crackpkcs12 is a tool to audit PKCS#12 files passwords (extension .p12 or .pfx). It's written in C and uses openssl library.
It works on GNU/Linux and other UNIX systems.
His author is aestu and his license is GPLv3+ slightly modified to use openssl library.
You can download it here.
You have to install libssl library. libssl is the package in Debian like distros and openssl in RedHat like distros.
For Debian like distributions (Debian, Ubuntu, Mint, Backtrack, etc) you can download .deb packages. No compilation is needed.
For other GNU/Linux distros or UNIX systems you have to compile from sources. See next section.
You have to install libssl development library. libssl-dev is the package in Debian like distros and openssl-devel in RedHat like distros.
Afterwards, you can follow the standard process:
tar -xf crackpkcs12*
cd crackpkcs12*
./configure
make
sudo make install
crackpkcs12 is able to perform two types of attack: Dictionary (no dictionary is provided) or brute force.
Use help message to read the params description:
crackpkcs12 -h
A simple dictionary attack:
crackpkcs12 -d dictionary.txt certificate.pfx
A simple brute force attack:
crackpkcs12 -b certificate.pfx
A combinate attack. When dictionary attack finishes, a brute force attack starts:
crackpkcs12 -b -d dictionary.txt certificate.pfx
A combinate attack. When dictionary attack finishes, a brute force attack starts. Brute force attack uses just lower and upper case letters:
crackpkcs12 -d dictionary.txt -b -caA certificate.pfx
A combinate attack. When dictionary attack finishes, a brute force attack starts. Brute force attack uses just numbers and minimun length of passwords is 5:
crackpkcs12 -d dictionary.txt -b -cn -m5 certificate.pfx