psk-crack(1)

1PSK-CRACK(1)                General Commands Manual               PSK-CRACK(1)
2
3
4

NAME

6       psk-crack - Crack IKE Aggressive Mode Pre-Shared Keys
7

SYNOPSIS

9       psk-crack [options] <psk-parameters-file>
10
11       <psk-parameters-file>  is a file containing the parameters for the pre-
12       shared key cracking process in the format generated  by  ike-scan  with
13       the --pskcrack (-P) option.  This file can contain one or more entries.
14       For multiple entries, each one must be on a separate line.
15
16       The program can crack either MD5 or SHA1-based  hashes.   The  type  of
17       hash  is automatically determined from the length of the hash (16 bytes
18       for MD5 or 20 bytes for SHA1).  Each entry in the <psk-parameters-file>
19       is  handled separately, so it is possible to crack a mixture of MD5 and
20       SHA1 hashes.
21
22       psk-crack can also crack the proprietary hash  format  used  by  Nortel
23       Contivity  /  VPN  Router systems.  When cracking Nortel format hashes,
24       you need to specify the username of the hash that you are cracking with
25       the  --norteluser (-u) option.  When cracking Nortel format hashes, you
26       can only crack one hash at a time.
27
28       By default,  psk-crack  will  perform  dictionary  cracking  using  the
29       default  dictionary.   The dictionary can be changed with the --dictio‐
30       nary (-d) option, or brute-force cracking  can  be  selected  with  the
31       --bruteforce (-B) option.
32

DESCRIPTION

34       psk-crack  attempts  to  crack IKE Aggressive Mode pre-shared keys that
35       have previously  been  gathered  using  ike-scan  with  the  --pskcrack
36       option.
37
38       psk-crack can operate in two different modes:
39
40       1)     Dictionary cracking mode: this is the default mode in which psk-
41              crack tries each candidate word from the dictionary file in turn
42              until  it finds a match, or all the words in the dictionary have
43              been tried.
44
45       2)     Brute-force cracking mode: in this  mode,  psk-crack  tries  all
46              possible combinations of a specified character set up to a given
47              length.
48

OPTIONS

50       --help or -h
51              Display this usage message and exit.
52
53       --version or -V
54              Display program version and exit.
55
56       --verbose or -v
57              Display verbose progress messages.
58
59       --dictionary=<f> or -d <f>
60              Set    dictionary    file    to    <f>.     The    default    is
61              /usr/local/share/ike-scan/psk-crack-dictionary.
62
63       --norteluser=<u> or -u <u>
64              Specify the username for Nortel Contivity cracking.  This option
65              is required when cracking pre-shared keys on Nortel Contivity  /
66              VPN  Router  systems.  These systems use a proprietary method to
67              calculate the hash that includes the username.  This  option  is
68              only  needed  when cracking Nortel format hashes, and should not
69              be used for standard format hashes.
70
71       --bruteforce=<n> or -B <n>
72              Select bruteforce cracking up to <n> characters.
73
74       --charset=<s> or -c <s>
75              Set bruteforce character set to <s> Default is "0123456789abcde‐
76              fghijklmnopqrstuvwxyz"
77

AUTHOR

79       Roy Hills <Roy.Hills@nta-monitor.com>
80
81
82
83                               February 14, 2005                  PSK-CRACK(1)