Crack IKE Aggressive Mode Pre-Shared Keys


psk-crack [options] is a file containing the parameters for the pre- shared key cracking process in the format generated by ike-scan with the --pskcrack (-P) option. This file can contain one or more entries. For multiple entries, each one must be on a separate line. The program can crack either MD5 or SHA1-based hashes. The type of hash is automatically determined from the length of the hash (16 bytes for MD5 or 20 bytes for SHA1). Each entry in the is handled separately, so it is possible to crack a mixture of MD5 and SHA1 hashes. psk-crack can also crack the proprietary hash format used by Nortel Contivity / VPN Router systems. When cracking Nortel format hashes, you need to specify the username of the hash that you are cracking with the --norteluser (-u) option. When cracking Nortel format hashes, you can only crack one hash at a time. By default, psk-crack will perform dictionary cracking using the de‐ fault dictionary. The dictionary can be changed with the --dictionary (-d) option, or brute-force cracking can be selected with the --brute‐ force (-B) option.


psk-crack attempts to crack IKE Aggressive Mode pre-shared keys that have previously been gathered using ike-scan with the --pskcrack op‐ tion. psk-crack can operate in two different modes: 1) Dictionary cracking mode: this is the default mode in which psk- crack tries each candidate word from the dictionary file in turn until it finds a match, or all the words in the dictionary have been tried. 2) Brute-force cracking mode: in this mode, psk-crack tries all possible combinations of a specified character set up to a given length.


--help or -h Display this usage message and exit. --version or -V Display program version and exit. --verbose or -v Display verbose progress messages. --dictionary= or -d Set dictionary file to . The default is /usr/lo‐ cal/share/ike-scan/psk-crack-dictionary. --norteluser= or -u Specify the username for Nortel Contivity cracking. This option is required when cracking pre-shared keys on Nortel Contivity / VPN Router systems. These systems use a proprietary method to calculate the hash that includes the username. This option is only needed when cracking Nortel format hashes, and should not be used for standard format hashes. --bruteforce= or -B Select bruteforce cracking up to characters. --charset= or -c Set bruteforce character set to Default is "0123456789abcde‐ fghijklmnopqrstuvwxyz"


Roy Hills February 14, 2005 PSK-CRACK(1)

Copied to clipboard
free 100$ digital ocean credit
Access all the data from your your phone. Works offline. No third party analytics.
Apple App Store Google Play Store
Simon Schubert -