords, and compute all words of
distance 1,2,3 from all of them. Stick those in a list, and try them.