A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Manual Page - psk-crack(1)


Manual Reference Pages  - PSK-CRACK (1)

NAME

psk-crack - Crack IKE Aggressive Mode Pre-Shared Keys

CONTENTS

Synopsis
Description
Options
Author

SYNOPSIS

psk-crack [options] <psk-parameters-file>

<psk-parameters-file> is a file containing the parameters for the pre-shared key cracking process in the format
Generated by ike-scan with the --pskcrack (-P) option. This file can contain one or more entries. For multiple entries, each one must be on a separate line.

The program can crack either MD5 or SHA1-based hashes. The type of hash is automatically determined from the length of the hash (16 bytes for MD5 or 20 bytes for SHA1). Each entry in the <psk-parameters-file> is handled separately, so it is possible to crack a mixture of MD5 and SHA1 hashes.

psk-crack can also crack the proprietary hash format used by Nortel Contivity / VPN Router systems. When cracking Nortel format hashes, you need to specify the username of the hash that you are cracking with the --norteluser (-u) option. When cracking Nortel format hashes, you can only crack one hash at a time.

By default, psk-crack will perform dictionary cracking using the default dictionary. The dictionary can be changed with the --dictionary (-d) option, or brute-force cracking can be selected with the --bruteforce (-B) option.

DESCRIPTION

psk-crack attempts to crack IKE Aggressive Mode pre-shared keys that have previously been gathered using ike-scan with the --pskcrack option.

psk-crack can operate in two different modes:

1) Dictionary cracking mode: this is the default mode in which psk-crack tries each candidate word from the dictionary file in turn until it finds a match, or all the words in the dictionary have been tried.
2) Brute-force cracking mode: in this mode, psk-crack tries all possible combinations of a specified character set up to a given length.

OPTIONS

--help or -h
  Display this usage message and exit.
--version or -V
  Display program version and exit.
--verbose or -v
  Display verbose progress messages.
--dictionary=<f> or -d <f>
  Set dictionary file to <f>. The default is /usr/local/share/ike-scan/psk-crack-dictionary.
--norteluser=<u> or -u <u>
  Specify the username for Nortel Contivity cracking. This option is required when cracking pre-shared keys on Nortel Contivity / VPN Router systems. These systems use a proprietary method to calculate the hash that includes the username. This option is only needed when cracking Nortel format hashes, and should not be used for standard format hashes.
--bruteforce=<n> or -B <n>
  Select bruteforce cracking up to <n> characters.
--charset=<s> or -c <s>
  Set bruteforce character set to <s> Default is "0123456789abcdefghijklmnopqrstuvwxyz"

AUTHOR

Roy Hills <Roy.Hills@nta-monitor.com>
Top of page | 


PSK-CRACK (1) February 14, 2005

Generated by manServer 1.07 from /usr/local/man/man1/psk-crack.1 using man macros.

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast