[dm-crypt] LUKS & search for passphrase using dictionary
gmazyland at gmail.com
Fri Jul 20 00:48:17 CEST 2012
>From time to time someone tries to recover (or crack) LUKS passphrase
using dictionary lists.
I saw lately even some crazy patches for cryptsetup doing that.
Please do not patch source or create some slow bash scripts
(initialization and memory locking cost resources).
Just use libcryptsetup. I added some example how to do it, see
e.g. for JTR known password list you can run (on quadcore cpu here)
# luks_dict test.img /usr/share/john/password.lst 4
Then read FAQ how LUKS keyslot iterations slow down these attacks...
It is just quickly written example, perhaps with some bugs.
Anyway, enjoy :)
If you really run this, compile cryptsetup with openssl support
(configure --with-crypto_backend=openssl) it is quicker than default gcrypt.
More information about the dm-crypt