Crack GPG Password

Derek Broughton news at pointerstop.ca
Wed Jun 11 16:17:55 BST 2008


Bart Silverstrim wrote:

> Blaine Fleming wrote:
>> Bart Silverstrim wrote:
>>> You *can't* extract a part of a password like the OP is looking for. The
>>> algorithm used in creating the encrypted product doesn't look at your
>>> password as discrete chunks to be guessed like you see in the movies
>>> where you see, "Oh my @#$! He has the first three numbers already!"
>>> while you hear a crescendo of suspenseful music.
>>>   
>> 
>> Again, the way I read it the OP wants to find out the missing part.  If
>> I have a password of "password" but all I remember is "passwor" then I
>> can brute force the remaining bit.
> 
> Oh my $@! How STUPID CAN YOU BE?! HOW DENSE?! Again, what I said
> was...oh, I see what you're saying.

I think you missed a :-)

> If that's the case, I don't know of a tool that is made specifically for
> brute forcing a GPG-encrypted file (he's probably need to know what
> algorithm was used too).
> 
> There must be a way to create a script that would try it, though. But
> that would also mean you need to know that the output is the legitimate
> material and not gibberish before trying the next one, I would think.
> 
> Probably not easy to code or script just for this task, though.

Fairly easy, I guess if you actually have an unencrypted copy of something
that was crypted - then you run diff against the output of your new
decryption and the old data, but if you don't have such a file, there's
probably nothing as good as your own eyes for knowing when you get it
right.   Though, if some of your crypted data is in known formats (eg,
email) you just need to be able to look for strings that are part of the
protocol (like "Subject: ").
-- 
derek





More information about the ubuntu-users mailing list