Brute Forcing LUKS

Posted: February 4, 2012 in Guides
Tags: , ,

Well, as you might have noticed (and some of you knew) I haven’t been updating auditme or my blog or well much of anything else. Quite simply this was because I locked away most of my data (including auditme) in a LUKS encrypted drive… I know… I’m smart huh?

Incidentally if you have a server with pretty decent uptime you might well forget that LUKS passphrase you’ve probably only used one time when you configured it šŸ˜›

So instead of giving up all my data to the encryption gods I decided that I would brute force the pass phrase. This generally speaking is utterly pointless with LUKS full drive encryption. However, in this case I knew all the characters in the passphrase however I did not know the order I had put them in. (This is usually how it works for most people).

In my particular case the passphrase was in the format of !word1@word2*word3& etc… So I created a simple program to brute force the passphrase, and voila I recovered it, along with the rest of my data. I decided since this is quite a common occurence (at least so it would seem on Ubuntu forums) that I would post the utility that I used to do this so that everyone in a similar situation may use it.

Note : This really is only effective if you KNOW some or all of the passphrase, this is not a good idea if you’ve stolen a computer and have NO clue what the passphrase is, so if you happen to be one of those law enforcement types that thinks this is a cool way to break crypto, it’s not it’s slow and inefficient.

Using the utility

Using this application is pretty straight forward. The first thing you will need to do is pull the drive and place it in another system, barring that you can boot from a liveCD (I used Fedora because I had one handy, but Ubuntu will work fine as well.)

Then simply grab the files from moi.


Extract them

tar xzvf luksbrute.tar.gz

Note : you may need to make the following files executable.

chmod 755
chmod 755 luksbrute

Then create a file full of words you wish to use the permutations of. For instance if you knew you used the special characters ! , @ and # and the words , word1 word2 and word3 the file would look like this.


So now let’s assume your password was in the format !word1@word2#word3 that’s 6 elements that we want permutations of, so we can have generate our wordlist for us (if you already have a wordlist you’d like to use I’ll explain how to do that in a second.

So we would run

./ -g /path/to/permutation/list -m 6

and it will generate your wordlist and begin cracking with that wordlist.

If you want to use a wordlist you’ve already generated you can simply do the following

./ -w /path/to/my/wordlist

Hopefully this helps someone , it was rather useful to me. šŸ™‚

  1. Carlos says:

    I remember one time i couldn’t boot into my system so i had to use a live cd, and manually enter the drive. Lucky i remember my passphrase šŸ™‚

  2. dangertux says:

    Yeah I was really worried I’d lost all my stuff, incidentally it was a common password I always use. I wanted to kick myself after it was recovered, I was like seriously? LoL šŸ˜‰

  3. Carlos says:

    Hey Adam, I heard you left the Ubuntu team. I also stopped using it and went to freeBSD. Hope all is well with you.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s