Lars Reimann wrote: > I just wanted to shortly ask, if there have any tools emerged since my > initial post, which could help me on the recovery on my lost password > for losetup: > > losetup -e AES256 -C 500 /dev/loop0 /dev/md2 > > The proposed way was to use brute force and try to compute passwords and > check if they result in (03 ... 00) (ext2 zero sectors). > > Any hints / refs to snippets would be helpful! In private email, another person asked almost same question. Below is what I wrote to him/her. It is a script that reads possible passwords from a file, one password per line. Quote: I would do this scripting using aespipe, which is available from http://loop-aes.sourceforge.net/ . For many file systems, such as ext2, ext3, reiserfs, and possibly others, the file system's fourth 512 byte plaintext sector is all zero bytes. This known plaintext can be used to determine if the passphrase is correct. Additional bonus is that you don't have to mess with original file system when trying to brute force the passphrase. # echo "1234567890 1234567890 5" | losetup -p 0 -v -C 3 -e AES256 /dev/loop0 /dev/fd0 # mkfs -t ext2 -q /dev/loop0 # losetup -d /dev/loop0 # chmod u+x brute.sh # cat brute.sh #/bin/bash DEVICE=/dev/fd0 dd if=${DEVICE} of=crypted.bin bs=512 count=1 skip=3 2>/dev/null dd if=/dev/zero of=zero.bin bs=512 count=1 2>/dev/null while : ; do read p if [ $? != 0 ] ; then echo "FAILED" exit 1 fi echo "Trying: ${p}" echo "${p}" >pass.txt aespipe -d -C 3 -e AES256 -O 3 -p 3 3<pass.txt <crypted.bin >clear.bin cmp --quiet clear.bin zero.bin if [ $? = 0 ] ; then echo "FOUND IT" exit 0 fi done # cat list1.txt 1234567890 1234567890 1 1234567890 1234567890 2 1234567890 1234567890 3 1234567890 1234567890 4 1234567890 1234567890 5 1234567890 1234567890 6 1234567890 1234567890 7 # ./brute.sh <list1.txt Trying: 1234567890 1234567890 1 Trying: 1234567890 1234567890 2 Trying: 1234567890 1234567890 3 Trying: 1234567890 1234567890 4 Trying: 1234567890 1234567890 5 FOUND IT -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
