Ubuntu Manpage: psk-crack - Crack IKE Aggressive Mode Pre-Shared Keys

Provided by: ike-scan_1.9.5-1ubuntu1_amd64

NAME

       psk-crack - Crack IKE Aggressive Mode Pre-Shared Keys

SYNOPSIS

       psk-crack [options] <psk-parameters-file>

       <psk-parameters-file>  is a file containing the parameters for the pre-shared key cracking process in the
       format generated by ike-scan with the --pskcrack (-P) option.  This file can contain one or more entries.
       For multiple entries, each one must be on a separate line.

       The program can crack either MD5 or SHA1-based hashes.  The type of hash is automatically determined from
       the length of the hash (16 bytes for MD5 or 20 bytes for SHA1).  Each entry in the  <psk-parameters-file>
       is handled separately, so it is possible to crack a mixture of MD5 and SHA1 hashes.

       psk-crack can also crack the proprietary hash format used by Nortel Contivity / VPN Router systems.  When
       cracking  Nortel  format  hashes, you need to specify the username of the hash that you are cracking with
       the --norteluser (-u) option.  When cracking Nortel format hashes, you can only crack one hash at a time.

       By default, psk-crack will perform dictionary cracking using the default dictionary.  The dictionary  can
       be  changed  with  the  --dictionary  (-d)  option,  or  brute-force  cracking  can  be selected with the
       --bruteforce (-B) option.

DESCRIPTION

       psk-crack attempts to crack IKE Aggressive Mode pre-shared keys that have previously been gathered  using
       ike-scan with the --pskcrack option.

       psk-crack can operate in two different modes:

       1)     Dictionary  cracking  mode:  this is the default mode in which psk-crack tries each candidate word
              from the dictionary file in turn until it finds a match, or all the words in the  dictionary  have
              been tried.

       2)     Brute-force  cracking mode: in this mode, psk-crack tries all possible combinations of a specified
              character set up to a given length.

OPTIONS

       --help or -h
              Display this usage message and exit.

       --version or -V
              Display program version and exit.

       --verbose or -v
              Display verbose progress messages.

       --dictionary=<f> or -d <f>
              Set dictionary file to <f>.  The default is /usr/local/share/ike-scan/psk-crack-dictionary.

       --norteluser=<u> or -u <u>
              Specify the username for Nortel Contivity cracking.  This option is required  when  cracking  pre-
              shared  keys  on Nortel Contivity / VPN Router systems.  These systems use a proprietary method to
              calculate the hash that includes the username.  This option is only needed  when  cracking  Nortel
              format hashes, and should not be used for standard format hashes.

       --bruteforce=<n> or -B <n>
              Select bruteforce cracking up to <n> characters.

       --charset=<s> or -c <s>
              Set bruteforce character set to <s> Default is "0123456789abcdefghijklmnopqrstuvwxyz"

AUTHOR

       Roy Hills <Roy.Hills@nta-monitor.com>

                                                February 14, 2005                                   PSK-CRACK(1)