Examples

Plugin Handling

The default plugin directory is ./plugins. However you can specify a custom path:

$ export PD_PLUGINS=/my/plugin/directory
$ pd
phrasen|drescher 1.1.1 - the passphrase cracker
Copyright (C) 2008 Nico Leidecker; nfl@portcullis-security.com

Usage: pd plugin [options]
Please choose a plugin first or use -h for more help
Available plugins:
 rsa-dsa  mssql  ssh  http-raw

Set the plugin directory in the environemtn variable 
PD_PLUGINS if required.

Dictionary Mode

You can perform a simple dictionary attack on a RSA private key pass phrase using the corresponding module like this:

$ phrasendrescher rsa-dsa -d dict.txt -K ~/.ssh/id_rsa
phrasen|drescher 1.1.1 - the passphrase cracker
Copyright (C) 2008 Nico Leidecker; nfl@portcullis-security.com

match: (0) ~/.ssh/id_rsa [test123]
finished!
bye, bye...

Dictionary Mode With Permutations

If you want to permute your dictionary there are loads of options (see Usage page), e.g:

$ phrasendrescher rsa-dsa -r aF -d dict.txt -K ~/.ssh/id_rsa
phrasen|drescher 1.1.1 - the passphrase cracker
Copyright (C) 2008 Nico Leidecker; nfl@portcullis-security.com

match: (0) ~/.ssh/id_rsa [test123]
finished!
bye, bye...

Here the 'a' rule converts each word to lower case and the 'F' rule uses initial caps for each word.

Brute Force Mode

You can specify a custom character set for a brute force attack. Here we choose quick a small character set, so the attack will actually finish:

$ PD_CHARMAP="tes1234" phrasendrescher rsa-dsa -i 1:7 -K ~/.ssh/id_rsa
phrasen|drescher 1.1.1 - the passphrase cracker
Copyright (C) 2008 Nico Leidecker; nfl@portcullis-security.com

match: (0) ~/.ssh/id_rsa [test123]
finished!
bye, bye...