bash script for password recovery

sujay.jauhar · January 6, 2011, 7:24am

Hi all,

I'm a complete newbie to bash scripting, although I have some experience in programming. The thing is that I have a .dmg file on my mac which I protected with a password, and now I've forgotten it.

I remember the first few letters of the password and the characters that represent the last few letters, so I want to write a script that goes through all the options iteratively to find the correct one

#!/bin/bash
#my array of password options
psswrd=( one two three )
#first call to open the dmg file
hdiutil attach DOCS.dmg
#here i give it a wrong input password on purpose so it enters the loop
while [ $? = 1 ]; do
	hdiutil attach DOCS.dmg
        #at this point I'm prompted with "Enter password to access "DOCS.dmg":"
        #and instead of typing the input I want to iterate through the array "psswrd" and use each of its elements in turn as an answer to the prompt
        #also i want to be able to exit the loop if i've gone through the entire array and not found the correct password
done

Any help would be deeply appreciated.

Cheers.

DGPickett · January 6, 2011, 1:33pm

for let5 in a b c d e f g h i j k l m n o p q r s t u v w x y z
do
for let6 in a b c d e f g h i j k l m n o p q r s t u v w x y z
do
for let7 in a b c d e f g h i j k l m n o p q r s t u v w x y z
do
 try_pw=$let14$let5$let6$let7
 . . .
done
done
done

rdcwayx · January 6, 2011, 8:29pm

dgpickett:

for let5 in a b c d e f g h i j k l m n o p q r s t u v w x y z
do
for let6 in a b c d e f g h i j k l m n o p q r s t u v w x y z
do
for let7 in a b c d e f g h i j k l m n o p q r s t u v w x y z
do
 try_pw=$let14$let5$let6$let7
 . . .
done
done
done

for let5 in {a..z}
do
for let6 in {a..z}
do
for let7 in {a..z}
do
 try_pw=$let14$let5$let6$let7
 . . .
done
done
done

Corona688 · January 6, 2011, 8:34pm

try echoing the password into it with a pipe.

if echo password | htiutil
then
        echo password worked
        break;
fi

if it won't take passwords that way, you may need to use the expect utility to fake having a virtual terminal.

DGPickett · January 7, 2011, 12:05pm

Yes, it it reads password using /dev/tty not stdin you need a pseudo terminal. Tools like expect might be slower and more trouble than somethng like this, the poor man's expect:

 
(
  Insert code to generate passwords and from them generate "a script to try passwords on the remote bash",
   checking output_file for failure before generating and trying the next password,
   and exiting printing the last password on success.  N Failures might be easier to determine than success. 
  Some authenticators faill all passwords after the first three tries, so you need a fresh session to ensure your results are real.
 )|ssh2 localhost bash >output_file 2>&1

I am a ksh guy, and usually do not have ..:

$ for i in {a..z}
> do
> echo $i
> done
{a..z}
$