2 * Example of LUKS/TrueCrypt password dictionary search
4 * Copyright (C) 2012 Milan Broz <gmazyland@gmail.com>
6 * Run this (for LUKS as root),
7 * e.g. ./crypt_dict test.img /usr/share/john/password.lst 4
9 * This copyrighted material is made available to anyone wishing to use,
10 * modify, copy, or redistribute it subject to the terms and conditions
11 * of the GNU General Public License v.2.
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software Foundation,
15 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 #include <sys/types.h>
24 #include <sys/prctl.h>
26 #include <sys/resource.h>
27 #include <libcryptsetup.h>
31 static enum { LUKS, TCRYPT } device_type;
33 static void check(struct crypt_device *cd, const char *pwd_file, unsigned my_id, unsigned max_id)
37 unsigned long line = 0;
43 /* open password file, now in separate process */
44 f = fopen(pwd_file, "r");
46 printf("Cannot open %s.\n", pwd_file);
50 while (fgets(pwd, MAX_LEN, f)) {
52 /* every process tries N-th line, skip others */
53 if (line++ % max_id != my_id)
58 /* strip EOL - this is like a input from tty */
59 if (len && pwd[len - 1] == '\n') {
64 /* lines starting "#!comment" are comments */
65 if (len >= 9 && !strncmp(pwd, "#!comment", 9)) {
66 /* printf("skipping %s\n", pwd); */
70 /* printf("%d: checking %s\n", my_id, pwd); */
71 if (device_type == LUKS)
72 r = crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, pwd, len, 0);
73 else if (device_type == TCRYPT) {
74 struct crypt_params_tcrypt params = {
75 .flags = CRYPT_TCRYPT_LEGACY_MODES,
77 .passphrase_size = len,
79 r = crypt_load(cd, CRYPT_TCRYPT, ¶ms);
82 printf("Found passphrase for slot %d: \"%s\"\n", r, pwd);
89 exit(r >= 0 ? 2 : EXIT_SUCCESS);
92 int main(int argc, char *argv[])
94 int i, status, procs = 4;
95 struct crypt_device *cd;
97 if (argc < 4 || argc > 5) {
98 printf("Use: %s luks|tcrypt <device|file> <password file> [#processes] %d\n", argv[0], argc);
102 if (argc == 5 && (sscanf(argv[4], "%i", &procs) != 1 || procs < 1)) {
103 printf("Wrong number of processes.\n");
107 if (!strcmp(argv[1], "luks"))
109 else if (!strcmp(argv[1], "tcrypt"))
110 device_type = TCRYPT;
112 printf("Wrong device type %s.\n", argv[1]);
116 /* crypt_set_debug_level(CRYPT_DEBUG_ALL); */
119 * Need to create temporary keyslot device-mapper devices and allocate loop if needed,
120 * so root is requried here.
123 printf("You must be root to run this program.\n");
127 /* signal all children if anything happens */
128 prctl(PR_SET_PDEATHSIG, SIGHUP);
129 setpriority(PRIO_PROCESS, 0, -5);
131 /* we are not going to modify anything, so common init is ok */
132 if (crypt_init(&cd, argv[2]) ||
133 (device_type == LUKS && crypt_load(cd, CRYPT_LUKS1, NULL))) {
134 printf("Cannot open %s.\n", argv[2]);
138 /* run scan in separate processes, it is up to scheduler to assign CPUs inteligently */
139 for (i = 0; i < procs; i++)
140 check(cd, argv[3], i, procs);
142 /* wait until at least one finishes with error or status 2 (key found) */
143 while (wait(&status) != -1 && WIFEXITED(status)) {
144 if (WEXITSTATUS(status) == EXIT_SUCCESS)
146 /* kill rest of processes */