psk-crack [options] is a file containing the parameters for the pre-
shared key cracking process in the format generated by ike-scan with
the --pskcrack (-P) option. This file can contain one or more entries.
For multiple entries, each one must be on a separate line.
The program can crack either MD5 or SHA1-based hashes. The type of
hash is automatically determined from the length of the hash (16 bytes
for MD5 or 20 bytes for SHA1). Each entry in the
is handled separately, so it is possible to crack a mixture of MD5 and
psk-crack can also crack the proprietary hash format used by Nortel
Contivity / VPN Router systems. When cracking Nortel format hashes,
you need to specify the username of the hash that you are cracking with
the --norteluser (-u) option. When cracking Nortel format hashes, you
can only crack one hash at a time.
By default, psk-crack will perform dictionary cracking using the de‐
fault dictionary. The dictionary can be changed with the --dictionary
(-d) option, or brute-force cracking can be selected with the --brute‐
force (-B) option.
psk-crack attempts to crack IKE Aggressive Mode pre-shared keys that
have previously been gathered using ike-scan with the --pskcrack op‐
psk-crack can operate in two different modes:
1) Dictionary cracking mode: this is the default mode in which psk-
crack tries each candidate word from the dictionary file in turn
until it finds a match, or all the words in the dictionary have
2) Brute-force cracking mode: in this mode, psk-crack tries all
possible combinations of a specified character set up to a given
--help or -h
Display this usage message and exit.
--version or -V
Display program version and exit.
--verbose or -v
Display verbose progress messages.
--dictionary= or -d
Set dictionary file to . The default is /usr/lo‐
--norteluser= or -u
Specify the username for Nortel Contivity cracking. This option
is required when cracking pre-shared keys on Nortel Contivity /
VPN Router systems. These systems use a proprietary method to
calculate the hash that includes the username. This option is
only needed when cracking Nortel format hashes, and should not
be used for standard format hashes.
--bruteforce= or -B
Select bruteforce cracking up to characters.
--charset= or -c
Set bruteforce character set to Default is "0123456789abcde‐