So I encrypted (years back) a Linux volume when I was a lot more security conscious than I am now. I have no idea what the password is. I might be able to guess one or two parts of it… maybe… but I’m basically at a loss.
I know there’s no hope besides a brute force attack, and something like Hashcat would likely work on the thing… except I don’t have the hash. I don’t even remember what the encryption protocol was.
Is there a relatively easy way to throw a dictionary at it? I have a giant 4GB dictionary, and I’m pretty sure I know one word. I’m willing to let the computer go at it for up to a week, before resigning myself to formatting the drive and using it for other things. I don’t want to spend a lot of time on it directly. I just want to run something in the background I won’t have to think about. I know it’s a long shot and so I don’t want to sink a ton of time into this.
So the basic question: How to brute force an encrypted Linux drive (from a few years ago- so it has all the vulnerabilities that have been discovered since then) when you don’t have a hash. I don’t know enough to write a Bash script for it.
Or do I just give up now? Any help is much appreciated.
Based on what I can see in the boot partition, Fedora. FC15. Kernel version is 2.6.40.6-26… I think. That’s the most recent vmlinuz file anyway.
EDIT: Looks like LUKS, which is what I suspected. I tried using LUKS Crack, but it’s ancient abandonware, and I can’t get the underlying OTFE to run properly on Windows because it doesn’t have a signed driver.
Haven’t used it, can’t vouch for it. And it seems the only way to help the brute force attack is if you know the beginning or end of the passphrase.
The good news is you are not in a unique situation and I bet there are more things to try. It’s all about how important the data is to you and how much time you are willing to invest.
