A few months ago, I found myself in the unfortunate position that I had to try to recover the password used to encrypt a Linux hard drive. Tonight a few friends of mine asked for details on this effort. I guess it is a good idea to expose the recipe I found to a wider audience, so here are a few relevant links and key findings. I've forgotten a lot, so part of this is taken from memory.
I found a good recipe in a blog post written in 2019 by diverto, titled Cracking LUKS/dm-crypt passphrases. I tried both the john the ripper approach where it generated password candidates and passed it to cryptsetup and the luks2jack.py approach (which did not work for me, if I remember correctly), but believe I had most success with the hashcat approach. I had it running for several days on my Thinkpad X230 laptop from 2012. I do not remember the exact hash rate, but when I tested it again just now on the same machine by running "hashcat -a 0 hashcat.luks longlist --force", I got a hash rate of 7 per second. Testing it on a newer machine with a 32 core AMD CPU, I got a hash rate of 289 per second. Using the ROCM OpenCL approach on the same machine I managed to get a hash rate of 2821 per second.
Session..........: hashcat Status...........: Quit Hash.Mode........: 14600 (LUKS v1 (legacy)) Hash.Target......: hashcat.luks Time.Started.....: Tue Apr 8 23:06:08 2025 (1 min, 10 secs) Time.Estimated...: Tue Apr 8 23:12:49 2025 (5 mins, 31 secs) Kernel.Feature...: Pure Kernel Guess.Base.......: File (/usr/share/dict/bokmål) Guess.Queue......: 1/1 (100.00%) Speed.#1.........: 2821 H/s (8.18ms) @ Accel:128 Loops:128 Thr:32 Vec:1 Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new) Progress.........: 0/935405 (0.00%) Rejected.........: 0/0 (0.00%) Restore.Point....: 0/935405 (0.00%) Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:972928-973056 Candidate.Engine.: Device Generator Candidates.#1....: A-aksje -> fiskebil Hardware.Mon.#1..: Temp: 73c Fan: 77% Util: 99% Core:2625MHz Mem: 456MHz Bus:16
Note that for this last test I picked the largest word list I had on my machine (dict/bokmål) as a fairly random work list and not because it is useful for cracking my particular use case from a few months ago.
As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.