Automate multiple password enties to decrypted LUKS + Ext4 USB stick
Clash Royale CLAN TAG#URR8PPP
I have a USB stick encrypted with LUKS + Ext4. I have forgotten the password...
However, I know which words will be included in the password and have a list of all permutations of those words. About 10,000 permutations.
Instead of me trying each and every permutation 1 by 1 manually (which will be a long, slow, and painfully tedious process), is it possible to automate this process? I know this sounds like some sort of malicious brute force attack, but it's not. If I wanted something like that, I could have easily downloaded some dodgy software from the internet.
Instead, I want to use something which is safe on my computer, a script (or any safe solution) which is custom built for me specifically.
Is this possible?
shell-script password encryption ext4 luks
edited Jan 21 at 21:21
Rui F Ribeiro
40k1479135
asked Jan 21 at 19:11
oshirowanenoshirowanen
434102757
add a comment |
I have a USB stick encrypted with LUKS + Ext4. I have forgotten the password...
However, I know which words will be included in the password and have a list of all permutations of those words. About 10,000 permutations.
Instead of me trying each and every permutation 1 by 1 manually (which will be a long, slow, and painfully tedious process), is it possible to automate this process? I know this sounds like some sort of malicious brute force attack, but it's not. If I wanted something like that, I could have easily downloaded some dodgy software from the internet.
Instead, I want to use something which is safe on my computer, a script (or any safe solution) which is custom built for me specifically.
Is this possible?
shell-script password encryption ext4 luks
edited Jan 21 at 21:21
Rui F Ribeiro
40k1479135
asked Jan 21 at 19:11
oshirowanenoshirowanen
434102757
3
you just have to pipe it tocryptsetup luksOpenwith the right syntax and note that (as written many times in the manual) when it's automated from stdin, you musn't include a trailing LF.
– A.B
Jan 21 at 19:30
add a comment |
I have a USB stick encrypted with LUKS + Ext4. I have forgotten the password...
However, I know which words will be included in the password and have a list of all permutations of those words. About 10,000 permutations.
Instead of me trying each and every permutation 1 by 1 manually (which will be a long, slow, and painfully tedious process), is it possible to automate this process? I know this sounds like some sort of malicious brute force attack, but it's not. If I wanted something like that, I could have easily downloaded some dodgy software from the internet.
Instead, I want to use something which is safe on my computer, a script (or any safe solution) which is custom built for me specifically.
Is this possible?
shell-script password encryption ext4 luks
edited Jan 21 at 21:21
Rui F Ribeiro
40k1479135
asked Jan 21 at 19:11
oshirowanenoshirowanen
434102757
I have a USB stick encrypted with LUKS + Ext4. I have forgotten the password...
However, I know which words will be included in the password and have a list of all permutations of those words. About 10,000 permutations.
Instead of me trying each and every permutation 1 by 1 manually (which will be a long, slow, and painfully tedious process), is it possible to automate this process? I know this sounds like some sort of malicious brute force attack, but it's not. If I wanted something like that, I could have easily downloaded some dodgy software from the internet.
Instead, I want to use something which is safe on my computer, a script (or any safe solution) which is custom built for me specifically.
Is this possible?
shell-script password encryption ext4 luks
shell-script password encryption ext4 luks
edited Jan 21 at 21:21
Rui F Ribeiro
40k1479135
asked Jan 21 at 19:11
oshirowanenoshirowanen
434102757
edited Jan 21 at 21:21
Rui F Ribeiro
40k1479135
asked Jan 21 at 19:11
oshirowanenoshirowanen
434102757
edited Jan 21 at 21:21
Rui F Ribeiro
40k1479135
edited Jan 21 at 21:21
Rui F Ribeiro
40k1479135
edited Jan 21 at 21:21
Rui F Ribeiro
40k1479135
40k1479135
asked Jan 21 at 19:11
oshirowanenoshirowanen
434102757
asked Jan 21 at 19:11
oshirowanenoshirowanen
434102757
asked Jan 21 at 19:11
oshirowanenoshirowanen
434102757
434102757
3
you just have to pipe it tocryptsetup luksOpenwith the right syntax and note that (as written many times in the manual) when it's automated from stdin, you musn't include a trailing LF.
– A.B
Jan 21 at 19:30
add a comment |
3
you just have to pipe it tocryptsetup luksOpenwith the right syntax and note that (as written many times in the manual) when it's automated from stdin, you musn't include a trailing LF.
– A.B
Jan 21 at 19:30
3
3
you just have to pipe it to
cryptsetup luksOpen with the right syntax and note that (as written many times in the manual) when it's automated from stdin, you musn't include a trailing LF.– A.B
Jan 21 at 19:30
you just have to pipe it to
cryptsetup luksOpen with the right syntax and note that (as written many times in the manual) when it's automated from stdin, you musn't include a trailing LF.– A.B
Jan 21 at 19:30
add a comment |
4 Answers
4
active
oldest
votes
Well, in the most naive case you can roughly do something like
for a in 'fo' 'foo' 'fooo'
do
for b in 'ba' 'bar' 'baar'
do
for c in 'bz' 'baz' 'bazz'
do
echo -n "$a$b$c" | cryptsetup open /dev/luks luks
&& echo "'$a$b$c' is the winner!"
&& break 3
done
done
done
and it goes through all the puzzle pieces ... foobarbz foobarbaz foobarbazz ... etc. in order. (If you have optional pieces, add '' empty string. If your pieces are in random order, well, think about it yourself).
To optimize performance, you can:
- patch
cryptsetupto keep reading passphrases from stdin (lukscrackplus on github for one such example but it's dated) - generate the complete list of words,
splitit into separate files, and run multiple such loops (one per core, perhaps even across multiple machines) - compile cryptsetup with a different/faster crypto backend (e.g. nettle instead of gcrypt), difference was huge last time I benchmarked it
- find a different implementation meant to bruteforce LUKS
But it's probably pointless to optimize if you have either too little (can go through in a day w/o optimizing) or way too many possibilities (no amount of optimizing will be successful).
At the same time, check:
- are you using the wrong keyboard layout?
- is the LUKS header intact?
(with LUKS1 there is no way to know for sure, but if you hexdump -C it and there is no random data where it should be, no need to waste time then)
There's also a similar question here: https://security.stackexchange.com/q/128539
But if you're really able to narrow it down by a lot, the naive approach works too.
answered Jan 21 at 19:51
frostschutzfrostschutz
26.8k15583
hexdump -C /dev/sdd returns a lot of data. Not sure where I am supposed to look for random data.
– oshirowanen
Jan 23 at 21:16
1
for reference,truncate -s 8M foobar.img;cryptsetup luksFormat foobar.img;hexdump -C foobar.imgwould show you what an intact header looks like (with nothing else on it). Where this has random data, your sdd would also have random data at the same address
– frostschutz
Jan 23 at 21:18
1
@frostschutz, thank you very much for your suggestions. Actually helped me find my passphrase! Added bounty just to say thank you, but unable to give it just yet, will have to wait 24 hours.
– oshirowanen
Jan 25 at 23:19
add a comment |
The most efficient way to perform this attack is to use John the Ripper's luks2john to extract the hash, and then attack it with John ('LUKS' hash format) or hashcat (hash mode 14600).
This has the advantage of scaling up to the number of cores (with either John CPU support or hashcat OpenCL CPU support) or the number of GPUs (with hashcat OpenCL GPU support) that you have.
It also takes advantage of any attack-side cryptographic efficiencies that are faster than using the native interface. These efficiencies can sometimes be dramatically faster than simply trying a normal unlock over and over again.
This also gives you the full suite of attack modes that those tools support (wordlist, rules, mask, hybrid, etc.).
answered Jan 22 at 6:27
Royce WilliamsRoyce Williams
735618
add a comment |
Yes. I had almost this exact problem. I wrote a script that looped through all the possibilities until one worked. Mine was a truecrypt volume though. The only problem would be if there was some rate limiting but that would only be the case if you were passing off the check to a website or the like. With the volume in your possession it is relatively easy to do this.
But also this is very much brute forcing. You have just narrowed the choices to a small number so it won't be difficult to do.
answered Jan 21 at 19:19
user1794469user1794469
1,5801822
Could you script be adapted to work with LUKS encrypted drives? Yes, I have the USB stick in my possession.
– oshirowanen
Jan 21 at 19:22
I'm not sure I even have the script anymore. But all you need to do is have the list of words, capitalization, order, whatever else you are changing and make a nested loop to run through them. Then you just need to be able to call the decryption command with the password. You should be able to do this with any scripting language: I usedperlbutpythonorbashwould also probably be pretty easy.
– user1794469
Jan 21 at 19:25
add a comment |
Yes, as previous answers, the hashcat is one of the best options. As the LUKS doesn't storage any hashes, we need to get an encrypted data sample (header) from your USB drive. We going to work on that sample only.
sudo dd if=/dev/USB_LUKS_partition of=/tmp/data_sample.luks bs=512 count=4079
Hashcat has many options to cracking a password, from straight bruteforcing to dictionary attacks, rule based attacks and mask attacks. In this scenario, we have password_candidates.txt:
hashcat -m 14600 -a 0 -w 3 /tmp/data_sample.luks password_candidates.txt
This should give you your password within seconds.
G/L
answered Jan 27 at 16:19
Radek RadekRadek Radek
514
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f495833%2fautomate-multiple-password-enties-to-decrypted-luks-ext4-usb-stick%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Well, in the most naive case you can roughly do something like
for a in 'fo' 'foo' 'fooo'
do
for b in 'ba' 'bar' 'baar'
do
for c in 'bz' 'baz' 'bazz'
do
echo -n "$a$b$c" | cryptsetup open /dev/luks luks
&& echo "'$a$b$c' is the winner!"
&& break 3
done
done
done
and it goes through all the puzzle pieces ... foobarbz foobarbaz foobarbazz ... etc. in order. (If you have optional pieces, add '' empty string. If your pieces are in random order, well, think about it yourself).
To optimize performance, you can:
- patch
cryptsetupto keep reading passphrases from stdin (lukscrackplus on github for one such example but it's dated) - generate the complete list of words,
splitit into separate files, and run multiple such loops (one per core, perhaps even across multiple machines) - compile cryptsetup with a different/faster crypto backend (e.g. nettle instead of gcrypt), difference was huge last time I benchmarked it
- find a different implementation meant to bruteforce LUKS
But it's probably pointless to optimize if you have either too little (can go through in a day w/o optimizing) or way too many possibilities (no amount of optimizing will be successful).
At the same time, check:
- are you using the wrong keyboard layout?
- is the LUKS header intact?
(with LUKS1 there is no way to know for sure, but if you hexdump -C it and there is no random data where it should be, no need to waste time then)
There's also a similar question here: https://security.stackexchange.com/q/128539
But if you're really able to narrow it down by a lot, the naive approach works too.
answered Jan 21 at 19:51
frostschutzfrostschutz
26.8k15583
hexdump -C /dev/sdd returns a lot of data. Not sure where I am supposed to look for random data.
– oshirowanen
Jan 23 at 21:16
1
for reference,truncate -s 8M foobar.img;cryptsetup luksFormat foobar.img;hexdump -C foobar.imgwould show you what an intact header looks like (with nothing else on it). Where this has random data, your sdd would also have random data at the same address
– frostschutz
Jan 23 at 21:18
1
@frostschutz, thank you very much for your suggestions. Actually helped me find my passphrase! Added bounty just to say thank you, but unable to give it just yet, will have to wait 24 hours.
– oshirowanen
Jan 25 at 23:19
add a comment |
Well, in the most naive case you can roughly do something like
for a in 'fo' 'foo' 'fooo'
do
for b in 'ba' 'bar' 'baar'
do
for c in 'bz' 'baz' 'bazz'
do
echo -n "$a$b$c" | cryptsetup open /dev/luks luks
&& echo "'$a$b$c' is the winner!"
&& break 3
done
done
done
and it goes through all the puzzle pieces ... foobarbz foobarbaz foobarbazz ... etc. in order. (If you have optional pieces, add '' empty string. If your pieces are in random order, well, think about it yourself).
To optimize performance, you can:
- patch
cryptsetupto keep reading passphrases from stdin (lukscrackplus on github for one such example but it's dated) - generate the complete list of words,
splitit into separate files, and run multiple such loops (one per core, perhaps even across multiple machines) - compile cryptsetup with a different/faster crypto backend (e.g. nettle instead of gcrypt), difference was huge last time I benchmarked it
- find a different implementation meant to bruteforce LUKS
But it's probably pointless to optimize if you have either too little (can go through in a day w/o optimizing) or way too many possibilities (no amount of optimizing will be successful).
At the same time, check:
- are you using the wrong keyboard layout?
- is the LUKS header intact?
(with LUKS1 there is no way to know for sure, but if you hexdump -C it and there is no random data where it should be, no need to waste time then)
There's also a similar question here: https://security.stackexchange.com/q/128539
But if you're really able to narrow it down by a lot, the naive approach works too.
answered Jan 21 at 19:51
frostschutzfrostschutz
26.8k15583
hexdump -C /dev/sdd returns a lot of data. Not sure where I am supposed to look for random data.
– oshirowanen
Jan 23 at 21:16
1
for reference,truncate -s 8M foobar.img;cryptsetup luksFormat foobar.img;hexdump -C foobar.imgwould show you what an intact header looks like (with nothing else on it). Where this has random data, your sdd would also have random data at the same address
– frostschutz
Jan 23 at 21:18
1
@frostschutz, thank you very much for your suggestions. Actually helped me find my passphrase! Added bounty just to say thank you, but unable to give it just yet, will have to wait 24 hours.
– oshirowanen
Jan 25 at 23:19
add a comment |
Well, in the most naive case you can roughly do something like
for a in 'fo' 'foo' 'fooo'
do
for b in 'ba' 'bar' 'baar'
do
for c in 'bz' 'baz' 'bazz'
do
echo -n "$a$b$c" | cryptsetup open /dev/luks luks
&& echo "'$a$b$c' is the winner!"
&& break 3
done
done
done
and it goes through all the puzzle pieces ... foobarbz foobarbaz foobarbazz ... etc. in order. (If you have optional pieces, add '' empty string. If your pieces are in random order, well, think about it yourself).
To optimize performance, you can:
- patch
cryptsetupto keep reading passphrases from stdin (lukscrackplus on github for one such example but it's dated) - generate the complete list of words,
splitit into separate files, and run multiple such loops (one per core, perhaps even across multiple machines) - compile cryptsetup with a different/faster crypto backend (e.g. nettle instead of gcrypt), difference was huge last time I benchmarked it
- find a different implementation meant to bruteforce LUKS
But it's probably pointless to optimize if you have either too little (can go through in a day w/o optimizing) or way too many possibilities (no amount of optimizing will be successful).
At the same time, check:
- are you using the wrong keyboard layout?
- is the LUKS header intact?
(with LUKS1 there is no way to know for sure, but if you hexdump -C it and there is no random data where it should be, no need to waste time then)
There's also a similar question here: https://security.stackexchange.com/q/128539
But if you're really able to narrow it down by a lot, the naive approach works too.
answered Jan 21 at 19:51
frostschutzfrostschutz
26.8k15583
Well, in the most naive case you can roughly do something like
for a in 'fo' 'foo' 'fooo'
do
for b in 'ba' 'bar' 'baar'
do
for c in 'bz' 'baz' 'bazz'
do
echo -n "$a$b$c" | cryptsetup open /dev/luks luks
&& echo "'$a$b$c' is the winner!"
&& break 3
done
done
done
and it goes through all the puzzle pieces ... foobarbz foobarbaz foobarbazz ... etc. in order. (If you have optional pieces, add '' empty string. If your pieces are in random order, well, think about it yourself).
To optimize performance, you can:
- patch
cryptsetupto keep reading passphrases from stdin (lukscrackplus on github for one such example but it's dated) - generate the complete list of words,
splitit into separate files, and run multiple such loops (one per core, perhaps even across multiple machines) - compile cryptsetup with a different/faster crypto backend (e.g. nettle instead of gcrypt), difference was huge last time I benchmarked it
- find a different implementation meant to bruteforce LUKS
But it's probably pointless to optimize if you have either too little (can go through in a day w/o optimizing) or way too many possibilities (no amount of optimizing will be successful).
At the same time, check:
- are you using the wrong keyboard layout?
- is the LUKS header intact?
(with LUKS1 there is no way to know for sure, but if you hexdump -C it and there is no random data where it should be, no need to waste time then)
There's also a similar question here: https://security.stackexchange.com/q/128539
But if you're really able to narrow it down by a lot, the naive approach works too.
answered Jan 21 at 19:51
frostschutzfrostschutz
26.8k15583
answered Jan 21 at 19:51
frostschutzfrostschutz
26.8k15583
answered Jan 21 at 19:51
frostschutzfrostschutz
26.8k15583
answered Jan 21 at 19:51
frostschutzfrostschutz
26.8k15583
26.8k15583
hexdump -C /dev/sdd returns a lot of data. Not sure where I am supposed to look for random data.
– oshirowanen
Jan 23 at 21:16
1
for reference,truncate -s 8M foobar.img;cryptsetup luksFormat foobar.img;hexdump -C foobar.imgwould show you what an intact header looks like (with nothing else on it). Where this has random data, your sdd would also have random data at the same address
– frostschutz
Jan 23 at 21:18
1
@frostschutz, thank you very much for your suggestions. Actually helped me find my passphrase! Added bounty just to say thank you, but unable to give it just yet, will have to wait 24 hours.
– oshirowanen
Jan 25 at 23:19
add a comment |
hexdump -C /dev/sdd returns a lot of data. Not sure where I am supposed to look for random data.
– oshirowanen
Jan 23 at 21:16
1
for reference,truncate -s 8M foobar.img;cryptsetup luksFormat foobar.img;hexdump -C foobar.imgwould show you what an intact header looks like (with nothing else on it). Where this has random data, your sdd would also have random data at the same address
– frostschutz
Jan 23 at 21:18
1
@frostschutz, thank you very much for your suggestions. Actually helped me find my passphrase! Added bounty just to say thank you, but unable to give it just yet, will have to wait 24 hours.
– oshirowanen
Jan 25 at 23:19
hexdump -C /dev/sdd returns a lot of data. Not sure where I am supposed to look for random data.
– oshirowanen
Jan 23 at 21:16
hexdump -C /dev/sdd returns a lot of data. Not sure where I am supposed to look for random data.
– oshirowanen
Jan 23 at 21:16
1
1
for reference,
truncate -s 8M foobar.img; cryptsetup luksFormat foobar.img; hexdump -C foobar.img would show you what an intact header looks like (with nothing else on it). Where this has random data, your sdd would also have random data at the same address– frostschutz
Jan 23 at 21:18
for reference,
truncate -s 8M foobar.img; cryptsetup luksFormat foobar.img; hexdump -C foobar.img would show you what an intact header looks like (with nothing else on it). Where this has random data, your sdd would also have random data at the same address– frostschutz
Jan 23 at 21:18
1
1
@frostschutz, thank you very much for your suggestions. Actually helped me find my passphrase! Added bounty just to say thank you, but unable to give it just yet, will have to wait 24 hours.
– oshirowanen
Jan 25 at 23:19
@frostschutz, thank you very much for your suggestions. Actually helped me find my passphrase! Added bounty just to say thank you, but unable to give it just yet, will have to wait 24 hours.
– oshirowanen
Jan 25 at 23:19
add a comment |
The most efficient way to perform this attack is to use John the Ripper's luks2john to extract the hash, and then attack it with John ('LUKS' hash format) or hashcat (hash mode 14600).
This has the advantage of scaling up to the number of cores (with either John CPU support or hashcat OpenCL CPU support) or the number of GPUs (with hashcat OpenCL GPU support) that you have.
It also takes advantage of any attack-side cryptographic efficiencies that are faster than using the native interface. These efficiencies can sometimes be dramatically faster than simply trying a normal unlock over and over again.
This also gives you the full suite of attack modes that those tools support (wordlist, rules, mask, hybrid, etc.).
answered Jan 22 at 6:27
Royce WilliamsRoyce Williams
735618
add a comment |
The most efficient way to perform this attack is to use John the Ripper's luks2john to extract the hash, and then attack it with John ('LUKS' hash format) or hashcat (hash mode 14600).
This has the advantage of scaling up to the number of cores (with either John CPU support or hashcat OpenCL CPU support) or the number of GPUs (with hashcat OpenCL GPU support) that you have.
It also takes advantage of any attack-side cryptographic efficiencies that are faster than using the native interface. These efficiencies can sometimes be dramatically faster than simply trying a normal unlock over and over again.
This also gives you the full suite of attack modes that those tools support (wordlist, rules, mask, hybrid, etc.).
answered Jan 22 at 6:27
Royce WilliamsRoyce Williams
735618
add a comment |
The most efficient way to perform this attack is to use John the Ripper's luks2john to extract the hash, and then attack it with John ('LUKS' hash format) or hashcat (hash mode 14600).
This has the advantage of scaling up to the number of cores (with either John CPU support or hashcat OpenCL CPU support) or the number of GPUs (with hashcat OpenCL GPU support) that you have.
It also takes advantage of any attack-side cryptographic efficiencies that are faster than using the native interface. These efficiencies can sometimes be dramatically faster than simply trying a normal unlock over and over again.
This also gives you the full suite of attack modes that those tools support (wordlist, rules, mask, hybrid, etc.).
answered Jan 22 at 6:27
Royce WilliamsRoyce Williams
735618
The most efficient way to perform this attack is to use John the Ripper's luks2john to extract the hash, and then attack it with John ('LUKS' hash format) or hashcat (hash mode 14600).
This has the advantage of scaling up to the number of cores (with either John CPU support or hashcat OpenCL CPU support) or the number of GPUs (with hashcat OpenCL GPU support) that you have.
It also takes advantage of any attack-side cryptographic efficiencies that are faster than using the native interface. These efficiencies can sometimes be dramatically faster than simply trying a normal unlock over and over again.
This also gives you the full suite of attack modes that those tools support (wordlist, rules, mask, hybrid, etc.).
answered Jan 22 at 6:27
Royce WilliamsRoyce Williams
735618
edited Jan 28 at 18:20
answered Jan 22 at 6:27
Royce WilliamsRoyce Williams
735618
answered Jan 22 at 6:27
Royce WilliamsRoyce Williams
735618
answered Jan 22 at 6:27
Royce WilliamsRoyce Williams
735618
735618
add a comment |
add a comment |
Yes. I had almost this exact problem. I wrote a script that looped through all the possibilities until one worked. Mine was a truecrypt volume though. The only problem would be if there was some rate limiting but that would only be the case if you were passing off the check to a website or the like. With the volume in your possession it is relatively easy to do this.
But also this is very much brute forcing. You have just narrowed the choices to a small number so it won't be difficult to do.
answered Jan 21 at 19:19
user1794469user1794469
1,5801822
Could you script be adapted to work with LUKS encrypted drives? Yes, I have the USB stick in my possession.
– oshirowanen
Jan 21 at 19:22
I'm not sure I even have the script anymore. But all you need to do is have the list of words, capitalization, order, whatever else you are changing and make a nested loop to run through them. Then you just need to be able to call the decryption command with the password. You should be able to do this with any scripting language: I usedperlbutpythonorbashwould also probably be pretty easy.
– user1794469
Jan 21 at 19:25
add a comment |
Yes. I had almost this exact problem. I wrote a script that looped through all the possibilities until one worked. Mine was a truecrypt volume though. The only problem would be if there was some rate limiting but that would only be the case if you were passing off the check to a website or the like. With the volume in your possession it is relatively easy to do this.
But also this is very much brute forcing. You have just narrowed the choices to a small number so it won't be difficult to do.
answered Jan 21 at 19:19
user1794469user1794469
1,5801822
Could you script be adapted to work with LUKS encrypted drives? Yes, I have the USB stick in my possession.
– oshirowanen
Jan 21 at 19:22
I'm not sure I even have the script anymore. But all you need to do is have the list of words, capitalization, order, whatever else you are changing and make a nested loop to run through them. Then you just need to be able to call the decryption command with the password. You should be able to do this with any scripting language: I usedperlbutpythonorbashwould also probably be pretty easy.
– user1794469
Jan 21 at 19:25
add a comment |
Yes. I had almost this exact problem. I wrote a script that looped through all the possibilities until one worked. Mine was a truecrypt volume though. The only problem would be if there was some rate limiting but that would only be the case if you were passing off the check to a website or the like. With the volume in your possession it is relatively easy to do this.
But also this is very much brute forcing. You have just narrowed the choices to a small number so it won't be difficult to do.
answered Jan 21 at 19:19
user1794469user1794469
1,5801822
Yes. I had almost this exact problem. I wrote a script that looped through all the possibilities until one worked. Mine was a truecrypt volume though. The only problem would be if there was some rate limiting but that would only be the case if you were passing off the check to a website or the like. With the volume in your possession it is relatively easy to do this.
But also this is very much brute forcing. You have just narrowed the choices to a small number so it won't be difficult to do.
answered Jan 21 at 19:19
user1794469user1794469
1,5801822
answered Jan 21 at 19:19
user1794469user1794469
1,5801822
answered Jan 21 at 19:19
user1794469user1794469
1,5801822
answered Jan 21 at 19:19
user1794469user1794469
1,5801822
1,5801822
Could you script be adapted to work with LUKS encrypted drives? Yes, I have the USB stick in my possession.
– oshirowanen
Jan 21 at 19:22
I'm not sure I even have the script anymore. But all you need to do is have the list of words, capitalization, order, whatever else you are changing and make a nested loop to run through them. Then you just need to be able to call the decryption command with the password. You should be able to do this with any scripting language: I usedperlbutpythonorbashwould also probably be pretty easy.
– user1794469
Jan 21 at 19:25
add a comment |
Could you script be adapted to work with LUKS encrypted drives? Yes, I have the USB stick in my possession.
– oshirowanen
Jan 21 at 19:22
I'm not sure I even have the script anymore. But all you need to do is have the list of words, capitalization, order, whatever else you are changing and make a nested loop to run through them. Then you just need to be able to call the decryption command with the password. You should be able to do this with any scripting language: I usedperlbutpythonorbashwould also probably be pretty easy.
– user1794469
Jan 21 at 19:25
Could you script be adapted to work with LUKS encrypted drives? Yes, I have the USB stick in my possession.
– oshirowanen
Jan 21 at 19:22
Could you script be adapted to work with LUKS encrypted drives? Yes, I have the USB stick in my possession.
– oshirowanen
Jan 21 at 19:22
I'm not sure I even have the script anymore. But all you need to do is have the list of words, capitalization, order, whatever else you are changing and make a nested loop to run through them. Then you just need to be able to call the decryption command with the password. You should be able to do this with any scripting language: I used
perl but python or bash would also probably be pretty easy.– user1794469
Jan 21 at 19:25
I'm not sure I even have the script anymore. But all you need to do is have the list of words, capitalization, order, whatever else you are changing and make a nested loop to run through them. Then you just need to be able to call the decryption command with the password. You should be able to do this with any scripting language: I used
perl but python or bash would also probably be pretty easy.– user1794469
Jan 21 at 19:25
add a comment |
Yes, as previous answers, the hashcat is one of the best options. As the LUKS doesn't storage any hashes, we need to get an encrypted data sample (header) from your USB drive. We going to work on that sample only.
sudo dd if=/dev/USB_LUKS_partition of=/tmp/data_sample.luks bs=512 count=4079
Hashcat has many options to cracking a password, from straight bruteforcing to dictionary attacks, rule based attacks and mask attacks. In this scenario, we have password_candidates.txt:
hashcat -m 14600 -a 0 -w 3 /tmp/data_sample.luks password_candidates.txt
This should give you your password within seconds.
G/L
answered Jan 27 at 16:19
Radek RadekRadek Radek
514
add a comment |
Yes, as previous answers, the hashcat is one of the best options. As the LUKS doesn't storage any hashes, we need to get an encrypted data sample (header) from your USB drive. We going to work on that sample only.
sudo dd if=/dev/USB_LUKS_partition of=/tmp/data_sample.luks bs=512 count=4079
Hashcat has many options to cracking a password, from straight bruteforcing to dictionary attacks, rule based attacks and mask attacks. In this scenario, we have password_candidates.txt:
hashcat -m 14600 -a 0 -w 3 /tmp/data_sample.luks password_candidates.txt
This should give you your password within seconds.
G/L
answered Jan 27 at 16:19
Radek RadekRadek Radek
514
add a comment |
Yes, as previous answers, the hashcat is one of the best options. As the LUKS doesn't storage any hashes, we need to get an encrypted data sample (header) from your USB drive. We going to work on that sample only.
sudo dd if=/dev/USB_LUKS_partition of=/tmp/data_sample.luks bs=512 count=4079
Hashcat has many options to cracking a password, from straight bruteforcing to dictionary attacks, rule based attacks and mask attacks. In this scenario, we have password_candidates.txt:
hashcat -m 14600 -a 0 -w 3 /tmp/data_sample.luks password_candidates.txt
This should give you your password within seconds.
G/L
answered Jan 27 at 16:19
Radek RadekRadek Radek
514
Yes, as previous answers, the hashcat is one of the best options. As the LUKS doesn't storage any hashes, we need to get an encrypted data sample (header) from your USB drive. We going to work on that sample only.
sudo dd if=/dev/USB_LUKS_partition of=/tmp/data_sample.luks bs=512 count=4079
Hashcat has many options to cracking a password, from straight bruteforcing to dictionary attacks, rule based attacks and mask attacks. In this scenario, we have password_candidates.txt:
hashcat -m 14600 -a 0 -w 3 /tmp/data_sample.luks password_candidates.txt
This should give you your password within seconds.
G/L
answered Jan 27 at 16:19
Radek RadekRadek Radek
514
answered Jan 27 at 16:19
Radek RadekRadek Radek
514
answered Jan 27 at 16:19
Radek RadekRadek Radek
514
answered Jan 27 at 16:19
Radek RadekRadek Radek
514
514
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f495833%2fautomate-multiple-password-enties-to-decrypted-luks-ext4-usb-stick%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
3
you just have to pipe it to
cryptsetup luksOpenwith the right syntax and note that (as written many times in the manual) when it's automated from stdin, you musn't include a trailing LF.– A.B
Jan 21 at 19:30