This is less sinister than what it sounds, but nevertheless necessary
when one forgets the passphrase and has no revocation cert handy.
I am trying to come up with a script to crack the passphrase, but my
poor scripting ability (non-existent really) hampers my efforts.
Looking at google I ended up with this modified example:
=======================================
#!/bin/bash
#
# try all word in test.txt
for word in $(cat test.txt); do
# try to encrypt with $word passphrase
echo "${word}" | gpg --passphrase-fd 0 --no-tty -a --export
seckey.gpg -o file;
# if decrypt is successfull; stop
if [ $? -eq 0 ]; then
echo "GPG passphrase is: ${word}";
exit 0;
fi
done;
exit 1;
=======================================
The file test.txt has a list of passwords (one in each line, no
spaces) I am told 'sound like' the passphrase the user had set.
The output file is not created (therefore I assume that the script
does not work) but prints out the public key and only the first
passphrase in the list:
=======================================
$ ./crackgpg.sh
gpg: enabled debug flags: memstat
gpg: writing to stdout
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (GNU/Linux)
[snip ...]
-----END PGP PUBLIC KEY BLOCK-----
random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
outmix=0 getlvl1=0/0 getlvl2=0/0
secmem usage: 0/32768 bytes in 0 block
GPG passphrase is: sebpirleydrodujrem
=======================================
Any idea what I could use in the above script to make it try one word
at a time, not ask for confirmation and print the *successful*
passphrase word at the end? Any other scripting suggestions also
welcome.
--
Regards,
Mick
