Bruteforce GPG passphrase using script [duplicate]

Question

This question already has an answer here:

• Best way to soft brute-force your own GPG/PGP passphrase? 2 answers

I have forgotten my passphrase for my gpg key on linux. Can someone please help me write a simple script to use bruteforce to crack the key? I remember some of the words which MIGHT be in the passphrase, so hopefully, it will not take long for my computer to bruteforce it.

All is not lost if I can't recover the passphrase, it just means I will not be able to work on my project for the next 10 days until I get back to work to get another copy of the files, but this time with a new key for which I will remember to passphrase.

However, it will be nice to be able to work on my project in these 10 days.

Answer 1

1) The script won't be simple, at least how you envisage "simple."

2) It will take a long time - that's the point of using pass phrases over simple passwords. Taking the time to write such a script, incorporating your words which may or may not be in the phrase plus a stab at iterating will probably take over ten days.

3) You probably will forget the next passphrase too.

4) Ooops!

Sorry dude, time to start a new project (at least to while away the next ten days - I suggest a passphrase cracker as an ideal distraction.)

Merry Christmas!

-Oisin

Answer 2

Maybe something like:

#!/bin/bash
#

# try all word in words.txt
for word in $(cat words.txt); do 

  # try to decrypt with word
  echo "${word}" | gpg --passphrase-fd 0 --no-tty --decrypt somegpgfile.gpg --output somegpgfile;

  # if decrypt is successfull; stop
  if [ $? -eq 0 ]; then

    echo "GPG passphrase is: ${word}";
    exit 0;

  fi

done;

exit 1;

Answer 3

Tersmitten's answer may be out of date.

echo "${word}" | gpg --passphrase-fd 0 -q --batch --allow-multiple-messages --no-tty  --output the_decrypted_file -d /some/input/file.gpg;

I used the above line with gpg 2.0.20 and libcrypt 1.5.2 to achieve the desired results.