> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-3/pgp/trick-0006.md).

# Decrypt PGP File with Cracked Passphrase

***

Extract the PGP private key passphrase hash using `gpg2john` and save it to a file. First of all, you need to format the private key to make John the Ripper recognize it. `gpg2john` can process various GPG key file formats, such as `.asc` (ASCII armored), `.key` (binary), or `.sig` files.

For an ASCII armored key file like `private.asc`, the command is:

```bash
gpg2john private.asc > hash.txt
```

If your private key is in a different format, adjust the command accordingly. For example:

```bash
# For a binary key file
# gpg2john private.key > hash.txt
# For a private key in .sig format (if applicable)
# gpg2john private_key.sig > hash.txt
```

Crack the extracted hash from `hash.txt` using a tool like John the Ripper. There are several modes you can use:

A common method is a wordlist attack, using a pre-defined or custom wordlist:

```bash
john --wordlist=<wordlist_path> hash.txt
```

To optimize performance, you can use the `--fork` option to utilize multiple CPU cores:

```bash
john --wordlist=<wordlist_path> --fork=4 hash.txt
```

You can enhance wordlist attacks with rules to modify and extend wordlist entries:

```bash
john --wordlist=<wordlist_path> --rules hash.txt
```

Alternatively, John the Ripper can perform a brute force attack using incremental mode for a comprehensive approach:

```bash
john --incremental hash.txt
```

For a more comprehensive incremental mode, you might specify character sets:

```bash
# john --incremental=All hash.txt
```

Once John the Ripper has found the password, or if you interrupt its progress (often by pressing Ctrl+C), you can display the cracked passwords using:

```bash
john --show hash.txt
```

Once the passphrase is found, import the private key using `gpg --import`. This command can import keys from various file formats. For an ASCII armored key:

```bash
gpg --import private.asc
```

If your key was in a different format, you would adjust accordingly:

```bash
# gpg --import private.key
# gpg --import private_key.sig
```

You will be prompted to enter the cracked passphrase.

To list the imported keys and verify the import, you can use:

```bash
gpg --list-keys
gpg --list-secret-keys
```

Finally, decrypt the target PGP-encrypted file using the imported key. The `-d` option is used for decryption.

```bash
gpg --decrypt backup.pgp
```

If your encrypted file has a different extension, such as `.gpg`, the command would be similar:

```bash
# gpg -d encrypted_file.gpg
```

When you run the decryption command, you'll be asked for the passphrase, so enter the passphrase you recovered in the previous steps.
