Cracking EncFS made easier

Alright, last night I had a thought: What if I suddenly forgot the passwords for my encfs encrypted folders? I searched the net for a tool that would allow me to recover the lost password, but there were none around, so I decided to make one myself. This, fortunately, was very easy, and the result is here:

#!/bin/sh

# usage: crackencfs.sh /path/to/encrypted/folder /path/to/mountpoint /path/to/wordlist
counter=1

while [ true ]; do
    # prepare tmp script
    echo echo $(head -n $counter $3 | tail -n 1) > /tmp/superduperword.sh
    chmod a+x /tmp/superduperword.sh
    encfs $1 $2 --extpass=/tmp/superduperword.sh
    if [ $? -eq 0 ]; then
        echo Key recovered - the password is: 
        /tmp/superduperword.sh
        exit
    fi
    counter=$(($counter + 1))
done

You supply a wordlist, and the script tries one word at a time, until it either runs out of words or or finds the correct password. However, this can take a VERY long time. On my computer (quad core 2.6GHz, 8GB RAM), it tests just under 2 passwords per second.


Written by Jannich Brendle tor 23 september 2010 In Security

tags: encryptionhackingubuntu

Related posts

social