sucrack
is a multithreaded Linux/UNIX tool for brute-force cracking of local user accounts via su.
SYNOPSIS
sucrack [options] wordlist
DESCRIPTION
sucrack is a multithreaded Linux/UNIX tool brute-force cracking tool that drives su(1) with referencing a specific user and uses words from a wordlist as passwords. Running sucrack does not require high privi‐ leges on the target system.
OPTIONS
sucrack allows reading passwords from stdin. In that case, use '-' in‐
stead of a filename as wordlist parameter.
Common options:
-h print help message
-a use ansi escape codes for nice looking statistics (requires
--enable-statistics configuration flag)
-s
ENVIRONMENT VARIABLES
SUCRACK_SU_PATH The path to su (usually /bin/su or /usr/bin/su) SUCRACK_AUTH_FAILURE The message su returns on an authentication failure (like "su: Authentication failure" or "su: Sorry") SUCRACK_AUTH_SUCCESS The message that indicates an authentication success. This mes‐ sage must not be a password listed in the wordlist (default is "SUCRACK_SUCCESS")
SEE ALSO
su(1) Version 1.2.3 SUCRACK(1)
AUTHOR
Nico Leidecker