94 lines
2.9 KiB
Groff
94 lines
2.9 KiB
Groff
.\" $Id: psk-crack.1 9313 2006-10-20 10:49:03Z rsh $
|
|
.TH PSK-CRACK 1 "February 14, 2005"
|
|
.\" Please adjust this date whenever revising the manpage.
|
|
.SH NAME
|
|
psk-crack \- Crack IKE Aggressive Mode Pre-Shared Keys
|
|
.SH SYNOPSIS
|
|
.B psk-crack
|
|
.RI [ options ] " " < psk-parameters-file >
|
|
.PP
|
|
.B <psk-parameters-file>
|
|
is a file containing the parameters for the pre-shared
|
|
key cracking process in the format generated by
|
|
.B ike-scan with the
|
|
.B --pskcrack (-P)
|
|
option. This file can contain one or more entries. For multiple entries,
|
|
each one must be on a separate line.
|
|
.PP
|
|
The program can crack either MD5 or SHA1-based hashes. The type of hash is
|
|
automatically determined from the length of the hash (16 bytes for MD5 or
|
|
20 bytes for SHA1). Each entry in the
|
|
.B <psk-parameters-file>
|
|
is handled separately, so it is possible to crack a mixture of MD5 and SHA1
|
|
hashes.
|
|
.PP
|
|
.B psk-crack
|
|
can also crack the proprietary hash format used by Nortel Contivity / VPN
|
|
Router systems. When cracking Nortel format hashes, you need to specify the
|
|
username of the hash that you are cracking with the
|
|
.B --norteluser (-u)
|
|
option. When cracking Nortel format hashes, you can only crack one hash at
|
|
a time.
|
|
.PP
|
|
By default,
|
|
.B psk-crack
|
|
will perform dictionary cracking using the default
|
|
dictionary. The dictionary can be changed with the
|
|
.B --dictionary (-d)
|
|
option, or brute-force cracking can be selected with the
|
|
.B --bruteforce (-B)
|
|
option.
|
|
.SH DESCRIPTION
|
|
.B psk-crack
|
|
attempts to crack IKE Aggressive Mode pre-shared keys that have previously been
|
|
gathered using
|
|
.B ike-scan
|
|
with the
|
|
.B --pskcrack
|
|
option.
|
|
.PP
|
|
.B psk-crack
|
|
can operate in two different modes:
|
|
.IP 1)
|
|
Dictionary cracking mode: this is the default mode in which
|
|
.B psk-crack
|
|
tries each candidate word from the dictionary file in turn until it finds a
|
|
match, or all the words in the dictionary have been tried.
|
|
.IP 2)
|
|
Brute-force cracking mode: in this mode,
|
|
.B psk-crack
|
|
tries all possible combinations of a specified character set up to a given
|
|
length.
|
|
.SH OPTIONS
|
|
.TP
|
|
.B --help or -h
|
|
Display this usage message and exit.
|
|
.TP
|
|
.B --version or -V
|
|
Display program version and exit.
|
|
.TP
|
|
.B --verbose or -v
|
|
Display verbose progress messages.
|
|
.TP
|
|
.B --dictionary=<f> or -d <f>
|
|
Set dictionary file to <f>. The default is
|
|
/usr/local/share/ike-scan/psk-crack-dictionary.
|
|
.TP
|
|
.B --norteluser=<u> or -u <u>
|
|
Specify the username for Nortel Contivity cracking.
|
|
This option is required when cracking pre-shared keys
|
|
on Nortel Contivity / VPN Router systems. These
|
|
systems use a proprietary method to calculate the hash
|
|
that includes the username.
|
|
This option is only needed when cracking Nortel format
|
|
hashes, and should not be used for standard format
|
|
hashes.
|
|
.TP
|
|
.B --bruteforce=<n> or -B <n>
|
|
Select bruteforce cracking up to <n> characters.
|
|
.TP
|
|
.B --charset=<s> or -c <s>
|
|
Set bruteforce character set to <s>
|
|
Default is "0123456789abcdefghijklmnopqrstuvwxyz"
|
|
.SH AUTHOR
|
|
Roy Hills <Roy.Hills@nta-monitor.com>
|