Mac Shell Script – Crack PGP WDE

While I am working on a crowbar version for PGP whole disk encryption.  I took a few minutes to modify the previous script for PGP virtual disk files to hit wde drives in case you need something right away.  Keep in mind you need to determine the drive number with something like df, diskutil etc.

When running the script you will see output like

Operation failed! (errno = -12000)
cannot recognize user record at index 1536:
reached end of user record list
ERROR, wrong passphrase.
Operation failed! (errno = -12000)
Password found!

Operation failed! (errno = -12000)
cannot recognize user record at index 1536:
reached end of user record list
ERROR, wrong passphrase.
Operation failed! (errno = -12000)
Password found!

Here is the script.  Obviously you will need to change the path to your dictionary and the number after the –disk to match the drive you are attacking.  If  you are clever the command for pgpwde is the same under windows with pgp installed.  You could build a similar script there.

#!/bin/bash

for word in $(cat /Volumes/ExternalDrive/Dictionaries/test.txt | grep -v “#”)

do

echo -n $word | pgpwde –auth-disk –passphrase $word –disk 0

if [[ $? = 0 ]]

then

echo “Password found!”

echo $word

exit 0

fi

done

echo “password not found :(“

exit 1

Share

crowbar BMG/KC Alerts on your iPhone

One of the things I built into my crowbar dictionary attack tools for DMG and keychain files from the start was Growl.  Growl is a free add on notification framework for your mac. MANY popular mac programs support growl so this is not just some odd plug in.   I recommend in the crowbar apps making it popup the notifications for password found and not found at least go to your screen.  The password found is even better when set to sticky.  This means the alert stays on the screen until you click on it.

Now if you have an iPhone you can get the alert notifications right to your iPhone.  There is a great iPhone application called Prowl (App Store Link).  The developer’s site lets you create a login to his site which you set in the Prowl program.  You download and install a Growl plugin for Prowl.  The Prowl iPhone app is $2.99.  The service and plugin are free.  Last all you do is customize the alert settings for the crowbar apps to send to Prowl just using the growl preference pane control.

Now when you leave those real large dictionaries running you can leave them minimized and even leave the office or home knowing you will get the status when the job finishes.

You can find out everything at the Prowl developer’s site: http://prowl.weks.net/

Share

Tutorial – Quartz Composer and Image Units in Xcode

I gave myself a crash course this weekend.  I mainly wanted to be able to make plugins for fun in Pixelmator.  But turns out you can use things in iChat and Photobooth live.  It was a bit of a fun uphill battle to actually figure out a repeatable process.  So I wrote one.  You can download my Image Units Tutorial in PDF.

I cover Prototyping in Quartz Composer, moving it to an Image Unit and compile it in Xcode.  I toss in how to add a user input and even found a blog post on the Internet on how to ensure your IU puts out an image with defined dimensions.

Enjoy!

Share