Re: [dm-crypt] Forgot dm-crypt password; suggestions on steps to undertake

[Matthew Monaco <dgbaley27@0x01b.net>]

On 11/10/2013 07:25 PM, John Thoe wrote:
> Hello Arno and Milan
> 
> Thanks very much for your replies. I was not successful in retrieving the
> passphrase but it was a good learning experience.
>

I'm not sure if this means that you couldn't find a good way to brute-force or
if your assumptions about the missing parts were wrong. I've done something
similar before, although the forgotten pieces were somewhat different and only
had ~32 possibilities. In any event, I used a script like this:

--------8<--------------------------------------------------------------
#!/bin/bash

dev="$1"
dictionary=( mypass-{0000..2000} )

for pass in "${dictionary[@]}"; do
	printf "Trying: %s..." "$pass"
	if echo -n "$pass" | cryptsetup luksOpen --test-passphrase \
	                         --key-file=- "$dev" lostdev &> /dev/null; then
		printf " SUCCESS!\n"
		break
	else
		printf "\n"
	fi
done
--------8<--------------------------------------------------------------

It didn't make sense to me to do it using libcryptsetup because the bottleneck
was the actual decryption attempt.

If this is for your root drive, you'd have to do it from a boot disk. If you're
data is important, and you really do need ~5000 attempts, I think the wait time
is manageable.