Grond: The LUKS Password Cracker

Grond is a LUKS (Linux Unified Key Setup) password cracker.

Download Grond:

You can download Grond script with this link. grond.sh

What does it do?

Grond was created to simplify and semi-automate the process of cracking a LUKS volume.  All you need is a word list.

How does it work?

Grond tries to mount a drive or image with a password from the word list, if the password fails it moves onto the next password in line.  When the password is found it exit’s giving you the password.  If no password is found you will have to create a better wordlist.

How to use:

Download the script here or with wget, chmod +x it and then launch.

example:

wget http://www.incredigeek.com/home/downloads/grond.sh 
chmod +x grond.sh

Replace the grondwordlist.txt and /dev/sda2 with your wordlist and drive path.

./grond.sh -t1 -w grondwordlist.txt -d /dev/luksvolume

The above command launches Grond using a single thread i.e.(CPU core).  If you have more than one CPU core, try using more threads to speed up the process.  The (-t) option controls how many threads are executed, simply change the number after it to either 1, 2 , 4, or 8.

 

Recommendations and Warnings

The recommended amount of threads is the same as the number of logical CPU cores, so if your running a Intel Quad Core CPU with 8 Logical cores, the recommended thread value is 8.

It is advisable to disable things like sleep, screen auto turning off, and automatic locking.  It can be close to impossible to log back in or turn the screen on once the script starts running.

If the number of threads your using is the same as the logical processor cores, then your CPU will be at 100% on all cores.  Don’t expect to be doing anything else on the computer while the script is running.

Watch you CPU temps!  Running the script is like running a CPU benchmark.  If you have lm-sensors installed you can watch the CPU temp with the following command.

watch sensors

 

Manually terminate Grond

Currently if you need to manually kill the grond script, hit control+c in the main terminal window, and then run the following command to kill any remaining processes.

for p in `ps aux | grep grond.sh | awk '{print $2}'` ; do kill $p ; done

 

Examples:

launch ground with 1 thread against /dev/sda2

./grond.sh -t 1 -w grondwordlist.txt -d /dev/sda2

Launch with 8 threads

./grond.sh -t 8 -w grondwordlist.txt -d /dev/sda2

You can also run the Grond script against an image and/or partial image of the encrypted drive.  All that is really needed is the first few MB’s of the encrypted partition.
A partial image can be helpful if you need to run the script on a different computer, and can not bring or remove the LUKS encrypted hard drive.  To get a partial image run the following command, and then hit “Control + c” to terminate dd, this will leave you with a image file that should be a couple hundred MB’s.

dd if=/dev/sda2 of=/lukspart.img

Now copy lukspart.img to your cracking machine and then run Grond against the image.

./grond.sh -t 8 -w grondwordlist.txt -d lukspart.img

 

How Fast is it?

Due to how the script works, and how LUKS was designed, cracking a password can take a long time.  Below are some examples of what kind of speed to expect.  The more threads you can spare the faster the cracking process goes.

Processor Threads Passwords/Minute
2 x Intel Core Xeon(r) CPU x5460 @ 3.16 x 8
8 272
16 336
Intel Core i7-3612QM CPU @ 2.10GHz × 8
1 35
2 69
4 120
8 152
Intel Core i5-560M CPU @ 2.66 GHz x 4
1 26
2 40
4 48
Intel Core i7-2630QM @ 2.00 GHz x 4
8 142

 

Leave a Reply

Your email address will not be published. Required fields are marked *