How to Soft-Brute Force Your GPG Passphrase
For whatever reason, I forgot a very important password - my GPG passphrase! There’s no recourse for this, whatever is encrypted with my key is lost forever if I can’t get the passphrase back.
Luckily enough I managed to crack it. Here’s how.
What I had to work with
- My password consisted of three words, in the following format:
- I was pretty sure I knew
Threewere correct, for some reason I couldn’t remember
Two. They are randomly generated so it’s hard to ‘remember’ a link between them.
Twoare words in the dictionary (
Threeisn’t but that’s why I could remember it…)
- I seemed to think that
Twobegan with a
What I did
So the first port of call was to desperately try to remember the middle word. No joy… I tried and tried for about half an hour but I could feel the passphrase becoming even harder to remember the more I typed other words in.
Dictionary attack using Nasty
Next up I thought I could try some sort of dictionary attack. The word definitely is in the dictionary so it was worth a try.
I tried to use John the Ripper, a popular password cracker but I couldn’t get it to work with gpg. The ‘jumbo’ version has a utility called
gpg2john which makes a hash for you but I just couldn’t figure out how to export the key without the passphrase, but with PGP armor. Perhaps someone can tell me.
Instead after quite a bit of digging I found a tool called Nasty - designed expressly for this purpose.
To use it you need to adjust your gpg settings so that it will allow lots of password attempts in quick succession. This involves adding this to
And this to
Then kill gpg-agent if it is already running somewhere.
Remember to remove these lines when you are done, it can cause issues with normal usage.
By default Nasty just tries every combination in the alphabet, so
e etc… Not the most efficient way to go about this unless you have a lot of time on your hands (years rather than days…).
Finding a word list
Luckily, Nasty lets you use a word list. Also lucky, Linux has lots of word lists built right into the system!
cp /usr/share/dict/words ~/bruteforce
The location of the file may vary based on your system, but in essence it’s a list of every word in the dictionary. It’s probably not exhaustive but it’s a good place to start.
Manipulating the list
Now then before we start using Nasty we need to manipulate the text a little, based on what I already know about my password. I like to use
vim for this but it’s just what I know, I’m sure there are ways to do it with bash.
First of all, let’s get rid of every word that doesn’t start with a
t, since I suspect the middle word of my passphrase starts with that letter:
The shorter the list of words, the quicker Nasty can run through them.
Next I need to capitalise every word, since I know the format of the password is
Then I need to add the word I know, in this case
One to the start of every line. I like to do it this way:
- Go to the first line:
ctrl+vto enter visual block mode
Gto go to the bottom. This will select the first ‘column’ ie every first character.
shift+ito enter insert mode (don’t forget shift)
- Type your word. It will be just on line 1. For us it’s
esc. The word you just typed appears at the start of every line.
I’m sure there’s a slicker way to do this but it’s what stuck with me.
Now I need to add the other word I know at the end. In this case it’s
All done! Remember to save your work
So, the end result is a huge list of words that looks like this:
... OneTzarismThree OneTzaristThree OneTzaristsThree OneTzarsThree ...
That’s obviously the end of the file, but you get the idea. Somewhere in there lies our password,
UPDATE 2017-01-05: An anonymous reader has written in with a hot tip on also generating symbols and special characters, which I’m sure many of you have. They used a tool called regldg. I haven’t used it myself, but it seems like it allows you to use regex to generate a wordlist. In the message they said ‘“universe-checking” and “max-length”’ are options to look into since it caused errors.
So now it’s time to have Nasty run through this list of words. This is easy:
nasty -m file -i ~/bruteforce -f ~/outputpassword
-m selects the type of guessing, for us it’s
-i selects the file with the list of words we just made
-f specifies a file to save the correct password to should it find it. This is optional.
Bingo! After 2 minutes of running through the list Nasty struck gold and found the passphrase. Phew!
A bit of luck, a bit of logic and a lot of Linux got me my files back. The chances you are in the same boat as me are slim, but hopefully some of the information I have pooled here might help fellow gpg-ers that have half-forgotten their passphrases.
- Suggested GPG settings from the Arch Wiki
- Marcin from stackoverflow on how to remove lines
- Casey wise on how to capitalize all first letters
- Pixelbeat from stackoverflow on how to add a word to the start of every line
- Alan Curry from stackoverflow on how to add a word to the end of every line
- Folkert van Heusden, who wrote Nasty
- Tiago Bortoletto Vaz who wrote a man page for Nasty which saved me a lot of guesswork