< back to projects

phrasen|drescher is a cracking tool used for the purpose of finding the pass phrase for RSA or DSA keys as they would be used by SSH for instance. It performs wordlist and rule based attacks against the key. The tool can be used on multiple keys at once and is known to run on FreeBSD, NetBSD, OpenBSD, MacOS and Linux.

make install

phrasen|drescher has to modes to run in. The Incremental mode does pure brute force of potential pass phrases while in Dictionary mode, phrases are taken from a word list:

Incremental mode:

phrasendrescher -i 6:8 key-file
This mode expects an argument that gives the length of words to generate or a range. Generating 8 characters long words would be done by:
phrasendrescher -i 8 key-file
And to specify a range. E.g. from 8 characters to 12:
phrasendrescher -i 8:12 key-file
By default, phrasen|drescher uses all printable characters for generating the phrases. However, you can specify your own character map in an environment variable called `PHRASENDRESCHER_MAP'. For example, in order to only do lower case characters:
export PHRASENDRESCHER_MAP="abcdefghijklmnopqrstuvwxyz"
phrasendrescher -i 6:8 key-file
The character map also implies the order of the characters to be used in phrases. So, if you want to do the increment in reverse order, simply do:
export PHRASENDRESCHER_MAP="zyxwvutsrqponmlkjihgfedcba"
phrasendrescher -i 6:8 key-file

Dictionary mode:

Using this mode is straight forward:

phrasendrescher -d wordlist key-file

phrasen|drescher can read and try multiple keys if you specify a directory instead of a single key file:

phrasendrescher -d wordlist directory-containing-keys

As an example:

./phrasendrescher -vd wordlist.txt my.key
phrasen|drescher 1.0 - the passphrase cracker
Copyright (C) 2007 Nico Leidecker; nfl@portcullis-security.com

mode: dictionary (wordlist.txt)
1 key files read:
0): my.key

running ...
match: (0) my.key [mypassphrase]