phrasen|drescher is a cracking tool used for the purpose of finding the pass phrase for RSA or DSA keys as they would be used by SSH for instance. It performs wordlist and rule based attacks against the key. The tool can be used on multiple keys at once and is known to run on FreeBSD, NetBSD, OpenBSD, MacOS and Linux.
Download
Installation
./configure make make install
Usage
phrasen|drescher has to modes to run in. The Incremental mode does pure brute force of potential pass phrases while in Dictionary mode, phrases are taken from a word list:
Incremental mode:
phrasendrescher -i 6:8 key-fileThis mode expects an argument that gives the length of words to generate or a range. Generating 8 characters long words would be done by:
phrasendrescher -i 8 key-fileAnd to specify a range. E.g. from 8 characters to 12:
phrasendrescher -i 8:12 key-fileBy default, phrasen|drescher uses all printable characters for generating the phrases. However, you can specify your own character map in an environment variable called `PHRASENDRESCHER_MAP'. For example, in order to only do lower case characters:
export PHRASENDRESCHER_MAP="abcdefghijklmnopqrstuvwxyz" phrasendrescher -i 6:8 key-fileThe character map also implies the order of the characters to be used in phrases. So, if you want to do the increment in reverse order, simply do:
export PHRASENDRESCHER_MAP="zyxwvutsrqponmlkjihgfedcba" phrasendrescher -i 6:8 key-file
Dictionary mode:
Using this mode is straight forward:
phrasendrescher -d wordlist key-file
phrasen|drescher can read and try multiple keys if you specify a directory instead of a single key file:
phrasendrescher -d wordlist directory-containing-keys
As an example:
./phrasendrescher -vd wordlist.txt my.key phrasen|drescher 1.0 - the passphrase cracker Copyright (C) 2007 Nico Leidecker; nfl@portcullis-security.com mode: dictionary (wordlist.txt) 1 key files read: 0): my.key running ... match: (0) my.key [mypassphrase] finished!