224 lines
9.6 KiB
Plaintext
224 lines
9.6 KiB
Plaintext
|
|
|||
|
|
<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ŀ
|
|||
|
|
<EFBFBD> Cracker Jack, THE Unix Password Cracker <20>
|
|||
|
|
<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
|
|
|||
|
|
|
|||
|
|
June 1993 Doc's for Cracker Jack v 1.4
|
|||
|
|
|
|||
|
|
|
|||
|
|
DISCLAIMER
|
|||
|
|
==========
|
|||
|
|
The copyright of this software is owned by the author, Jackal.
|
|||
|
|
Please feel free to make copies and share them with your friends.
|
|||
|
|
I can under no circumstances be held responsible for any consequences
|
|||
|
|
of your use/misuse of this package, whatever that may be (system crash,
|
|||
|
|
you going to jail, world war, etc..). Nor can I guarantee any functionality,
|
|||
|
|
just take it or leave it.
|
|||
|
|
|
|||
|
|
|
|||
|
|
What is Cracker Jack?
|
|||
|
|
=====================
|
|||
|
|
Cracker Jack is a Unix password checker/cracker, running on PC's.
|
|||
|
|
As humble as I am, I don't think you'll find other Unix password
|
|||
|
|
crackers for PC's, who will beat it in speed (if you do, I'll appreciate
|
|||
|
|
if you let me know).
|
|||
|
|
It is currently available in 2 versions (for 8086/88 and 80386.
|
|||
|
|
I've dropped the 286 version, it wasn't significantly faster than
|
|||
|
|
the 8086 version).
|
|||
|
|
The 386 version is far faster than the other, please use that, if
|
|||
|
|
you have a 386 or 486 CPU. Besides, the 386 version has no 640 kb limit,
|
|||
|
|
so you can load a lot more accounts. The 386 version also runs under
|
|||
|
|
OS/2 v. 2.0.
|
|||
|
|
(Special versions for 486 and 586/Pentium might be available in the future.
|
|||
|
|
Likewise, I might port it to other CPU's on other O/S'es than DOS and
|
|||
|
|
OS/2, but don't count on it).
|
|||
|
|
|
|||
|
|
|
|||
|
|
What's new in Cracker Jack 1.4?
|
|||
|
|
===============================
|
|||
|
|
I finally got that Borland C++ v 3.1, but I'm rather disappointed,
|
|||
|
|
'coz in the meantime I've got hold on the GNU C compiler - IT'S GREAT!
|
|||
|
|
After porting Jack to this compiler, it runs about 8% faster, at least
|
|||
|
|
on my PC. I believe, however, that the speed increase is varying,
|
|||
|
|
depending on your CPU type, cache RAM etc. Anyway, it now runs in
|
|||
|
|
protected mode (and it REQUIRES a 386/486!), so there's no 640 kb limit.
|
|||
|
|
Thanks to the EMX port of GNU C, it also runs under OS/2 2.0.
|
|||
|
|
Furthermore, I've (once again) rearranged the account loading and
|
|||
|
|
sorting algorithm, so there's virtually no startup delay, even when
|
|||
|
|
loading several thousand accounts.
|
|||
|
|
|
|||
|
|
I have included a sort utility, JSORT. It doesn't have the 64 kb limit
|
|||
|
|
as DOS SORT has. Currently it doesn't support single crack wordlists,
|
|||
|
|
but I'm working on that.
|
|||
|
|
|
|||
|
|
JPP can now insert a dot BEFORE the password, with option -dot:0
|
|||
|
|
|
|||
|
|
That's basically it, no real news, but I thought this was worth
|
|||
|
|
releasing.
|
|||
|
|
|
|||
|
|
|
|||
|
|
What's new in Cracker Jack 1.3
|
|||
|
|
==============================
|
|||
|
|
- Rearranged and optimized the account loading/checking routines, thus
|
|||
|
|
gaining faster loading and space for more accounts per session.
|
|||
|
|
- Added the -noname switch, which prevents Jack from loading the login
|
|||
|
|
names into memory, and thus lets you load even more accounts per
|
|||
|
|
session. The more accounts, the more comparisons/second.
|
|||
|
|
- In single crack mode, it now checks ALL the accounts with
|
|||
|
|
same salts as the account being processed. This takes almost no extra
|
|||
|
|
time, so why not do it? It has given ME some accounts. :)
|
|||
|
|
- It now checks the keyboard for Ctrl-C, so you don't have to wait eras
|
|||
|
|
when you wanna abort the session.
|
|||
|
|
- Status is now only showed when you press a key (and on exit), so you get a
|
|||
|
|
bigger chance of seeing cracked passwords, before they scroll off the screen.
|
|||
|
|
- It is now possible to restore an aborted single crack session.
|
|||
|
|
|
|||
|
|
|
|||
|
|
Jackal's future plans:
|
|||
|
|
- Fix JSORT to support single crack wordlists
|
|||
|
|
- Implement password generator
|
|||
|
|
- Add 'free crack' option to load accounts with same salts from other
|
|||
|
|
pwfiles (and/or same pwfile when using the -u option)
|
|||
|
|
- Implement more options into JPP.
|
|||
|
|
- Possibly implement the features of JPP into Jack itself, to avoid the
|
|||
|
|
need of lot of harddisk space for the DOS pipe, especially when you
|
|||
|
|
use -gecos:8
|
|||
|
|
- Improve the docs
|
|||
|
|
|
|||
|
|
Files in the archive
|
|||
|
|
====================
|
|||
|
|
The following files are included in the archive:
|
|||
|
|
|
|||
|
|
JACK.EXE Cracker Jack
|
|||
|
|
JPP.EXE Jack PreProcessor, manipulates words
|
|||
|
|
JACKPOT.EXE Shows you the passwords cracked so far
|
|||
|
|
XTRACT.EXE Extracts words from any file
|
|||
|
|
JSORT.EXE Sorts standard wordfiles (NOT single crack wordlists!)
|
|||
|
|
JACK14.DOC Hmmm, what can this be? :)
|
|||
|
|
EMX.EXE *) EMX runtime/system interface for DOS
|
|||
|
|
EMX.DLL *) EMX runtime/system interface for OS/2
|
|||
|
|
|
|||
|
|
*) Note: Only included in the 386 version.
|
|||
|
|
Beware, that all executables are NOT the same in the 386
|
|||
|
|
version as in the 8086 version, although the names are the
|
|||
|
|
same.
|
|||
|
|
|
|||
|
|
|
|||
|
|
How to use Cracker Jack
|
|||
|
|
=======================
|
|||
|
|
I guess you'll figure it out yourself, but there are some things that
|
|||
|
|
might require a word of explanation.
|
|||
|
|
|
|||
|
|
Jack saves all cracked passwords in a file called JACK.POT, in the same
|
|||
|
|
directory as JACK.EXE. Be aware of this, if you run Jack from a floppy
|
|||
|
|
(who would do that?), don't write protect it.
|
|||
|
|
Jack uses this file to check, if any of the passwords were cracked
|
|||
|
|
previously, and won't try to crack them again. So, please don't delete
|
|||
|
|
this file (it's readonly for the same reason).
|
|||
|
|
|
|||
|
|
JACKPOT.EXE shows you these passwords.
|
|||
|
|
Since this is similar to the "validfile" output in previous versions of
|
|||
|
|
Jack, I have removed this option. Some of you might miss it, but it
|
|||
|
|
requires a lot of core, which I felt could be better used for cracking
|
|||
|
|
more accounts.
|
|||
|
|
JACKPOT.EXE HAS TO BE IN THE SAME DIRECTORY AS JACK.EXE!
|
|||
|
|
|
|||
|
|
With Jack it is possible to crack more than 1 passwd file, without you
|
|||
|
|
have to combine them into one single. You can even use wildcards.
|
|||
|
|
|
|||
|
|
Every 10 minutes (and upon completion), Jack saves point information to
|
|||
|
|
a file (RESTORE, unless you specified another name with the -r option).
|
|||
|
|
In case the system crashes, you don't have to start all over.
|
|||
|
|
But if you interrupt a session and start a new one, the old information
|
|||
|
|
is overwritten. Therefore, always rename the file, if you want to use
|
|||
|
|
it.
|
|||
|
|
|
|||
|
|
The -user option lets you specify the login names or user id's of the
|
|||
|
|
accounts you want to crack. F.ex. -user:0 would load all accounts with
|
|||
|
|
root priv's, whereas -user:root would just load the root account itself.
|
|||
|
|
|
|||
|
|
The single crack option (-single) in JACK is used in conjunction with
|
|||
|
|
the login (-login) and gecos (-gecos:#) options of JPP. F.ex. would
|
|||
|
|
JPP -gecos:1 -lower pwfile | JACK -stdin -single pwfile
|
|||
|
|
lowercase each word in the gecos fields and try it on the accounts
|
|||
|
|
to whom it belongs AND to other accounts with the same salt.
|
|||
|
|
|
|||
|
|
There is one thing, you have to be aware of, when using single crack
|
|||
|
|
mode; It is not adviced to direct the output from JPP to a file, and
|
|||
|
|
then use this file as input for Jack. Because Jack does not load the
|
|||
|
|
accounts it has cracked previously, the inputfile has to provide
|
|||
|
|
login/gecos words from the UNCRACKED accounts ONLY! Otherwise JACK gets
|
|||
|
|
out of syncronization, and tries the supplied words on the wrong
|
|||
|
|
accounts. In other words, if you have cracked some accounts AFTER the
|
|||
|
|
creation of the inputfile, you have to recreate it with JPP. This is
|
|||
|
|
also the case if you restore a single crack session.
|
|||
|
|
If you always PIPE the output from JPP into Jack, there's no problems.
|
|||
|
|
JPP.EXE HAS TO BE IN THE SAME DIRECTORY AS JACK.EXE!
|
|||
|
|
|
|||
|
|
To illustrate the gecos option of JPP, suppose we have a passwd file
|
|||
|
|
with the following account:
|
|||
|
|
|
|||
|
|
billy:EncrPassword:123:10:Billy The Kid:/usr/billy:/bin/csh
|
|||
|
|
|
|||
|
|
There are 4 levels of gecos manipulation.
|
|||
|
|
|
|||
|
|
1: Each word
|
|||
|
|
e.g. "Billy", "The", "Kid"
|
|||
|
|
2: Combination of any 2 words
|
|||
|
|
e.g. "BillyThe", "BillyKid", "TheBilly", "TheKid" ,...
|
|||
|
|
4: Combination of 1 word and up to 2 initials
|
|||
|
|
e.g. "BillyTK", "BillyKT", "TKBilly", "TBillyK", "BKid" ,...
|
|||
|
|
8: Combination of substrings of up to 3 words
|
|||
|
|
e.g. "BiThKid", "BillKi", "BilTheKi", "TheBillyK", "BTK" ,...
|
|||
|
|
|
|||
|
|
Level 1, 2 and 4 can be added together. F.ex. if you want to get level 1
|
|||
|
|
and level 4 in one run, specify -gecos:5.
|
|||
|
|
Level 8 is an outsider; it always includes the other levels as well,
|
|||
|
|
except that the output from level 8 is never more than 8 chars, to cut
|
|||
|
|
down disk usage. Speaking of disk usage, remember to set the DOS TEMP
|
|||
|
|
variable to a disk big enough to store the temporary file, created by
|
|||
|
|
the DOS pipe (|). Preferrably the disk should be cached as well.
|
|||
|
|
|
|||
|
|
The XTRACT program was created for a specific need I had (to retrieve
|
|||
|
|
fancy words from a game).
|
|||
|
|
Usage: XTRACT MYFILE.XXX | SORT | JPP -include > WORDS.XXX
|
|||
|
|
The reason to pipe it through JPP, is that JPP unique's it's output.
|
|||
|
|
Another purpose for it, could be if you just had a couple of words
|
|||
|
|
to pass to Cracker Jack, but didn't want to create a wordfile:
|
|||
|
|
ECHO secret abc123 haleluja password | XTRACT | JACK -stdin pwfile
|
|||
|
|
|
|||
|
|
|
|||
|
|
Known bugs/restrictions
|
|||
|
|
=======================
|
|||
|
|
You cannot specify more than one wordfile to JACK (although you
|
|||
|
|
can to JPP)
|
|||
|
|
|
|||
|
|
You cannot use spaces in the parameters to JPP, but since only
|
|||
|
|
the 7 lower bits of each char in the password is used, you can
|
|||
|
|
use char # 160 (<28> = AltGr+1+6+0) instead. e.g:
|
|||
|
|
JPP -gecos:4 -dot:1 pwfile | JPP -translate:.<2E> | JACK -stdin -single pwfile
|
|||
|
|
|
|||
|
|
JSORT doesn't support single crack wordlists yet. In these wordlists,
|
|||
|
|
generated by JPP's -login or -gecos options, there are some strings,
|
|||
|
|
"***!***", which tells Jack to switch to the next salt. JSORT doesn't
|
|||
|
|
recognise this string as anything special, and just treats it as a normal
|
|||
|
|
input line.
|
|||
|
|
|
|||
|
|
................
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
Have phun, Jackal.
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
Contacting the author / How to get help / Dist. site
|
|||
|
|
====================================================
|
|||
|
|
The official distribution site for CrackerJack is Freeside, +45-3-122-3119.
|
|||
|
|
Here you may contact the author, as well as obtain the latest version.
|
|||
|
|
|
|||
|
|
Zephyr, Freeside Sysop.
|
|||
|
|
|
|||
|
|
|