#!/usr/bin/perl # # SSH/SSL RSA Private Key Passphrase dictionary enumerator # # Copyright 2018 (c) Todor Donev # https://ethical-hacker.org/ # https://facebook.com/ethicalhackerorg # # [todor@paladium]$ ssh-keygen -t rsa -b 4096 -C "info@ethical-hacker.org" # Generating public/private rsa key pair. # Enter file in which to save the key (/home/todor/.ssh/id_rsa): test_rsa.prv # Enter passphrase (empty for no passphrase): # Enter same passphrase again: # Your identification has been saved in test_rsa.prv. # Your public key has been saved in test_rsa.prv.pub. # The key fingerprint is: # --- SNIP --- info@ethical-hacker.org # The key's randomart image is: # +--[ RSA 4096]----+ # --- SNIP --- # --- SNIP --- # --- SNIP --- # --- SNIP --- # --- SNIP --- # --- SNIP --- # --- SNIP --- # +-----------------+ # [todor@paladium]$ perl ssh-ssl-enum-privkey.pl test_rsa.prv wordlist.txt # [+] SSH/SSL RSA Private Key Passphrase dictionary enumerator # [*] ====== # [?] root != Passphrase # [?] toor != Passphrase # [?] r00t != Passphrase # [?] t00r != Passphrase # [?] admin != Passphrase # [?] nimda != Passphrase # [?] support != Passphrase # [?] devel != Passphrase # [?] oper != Passphrase # [?] operator != Passphrase # [?] hacker != Passphrase # [?] h4x0r != Passphrase # [?] noob != Passphrase # [?] n00b != Passphrase # [?] boon != Passphrase # [?] b00n != Passphrase # [*] ====== # [!] Author: Todor Donev # [!] https://ethical-hacker.org/ # [!] https://fb.com/ethicalhackerorg # [*] ====== # [*] Passphrase for test_rsa.prv is Ethical-Hacker-Bulgaria-2o18 # # # Disclaimer: # This or previous programs is for Educational # purpose ONLY. Do not use it without permission. # The usual disclaimer applies, especially the # fact that Todor Donev is not liable for any # damages caused by direct or indirect use of the # information or functionality provided by these # programs. The author or any Internet provider # bears NO responsibility for content or misuse # of these programs or any derivatives thereof. # By using these programs you accept the fact # that any damage (dataloss, system crash, # system compromise, etc.) caused by the use # of these programs is not Todor Donev's # responsibility. # # Use them at your own risk! # # Requirements: # cpan install Crypt::PK::RSA use strict; use warnings; use Crypt::PK::RSA; my ($p, $w) = @ARGV; my $k = Crypt::PK::RSA->new; print "[+] SSH/SSL RSA Private Key Passphrase dictionary enumerator\n"; &banner and die "[!] Usage: perl $0 " if @ARGV != 2; my $iskey = do { open (PRIVKEY, " <$p") or die "[-] Error: $p $!"; }; &banner and print "[-] Error: The choosen file is empty" and exit if (-z $p); &banner and print "[-] Error: The choosen file is not valid private RSA key\n" and exit if $iskey !~ /--BEGIN RSA PRIVATE KEY--/; open (WORDLIST, " <$w") or die "[-] Error: $w $!"; die "[-] Error: The wordlist is empty" if (-z $w); my @file = ; print "[*] ======\n"; foreach my $c(@file) { chomp $c; if (! eval { $k->import_key($p, $c) }) { print "[?] $c != Passphrase\n"; } else{ &banner and die "[*] Passphrase for $p is $c\n"; } } close (WORDLIST); &banner and print "[-] Sorry, I could not find the passphrase or the private key is corrupted!\n" and exit; sub banner{ print "[*] ======\n"; print "[!] Author: Todor Donev \n"; print "[!] https://ethical-hacker.org/\n"; print "[!] https://fb.com/ethicalhackerorg\n"; print "[*] ======\n"; }