Bruteforce dm-crypt using shell expansion

for a in {p,P}{a,A,4}{s,S,5}{s,S,5}; do echo $a|cryptsetup luksOpen /dev/sda5 $a && echo KEY FOUND: $a; done
Lost your luks passphrase? You can always bruteforce from the command line. See the sample output, a simple command for the "pass" word, using combinations of upper/lowercase or number replacement. The generated combinations are: for a in {p,P}{a,A,4}{s,S,5}{s,S,5}; do echo $a; done pass pasS pas5 paSs paSS paS5 ...
Sample Output
for a in {p,P}{a,A,4}{s,S,5}{s,S,5}; do echo $a|cryptsetup luksOpen /dev/sda5 $a && echo KEY FOUND: $a; done
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
No key available with this passphrase.
KEY FOUND: P4s5
...

# ls -l /dev/mapper/
total 0
crw------T 1 root root 10, 236 Apr 16 19:49 control
lrwxrwxrwx 1 root root       7 Apr 16 20:34 P4s5 -> ../dm-1

1
By: rodolfoap
2014-04-16 18:41:50

These Might Interest You

  • Lost your luks passphrase? You can always bruteforce from the command line. See the sample output, a simple command using a dictionary. Show Sample Output


    0
    cat dictionary.txt|while read a; do echo $a|cryptsetup luksOpen /dev/sda5 sda5 $a && echo KEY FOUND: $a; done
    rodolfoap · 2014-04-16 18:49:53 1
  • Create/open/use an encrypted directory encfs needs to be installed During creation easiest to use default values The encrypted files will be in ~/.crypt and you will work as usual in ~/crypt To close the encrypted directory run: fusermount -u ~/crypt When you switch off the computer the encrypted directory will be automatically closed This example uses /home/user/crypt as encrypted directory I use ubuntu linux 8.04 and I am also the creator of www.minihowto.org


    8
    encfs ~/.crypt ~/crypt
    bkn390 · 2009-09-25 10:13:39 0
  • it's nice to be able to use the command `ls program.{h,c,cpp}`. This expands to `ls program.h program.c program.cpp`. Note: This is a text expansion, not a shell wildcard type expansion that looks at matching file names to calculate the expansion. More details at http://www.linuxjournal.com/content/bash-brace-expansion I often run multiple commands (like apt-get) one after the other with different subcommands. Just for fun this wraps the whole thing into a single line that uses brace expansion.


    1
    echo apt-get\ {update,-y\ upgrade}\ \&\& true | sudo bash
    alecthegeek · 2015-09-22 00:48:26 3
  • Generate a 18 character password from character set a-zA-Z0-9 from /dev/urandom, pipe the output to Python which prints the password on standard out and in crypt sha512 form. Show Sample Output


    1
    cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 18 | head -1 | python -c "import sys,crypt; stdin=sys.stdin.readline().rstrip('\n'); print stdin;print crypt.crypt(stdin)"
    cnyg · 2012-11-09 00:40:22 0

What do you think?

Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?

You must be signed in to comment.

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands



Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: