4 * Simple ssh-private key cracker. Tries to brute force (dictionary
5 * attack) almost any ssh private key file format.
7 * This is just a quick tool from THC. Using OpenSSL is not really
11 * gcc -Wall -O2 -o thc-ssh-crack thc-ssh-crack.c -lssl
14 * John is a good password generator. We use it for thc-ssh-crack:
16 * $ john -stdout -incremental | nice -19 thc-ssh-crack id_dsa
18 * Normal dictionary (without john's permutation engine):
20 * $ nice -19 thc-ssh-crack id_dsa <dictionary.txt
27 #include <openssl/ssl.h>
28 #include <openssl/err.h>
29 #include <openssl/evp.h>
30 #include <openssl/pem.h>
34 main(int argc, char *argv[])
36 FILE *fp = fopen(argv[1], "r");
45 if (!fgets(pwd, sizeof pwd, stdin))
47 printf("Password not found.\n");
50 ptr = strchr(pwd, '\n');
53 pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)pwd);
56 printf("THC THC THC THC THC THC THC THC THC\n");
57 printf("----> pwd is '%s' <-----\n", pwd);
58 printf("THC THC THC THC THC THC THC THC THC\n");