How can I verify the passphrase for RSA private key (PEM format) in python? I want to brute force and use my own dictionary.
I created the key by this command in MacOS:
ssh-keygen -t rsa -C "your_email@example.com"
Private RSA Key detail:
Strength: 2048 bits
Algorithm: RSA
Size: 2048
Fingerprints
SHA1: 80 09 90 30 96 8E 24 FC A9 4B 46 E1 BE B7 23 2D EC 16 2C EB
SHA256: 67 93 E2 0A 9F E7 C9 7E A9 66 AD 05 52 FD 19 8B 3E CB 8A 59 9F 51 F0 A6 65 6F 6F 9A 9D 7B 35 B9
The passphrase is : 'testing'
as @Hannu advised I ran this code but it reject the both right and wrong passphrases
from Crypto.PublicKey import RSA
kf = open("testing", "r")
kt = kf.read()
kf.close()
dlist = ["foo", "bar", "testing"]
for d in dlist:
try:
nk = RSA.importKey(kt, passphrase=d)
print "success", d
break
except ValueError:
print "nosuccess", d
pass
I would suggest taking a look at the RSA Module in Crypto
https://www.dlitz.net/software/pycrypto/api/current/Crypto.PublicKey.RSA-module.html
Something along the lines of the following would be a good starting point
>>> from Crypto.PrivateKey import RSA
>>>
>>> key = RSA.generate(2048)
>>> f = open('mykey.pem','w')
>>> f.write(RSA.exportKey('PEM'))
>>> f.close()
...
>>> f = open('mykey.pem','r')
>>> key = RSA.importKey(f.read())
Managed to to this with Paramiko instead of pycrypto:
import paramiko
from paramiko import rsakey
kf = open("sshk", "r")
dlist = ["foo", "bar", "foobar", "klunssi", "xyzzy"]
for d in dlist:
kf.seek(0)
try:
nk = rsakey.RSAKey.from_private_key(kf, password=d)
print "success", d
except paramiko.ssh_exception.SSHException:
print "fail", d
This works at least for me. Hope this helps.
Hannu
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.