What was that password again?

A few months ago I bought a new hard-drive. When you encrypt a drive, you need to set a password – but the trick here is to remember the password. Your hard-drive won't send you a "forgot password?" email. So you set that password, enter it, the drive mounts and then you work away happily for weeks without rebooting your machine.

Then you reboot... and you need to re-enter that password.

You slowly realize that those weeks ago you set a new unique password for that bloody hard-drive that you don't remember for the love of god... What to do? Well one, don't be a complete idiot like me – remember the password. But if you do, here is what to do? [Spoiler alert: I failed to recover the password but it's a pretty interesting ride...]

The new Ubuntu 16.04 comes with this handy too called 'bruteforce-luks', here are some scenarios. Note you have to use it as root.

"I remember the start/end of the password and I sort of know what's in the middle"

Here is what you can try, where the -b and -e are the starts and end of the password are known. -t is the number of CPU threads to use. -l and -m are the lower and maximum length of the password. -s is the set of characters you wanna use to crack.

sudo bruteforce-luks -b SomeStart -t 4 -l 9 -m 14 -s 0123456789  /dev/sdc1

sudo bruteforce-luks -e SomeEnd -t 4 -l 9 -m 14 -s 0123456789  /dev/sdc1

The device /dev/sdc1 maybe different in your case. To check progress of this brute-force scan use

pkill -USR1 -f bruteforce-luks

"I have no idea what the password is but my passwords are usually made up of some tokens"

 Worry not! That actually drastically reduces the search space and gives you a fair chance of success! Let's assume your tokens are: cats, dogs, elephants. We're gonna generate a list of all the permutations of those with a simple python script

import itertools

tokens = ["cats", "dogs", "elephants"]

results = []

for L in range(0, 6):
        for subset in itertools.permutations(tokens, L):
                results.append(subset)

with open("bruteforce-luks.txt", "w") as f:
    lines = ["".join(r) for r in results][1:]

    f.write("\n".join(lines))

Here is how this file looks like

$ python bruteforce-luks.py
$ head bruteforce-luks.txt 
cats
dogs
elephants
catsdogs
catselephants
dogscats
dogselephants
elephantscats
elephantsdogs
catsdogselephants

With that list of possible passwords you can then 

sudo bruteforce-luks -t 6 -f bruteforce-luks.txt /dev/sdc1

-f passes the file list, -t tell how many CPU threads to use. The device /dev/sdc1 maybe different in your case. To check progress of this brute-force scan use

pkill -USR1 -f bruteforce-luks

Epilog

 While I ultimately failed to recover the hard-drive, I hope this guide will help some people get out a little disaster like that. 

Comments

  1. Unknown3 January 2017 at 00:52

    Thanks, it works! :) Previously I've tried with john, but with no success.

    ReplyDelete
  2. mano20 September 2019 at 03:41

    AldaimSolutions as an offshore e-Commerce website development company provides a wide range of online business solutions in web and mobile space.Popular rails gemsRails is basically a web application framework, which is consist of everything needs to create database baked web application. It helps the developers to create websites and applications by providing structures for all codes written by them. Moreover, common repetitive tasks are simplified with the help of this technology.
    Websites made with PHP and Shopify
    Best Ecommerces Company Audacity24
    Websites made with PHP and Shopify
    Best ruby APIS
    React native and React Js
    Node Js and React Js

    ReplyDelete

Post a Comment

Popular posts from this blog

React.js – edit and delete comments in CommentBox

It appears customary for high-intelligence, high-skills groups of engineers to "roll their own" whenever they have a chance to. Counter-intuitively to most managerial/MBA types out there, re-inventing the wheel can give you... a better wheel. Success is not guaranteed though – but these people may leave sooner rather than later if you don't let them... Having looked at number of JS frameworks (ember, backbone, angular) there was no clear winner. They were all a mess, at least to me. So I approached React.js with no hopes – how much better could it possible be? It turns out, a lot! This post will be an extension of the official React.js tutorial . The tutorial stops at the stage where you can add comments to a dynamic lists, that will grow as you add comments. This falls short of the functionality displayed on facebook: once you add a comment you can edit or delete it, so that's what're going to do. Full disclosure, I only started using React this weekendo so m...
Read more

Example slurm cluster on your laptop (multiple VMs via vagrant)

To anybody who's considering a switch to modern queuing systems, like slurm, this will be an useful guide. Rather than doing a roll out on production nodes, we'll try things out in vagrant. This text assumes you have vagrant installed on your local machine (it's very easy). The ultimate aim will be to setup 2 servers (worker nodes) and one master/controller, and run a simple job on them. There are multiple great guides out there: most of them are out of date, and won't work without some tweaking on Ubuntu 16.04 Xenial. The entirety of the code is hosted at https://github.com/jandom/gromacs-slurm-openmpi-vagrant The README.md file will show you how to set it up, with checks on every step. References https://mussolblog.wordpress.com/2013/07/17/setting-up-a-testing-slurm-cluster/ https://github.com/gabrieleiannetti/slurm_cluster_wiki/wiki/Installing-a-Slurm-Cluster http://philipwfowler.me/2016/04/14/how-to-setup-a-gramble/ https://github.com/dakl/slurm-clus...
Read more

Wrapping openbabel in python - using cython

The previous post showed a contrived example of how one could access the openbabel functionality in python using the boost libraries. There is alternative to boost to wrap around c/c++ code, it's called cython. Here is an example openbabel wrapper, exposing some very simple functionality. Just before diving in, you should know that there already exists a wrapper around openbabel in python (it is called pybel). What I'm showing here doesn't even come close to pybel in terms of usefulness, the idea here is to show a demo of how easy wrapping things in python is. #! /usr/bin/python from ez_setup import use_setuptools use_setuptools() from setuptools import setup, Extension, find_packages from Cython.Distutils import build_ext import sys, os import glob import subprocess as sub def get_include(name="openbabel"): p = sub.Popen('locate %s' % name ,stdout=sub.PIPE,stderr=sub.PIPE, shell=True) output, errors = p.communicate() ...
Read more