1SUCRACK(1)                  General Commands Manual                 SUCRACK(1)
2
3
4

NAME

6       sucrack  is a multithreaded Linux/UNIX tool for brute-force cracking of
7       local user accounts via su.
8
9

SYNOPSIS

11       sucrack [options] wordlist
12
13

DESCRIPTION

15       sucrack is a multithreaded Linux/UNIX tool  brute-force  cracking  tool
16       that  drives su(1) with referencing a specific user and uses words from
17       a wordlist as passwords. Running sucrack does not require  high  privi‐
18       leges on the target system.
19
20

OPTIONS

22       sucrack  allows  reading  passwords  from  stdin. In that case, use '-'
23       instead of a filename as wordlist parameter.
24
25       Common options:
26
27       -h     print help message
28
29       -a     use ansi escape codes  for  nice  looking  statistics  (requires
30              --enable-statistics configuration flag)
31
32       -s <seconds>
33              statistics  display intervall (requires --enable-statistics con‐
34              figuration flag)
35
36       -c     only print statistics if a key other than `q' is pressed
37
38       -r     enable rewriting of dictionary words (see rules below)
39
40       -w <num>
41              number of threads to run with.
42
43       -b <size>
44              size of the word list buffer
45
46       -u <user>
47              user account to su to
48
49       -l <rules>
50              specify certain rules for the rewriting process
51
52       Rewriting rules:
53
54       A      Rewrite word with only upper case characters
55
56       F      Rewrite word with first character as upper case
57
58       L      Rewrite word with last character as upper case
59
60       a      Rewrite word with only lower case characters
61
62       f      Rewrite word with first character as lower case
63
64       l      Rewrite word with last character as lower case
65
66       D      Prepend each digit (0-9) to the word
67
68       d      Append each digit (0-9) to the word
69
70       e      enleet the word
71
72       x      apply all rules to a word
73
74

ENVIRONMENT VARIABLES

76       SUCRACK_SU_PATH
77              The path to su (usually /bin/su or /usr/bin/su)
78
79       SUCRACK_AUTH_FAILURE
80              The message su returns on an authentication failure  (like  "su:
81              Authentication failure" or "su: Sorry")
82
83       SUCRACK_AUTH_SUCCESS
84              The  message that indicates an authentication success. This mes‐
85              sage must not be a password listed in the wordlist  (default  is
86              "SUCRACK_SUCCESS")
87
88

AUTHOR

90       Nico Leidecker <nfl@portcullis-security.com>
91              http://www.leidecker.info
92
93

SEE ALSO

95       su(1)
96
97
98
99                                 Version 1.2.3                      SUCRACK(1)
Impressum