Crack Version v5.0 User Manual
Alec Muffett (alecm@crypto.dircon.co.uk)

The above address is correct as of December 1996 - if you are reading this text significantly after that date, double-check the address before sending e-mail.

Discussion of issues relating to running this version of Crack should be directed to the newsgroup "comp.security.unix" - mention "Crack5" in the subject line.


What is Crack?

If you are unfamiliar with the concept, Crack is a password guessing program that is designed to quickly locate insecurities in Unix (or other) password files by scanning the contents of a password file, looking for users who have misguidedly chosen a weak login password. See the appendix from the previous version for more details.


New features.


Requirements.


Configuring Crack.


Running Crack.

The general form to invoke Crack is:

    Crack [options] [-fmt format] [file ...]

Once Crack has been configured, you should be able to do:

    Crack -makeonly

...and then:

    Crack -makedict

Which should create and compress the dictionaries for you; if something goes wrong during this process, see the troubleshooting notes, below.

At this point, if you are a Crack v4.1 user, take a copy of your Crack v4.1 "F.merged" file and place it in your "run" directory; this will preserve the information that you have previously gleaned about passwords on your network. Now, you are ready to try:

    Crack [filename]
eg: Crack -nice 10 /etc/passwd

...where "filename" is a file that stores password entries, eg: "/etc/passwd". If you run a shadowed password system or have NIS/YP, see below.


Full list of Options.

-debug
lets you see what the Crack script is doing.

-recover
used when restarting an abnormally-terminated run; suppresses rebuild of the gecos-derived dictionaries.

-fgnd
runs the password cracker in the foreground, with stdin, stdout and stderr attached to the usual places.

-fmt format
specifies the input file format. See below.

-from N
Starts password cracking from rule number "N"; see below

-keep
Prevents deletion of the temporary file used to store the password cracker's input.

-mail
E-Mail a warning message to anyone whose password is cracked. See "scripts/nastygram".

-network
Runs the password cracker in "network" mode. See below.

-nice N
Runs the password cracker at a reduced priority, so that other jobs can take priority over the CPU.

-makeonly
-makedict
Used for building Crack binaries and dictionaries. See above.

-kill filename
-remote
Internal options used to support networking.


Shadow Password Systems, NIS/YP and the like.

If you are running NIS, the simplest way to gather some data for password cracking is to do:

If your system uses "shadow" password files (SV, Solaris2, AIX, some BSD-en), then your best bet is to merge the information from the main and shadow password files back into one; two example scripts are provided to do this:

...and it is expected that a user who can read a shadow password file has enough expertise to modify these examples (if necessary) to suit their local password system.


Formats and other Password Systems.
(FreeBSD, NetBSD, Ultrix, OSF)

Crack v5.0 is a relatively smart program, which is pre-programmed to expect a variety of crypt() algorithms to be available for cracking in any particular environment.

Specifically, it supports "libdes" as shipped, Michael Glad's "UFC" in either of its incarnations (as "ufc" and as GNU's stdlib crypt), and it supports whatever crypt() algorithm is in your standard C library.

For people who wonder about how Crack picks up which algorithm to use: the "Makefile" in the "src/util" directory calls the "mkcracker" script, which then goes hunting for directories:

...and, lacking any of these, it assumes that it should use the crypt() function from the standard C library.

The "mkcracker" script then calls "make" in that directory (if one exists) and if "make" is happy (and exits without errors), "mkcracker" then recurses a call to a target embedded in src/util/Makefile.

For traditional crypt() users, I ship with "libdes". If this is not what you need, remove it, and add something else. This needs more testing by me, don't be shocked if it is fragile. Libdes is usually the fastest.

FreeBSD and NetBSD users: if you're using the new passwd file format but you are using the traditional crypt() algorithm, after configuring "Crack" and "libdes", you should be able to get away with doing:

     Crack [options] -fmt bsd /etc/master.passwd ...

However, if you're using a MD5-based version of crypt(), you must first do:

    mv src/libdes src/libdes,orig
    cd src/util
    cp elcid.c,bsd elcid.c

...before building the Crack binaries and dictionaries.

For crypt16() sufferers (such as some Ultrix, OSF and Digital Unix machines) - you should do:

    mv src/libdes src/libdes,orig

...and then go pick up a copy of GNU libc-crypt from a GNU ftp site (eg: prep.ai.mit.edu) - observing all cryptography export and import restrictions as appropriate - and unpack it in "src" creating a "crypt" subdirectory.

Then you should:


Weird Password Systems.
(Novell, Kerberos Tickets, LAN-Manager, VMS)

Crack v5.0 does not (as distributed) support cracking these sorts of systems, although I am aware that versions of Crack v4.1f were modified to support one or more of the above.

Crack v5.0 takes a different approach; the word guesser sits between two software interfaces:

...and when Crack is invoked, it first translates whatever password file is presented to it into SPF; this is achieved by a program called "xxx2spf" (the value of "xxx" is set through the "-fmt" option to Crack, default "trad").

The SPF input is then filtered to remove data which has been cracked previously, is sorted, and then passed to the cracker, which starts generating guesses and tries them through the ELCID interface, which contains a certain amount of flexibility to support salt collisions (which are detected by the SPF translator) and parallel or vector computation.

The interfaces are not well documented at the moment, but it should not prove hard to write "kerb2spf" or "uaf2spf" translators or similar, perhaps in "Perl", and then wire the appropriate hash algorithm into a ELCID stub by examining the extant code.

People who seriously intend to try this are welcome to contact the author for more details.


Recovering from crashes and cleaning up.

If a Crack session is killed accidentally, it can be restarted with moderate efficiency by doing:

    mv run/Dhostname.N run/tempfilename
    Crack -recover -fmt spf run/tempfilename

However if all you wish to do is start cracking passwords from some specific rule number, or to restart a run whilst skipping over a few rulesets, try:

    Crack [-recover] -from N filename ...

...where N is the number of the rule to start working from.


Terminating a Crack run.

If you want to bring down a Crack run cleanly, the correct command is:

    scripts/plaster

...and then if you want to clean up, remove scratch files and merge the feedback prior to starting a new Crack run, do:

    make tidy

...or variations thereof, as listed in the "Makefile".

Users who merely want to put Crack to sleep temporarily are encouraged not to kill the process, but instead examine the "pauser" script, which will temporarily put Crack to sleep if a file named "GOTO-SLEEP" is created in the $CRACK_HOME directory.


Viewing Crack output.

Crack no longer generates human-readable output directly; instead, to see the results of a Crack run, the user should do:

    ./Reporter [-quiet] [-html]

...every so often, to see what passwords have been cracked, as well as view errors that have been detected in the source password files, etc.

Guesses are listed chronologically, so users who wish to see incremental changes in the output as Crack continues to run over a course of days or weeks, are encouraged to wrap invocations of "Reporter" in a script with "diff".

The "-quiet" option suppresses the reporting of errors in the password file (corrupt entries, etc), whilst "-html" produces output in a fairly basic HTML-readable format.


Viewing Crack rulesets.

Crack rules are numbered 1 to N (where N is large) on the basis of the mangling rule and which dictionary it applies to. Users can view a list of numbered rules (suitable for use with Crack's "-from" option) by doing:

    run/bin/ARCHITECTURE/kickdict -list


Configuring for out-of-hours running.

Users are encouraged to examine/tweak the contents of "scripts/pauser", which can be modified to put Crack to sleep at arbitrary times of day or upon arbitrary conditions, like the number of users on a machine.


Getting Crack to mail users who have weak passwords.

I am still not convinced of the wisdom of mailing the fact that a user has a weak password to the user herself; after all, if it's a moribund account, this will achieve nothing, and the security hole will remain. I much prefer locking such accounts in the first place.

Not to mention what happens if your mail logs are world-readable, allowing your users to work out who got sent an e-mail by the password cracker, and when...

However, as some people still desire the functionality, Crack supports a "-mail" option which will invoke the "nastygram" script when a user's password is broken; the user's name will be supplied as argument to the script.

For those cracking passwords in a large, multi-network environment, with password files from several hosts, I include two extra SPF converters, "tradmail2spf" and "bsdmail2spf".

Choose whichever script is appropriate for your crypt algorithm, and store your passwd files in a directory:

    pw/hostname1 pw/hostname2 ...

Then, by invoking Crack as (for example):

    Crack -mail -fmt tradmail pw/*

...users listed in the file "pw/hostname1" will have mails sent to "username@hostname1"; users in "pw/hostname2" will be sent mail at "username@hostname2", and so forth.


Configuration Files.

Apart from the contents of the "Crack" script itself, there are a number of auxiliary configuration files in Crack which the user should be aware of:


Troubleshooting common OS-related Problems:


Multiprocessing and Networking.

Since early versions of Crack, it has been possible to distribute the load of password cracking around hosts on a network (or among several processors on a single machine) in a manner proportional to the power of the machines at your disposal.

In Crack 5.0, this functionality requires the existence of a "perl" binary on your master machine, but apart from that little has changed in essence; the user should:

  1. edit "conf/network.conf" (see above)
  2. run: Crack -network [other flags] filename ...

...whereupon the input will be divided into parts and distributed to the machines via "rsh", and the crackers will be invoked.

If the machines are not connected via NFS (or other shared filestore) there will be a certain loss of flexibility in gathering report output, but it is still possible to do effective cracking in such a setup, so long as the flags are set in the "network.conf" file to copy the gecos-derived dictionaries to the remote host before starting the cracker; there will merely be a little more manual work required.


Dictionary Generation (Mangling) Rules

Character Classes

These are shorthands for convenient batches of characters, which might be used in rules above.

Numbering

In all circumstances where a numeric argument to a rule can be applied, numbers 0..36 can be specified by using the characters "0" thru "9" and "A" thru "Z".

Users may also specify lengths relative to the maximum plaintext password length as specified by their ELCID library; in this case, where "x" is the maximum plaintext length, the length x is represented by an asterisk "*", the length (x - 1) by a hyphen "-", and (x - 1) by a plus, "+".

All characters in a word are numbered starting from zero, so to overstrike the first character of a word with X, you would use:

    o0X

...as a rule.


What is a weak password?

See doc/faq.txt, doc/appendix,v4.1.txt, and doc/fips181.txt.


How do I make Crack run multi-threaded?

See doc/threading.txt and doc/usenet-article.txt.


How do I run Crack under a GUI?

See doc/gui.txt.


How do I run Crack under DOS/Win95?

Reformat your hard-drive and install Linux, then try again. CAUTION: this process may lose data.


How do I run Crack under WinNT?

I have no idea, though I suspect there must be some password paradigm in use under NT to make it worthwhile; if you have enough unixy stuff on your NT machine, you might be able to hack something up, else look into installing Perl for NT and use Crack6.