Ubuntu Manpage: psk-crack - Crack IKE Aggressive Mode Pre-Shared Keys

Provided by: ike-scan_1.9.4-1ubuntu2_amd64

NAME

       psk-crack - Crack IKE Aggressive Mode Pre-Shared Keys

SYNOPSIS

       psk-crack [options] <psk-parameters-file>

       <psk-parameters-file>  is a file containing the parameters for the pre-shared key cracking process in the
       format generated by ike-scan with the --pskcrack (-P) option.  This file can contain one or more entries.
       For multiple entries, each one must be on a separate line.

       The program can crack either MD5 or SHA1-based hashes.  The type of hash is automatically determined from
       the length of the hash (16 bytes for MD5 or 20 bytes for SHA1).  Each entry in the  <psk-parameters-file>
       is handled separately, so it is possible to crack a mixture of MD5 and SHA1 hashes.

       psk-crack can also crack the proprietary hash format used by Nortel Contivity / VPN Router systems.  When
       cracking Nortel format hashes, you need to specify the username of the hash that you  are  cracking  with
       the --norteluser (-u) option.  When cracking Nortel format hashes, you can only crack one hash at a time.

       By  default, psk-crack will perform dictionary cracking using the default dictionary.  The dictionary can
       be changed with the  --dictionary  (-d)  option,  or  brute-force  cracking  can  be  selected  with  the
       --bruteforce (-B) option.

DESCRIPTION

       psk-crack  attempts to crack IKE Aggressive Mode pre-shared keys that have previously been gathered using
       ike-scan with the --pskcrack option.

       psk-crack can operate in two different modes:

       1)     Dictionary cracking mode: this is the default mode in which psk-crack tries  each  candidate  word
              from  the  dictionary file in turn until it finds a match, or all the words in the dictionary have
              been tried.

       2)     Brute-force cracking mode: in this mode, psk-crack tries all possible combinations of a  specified
              character set up to a given length.

OPTIONS

       --help or -h
              Display this usage message and exit.

       --version or -V
              Display program version and exit.

       --verbose or -v
              Display verbose progress messages.

       --dictionary=<f> or -d <f>
              Set dictionary file to <f>.  The default is /usr/local/share/ike-scan/psk-crack-dictionary.

       --norteluser=<u> or -u <u>
              Specify  the  username  for Nortel Contivity cracking.  This option is required when cracking pre-
              shared keys on Nortel Contivity / VPN Router systems.  These systems use a proprietary  method  to
              calculate  the  hash  that includes the username.  This option is only needed when cracking Nortel
              format hashes, and should not be used for standard format hashes.

       --bruteforce=<n> or -B <n>
              Select bruteforce cracking up to <n> characters.

       --charset=<s> or -c <s>
              Set bruteforce character set to <s> Default is "0123456789abcdefghijklmnopqrstuvwxyz"

AUTHOR

       Roy Hills <Roy.Hills@nta-monitor.com>

                                                February 14, 2005                                   PSK-CRACK(1)