Linux 使用脚本的暴力 GPG 密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4531253/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Bruteforce GPG passphrase using script
提问by oshirowanen
I have forgotten my passphrase for my gpg key on linux. Can someone please help me write a simple script to use bruteforce to crack the key? I remember some of the words which MIGHT be in the passphrase, so hopefully, it will not take long for my computer to bruteforce it.
我忘记了 linux 上 gpg 密钥的密码。有人可以帮我写一个简单的脚本来使用暴力破解密钥吗?我记得密码中可能包含的一些词,所以希望我的电脑不会花很长时间来暴力破解它。
All is not lost if I can't recover the passphrase, it just means I will not be able to work on my project for the next 10 days until I get back to work to get another copy of the files, but this time with a new key for which I will remember to passphrase.
如果我无法恢复密码短语,一切都不会丢失,这只是意味着我将无法在接下来的 10 天内处理我的项目,直到我重新开始工作以获取文件的另一个副本,但这一次我会记住密码短语的新密钥。
However, it will be nice to be able to work on my project in these 10 days.
但是,能够在这 10 天内完成我的项目会很好。
采纳答案by x0n
1) The script won't be simple, at least how you envisage "simple."
1)脚本不会简单,至少你想象的“简单”是这样。
2) It willtake a long time - that's the point of using pass phrases over simple passwords. Taking the time to write such a script, incorporating your words which may or may not be in the phrase plus a stab at iterating will probably take over ten days.
2)这将需要很长时间 - 这就是在简单密码上使用密码短语的重点。花时间编写这样的脚本,将您的单词(可能会或可能不会出现在短语中)加上反复尝试可能需要十多天。
3) You probably will forget the next passphrase too.
3) 您可能也会忘记下一个密码。
4) Ooops!
4)哎呀!
Sorry dude, time to start a new project (at least to while away the next ten days - I suggest a passphrase cracker as an ideal distraction.)
对不起,伙计,是时候开始一个新项目了(至少要在接下来的十天里消磨时间——我建议使用密码破解器作为理想的分散注意力的方式。)
Merry Christmas!
圣诞节快乐!
-Oisin
-Oisin
回答by tersmitten
Maybe something like:
也许是这样的:
#!/bin/bash
#
# try all word in words.txt
for word in $(cat words.txt); do
# try to decrypt with word
echo "${word}" | gpg --passphrase-fd 0 --no-tty --decrypt somegpgfile.gpg --output somegpgfile;
# if decrypt is successfull; stop
if [ $? -eq 0 ]; then
echo "GPG passphrase is: ${word}";
exit 0;
fi
done;
exit 1;
回答by N Klosterman
Tersmitten's answer may be out of date.
Tersmitten 的回答可能已经过时。
echo "${word}" | gpg --passphrase-fd 0 -q --batch --allow-multiple-messages --no-tty --output the_decrypted_file -d /some/input/file.gpg;
I used the above line with gpg 2.0.20 and libcrypt 1.5.2 to achieve the desired results.
我将上面的行与 gpg 2.0.20 和 libcrypt 1.5.2 一起使用以达到预期的结果。
