* Lars Reimann <mail@xxxxxxxxxxxxxxx> wrote: > my first question if there is ANY way to recover the data. I heard > about cryptoloop being weak, and if i could remember some more > details about the password, it could be narrowed down to some > characters. For example it begins with letter then a number... Without the password, chances are slim of recovering your data. did you use a sole password or a pw protected gpg keyfile? > Also, i would like to automate to try different passwords. Is there > a program available which does such (brute force) things with the > cryptoloop? however I may have to write it on my own if nothing is > available. I heard it may be possible to extract some sectors of > ext2/3 partitions which are always "zero". Then the decryption can > be verified by using such sectors. Has anyone an idea which > SECTORS this are on ext2/3 partitions and how to extract them? known plaintext attack. possible, but you'd be better off cracking the password bruteforce, given that you partially remember it. modern fs are structured in a certain way so one knows which sectors to seek out. if one knows the start of the fs / partition... basically, it's about what Jari wrote here http://marc.theaimsgroup.com/?l=linux-kernel&m=107419912024246&w=2 > My goal is to test the decryption on a faster system, maybe on a > cluster system. But ANY IDEAS ARE WELCOME. I know the result set is > big, but the data is really important...and i am prepared trying to > recover it for a long time. well, if you used a gpg encrypted keyfile (doesn't matter which v-format version it was, really) ... have a look at nasty. it's a bruteforce tool, http://www.vanheusden.com/nasty/ -- left blank, right bald
Attachment:
pgpABrcFOyi9w.pgp
Description: PGP signature
