Any attempt to compromise your network will almost certainly include an attack on user passwords. Crack is the most common password-guessing utility available for Linux. Hackers will perform Crack runs to obtain passwords and that is why you should be running Crack regularly. The difference is your goal—you want to be able to use Crack to find out how easy it will be for an intruder to guess user passwords on your network. Running Crack regularly allows the administrator to establish a password policy that will make the hacker's job much more difficult.
This Daily Drill Down will provide you with a six-step process for installing and configuring Crack on a Linux system. The six steps are:
- Getting Crack.
- Selecting the correct C compiler.
- Selecting the correct password hashing method.
- Building the Crack dictionaries.
- Merging any shadowed passwords.
- Running Crack.
How Crack guesses passwords
Crack attempts to guess passwords through the following process:
- When Crack is run, the administrator provides the name of a password file to be checked.
- Crack reads the dictionaries specified in the conf/dictgrps.conf file as a source for passwords to check system passwords against.
- Crack builds two separate dictionaries from the password file used as input: the gecos dictionary, which contains the passwords taken directly from the input file, and the gcperm dictionary, which contains variations of the words taken from the input file.
- Once the dictionaries are identified, Crack reads the conf/dictrun.conf file. This file contains rules for Crack to follow when it is executed.
- Crack then reads words taken from the dictionaries. Each word is hashed according to the rules in dictrun.conf. The hashed value for each word is compared to the hashed passwords read from the input file.
- Each match between a Crack dictionary word and a hashed password from the input file represents a cracked password.
- The administrator may then use the Reporter script to determine Crack’s success in guessing passwords on his or her system.
Step 1. Getting Crack
Crack is readily available on the Internet. For this Daily Drill Down, Crack was downloaded from Purdue University. From this site, the following files were downloaded:
If a hacker is able to modify the source code for security applications and then present the modified package as if it were the original, any system the modified code is installed on becomes wide open to attack. To ensure the integrity of any packages you are planning to install, download PGP Command Line Freeware v6.5.8 for Linux/UNIX from MIT.
Once pgp is installed on your system, your first task is to add Alec Muffett's public key to your pgp keyring. To add the key to your keyring, use the command:
Now, Alec Muffett's public key may be used to verify the integrity of the Crack package you have downloaded. To verify the integrity of the package you have downloaded, run the command:
If pgp verifies the integrity of the package, copy crack5.0.tar.gz to the /usr/src subdirectory, then untar and uncompress Crack with the command:
tar -zxvf crack5.0.tar.gz
The Crack package will expand into the c50a directory. This directory and its subdirectories contain the source code required to build crack 5.0, and the scripts necessary to run Crack.
Step 2. Selecting the correct C compiler
The correct C compiler is selected by editing the /usr/src/c50a/Crack file. Look for the section heading "Vanilla Unix cc." Change this section from:
# vanilla Unix cc
CFLAGS="-g -O $C5FLAGS"
#LIBS=-lcrypt # uncomment only if necessary to use stdlib crypt(), eg: NetBSD MD5
# gcc 2.7.2
#CFLAGS="-g -O2 -Wall $C5FLAGS"
#LIBS=-lcrypt # uncomment only if necessary
# vanilla Unix cc
#CFLAGS="-g -O $C5FLAGS"
#LIBS=-lcrypt # uncomment only if necessary to use stdlib crypt(), eg: NetBSD MD5
# gcc 2.7.2
CFLAGS="-g -O2 -Wall $C5FLAGS"
LIBS=-lcrypt # uncomment only if necessary
Step 3. Selecting the correct password hashing method
Linux password hashing
Once step two is completed, you need to prepare Crack for the password hashing method used on your system. Hashing provides password security by taking data, such as passwords for input, and generating a mathematical value for the input by applying a mathematical rule, or algorithm. Hashing algorithms are often referred to as "one-way." This means that a hash value may be created from any input, but the input cannot be recreated from the hash. Once a file has been hashed, a small change in the file will produce a completely different hash. The most important feature of hashing algorithms is that it is extremely hard to find two sets of data with the same hash value. The two hashing algorithms most often used for Linux password hashing are Crypt(3), MD5, and bigcrypt.
Building Crack for crypt(3)
The standard hashing algorithm for Linux is crypt(3). Crypt(3) has the following characteristics:
- This method uses the DES algorithm, which accepts a maximum of eight characters (64 bits) as input and generates a 104-bit hash value.
- This 104-bit value consists of 13 characters; the first two characters are not part of the hash.
- Each user's hashed password is unique, and is stored in either /etc/password or /etc/shadow.
- Whenever a user enters his or her password, the password is hashed by crypt(3), and the resulting hash is compared to the value stored in /etc/passwd or /etc/shadow.
- If the values match, the user gains access. If the values don't match, the user is denied access.
No modifications to the Crack script are required if your system is running crypt(3) hashing, but one change to consider making is to use libdes, a hashing engine included with crack5.0. The libdes engine is required if you plan to use crack7, which is a brute-force password-guessing program. To use the libdes engine, execute the following commands:
Building Crack for MD5
MD5, or the MD5 message digest algorithm, from RSA Security’s site, is one of the most common hashing algorithms in use today. Quite often, MD5 password hashing is selected during the Linux installation process. Passwords hashed using MD5 are not easily decrypted. MD5 takes input data and generates a 128-bit fingerprint, or message digest, from this input. It is practically impossible to get the same message digest from two different files.
To build Crack for use with an MD5 hashing scheme, execute the following commands:
mv libdes libdes.orig
cp elcid.c elcid.c.orig
cp elcid.c,bsd elcid.c
Building Crack for bigcrypt
On Red Hat Linux, version 5.2 or newer, the libc-crypt library is pre-installed. This allows the use of bigcrypt. If the libc-crypt library is required, it may be downloaded from Red Hat’s official site or gnu.org.
Once libc-crypt has been installed, the file /usr/src/c50a/src/util/elcid.c must be edited. Change the following two lines in this file:
#define PLAINTEXTSIZE 8
#define PLAINTEXTSIZE 16
Once you have made the appropriate changes for the encryption method used on your system, you're ready to compile Crack. To compile Crack, use the command:
If ./Crack -makeonly terminates because of an error, the standard procedure is to correct the error and then compile the code again. When ./Crack -makeonly is executed, the first action taken is to remove all object files created by the previous compilation. The /usr/src/c50a/run subdirectory is not removed, however, and this results in the Crack script looking for object files that don't exist. When this condition occurs, run either of the following commands to ensure the next execution will not look for these object files:
make clobbermake spotless
Once the ./Crack -makeonly script executes with no errors, the next step is to compile the crack dictionaries.
Step 4. Build the Crack dictionaries
A Crack dictionary is simply a file consisting of one string of alphanumeric or nonalphanumeric characters per line. The default dictionaries that come with Crack are located in /usr/src/c50a/dict. There are three subdirectories, and each one contains collections of words based upon a different subject. When Crack is executed, dictionaries are generated based on the list of dictionary groups contained in the /usr/src/c50a/conf/dictgrps.conf file. The default dictgrps.conf file packaged with Crack is shown in Example 1. For this example, several commented lines at the beginning of the file are not shown. The lines shown are the ones that concern the administrator.
Example 1. The default dictgrps.conf file# List what source files will be used to create <which> dictionaries:
# <dictionary tag>:<fileglob> <fileglob> ...
# Dict '1' is created from /usr/dict/words (etc) and $CRACK_HOME/dict/1/*
# Dict '2' is created from $CRACK_HOME/dict/2/*
# Dict '3' is created from $CRACK_HOME/dict/3/*
Each dictionary group is a collection of word lists contained in the /c50a/dict/1,2 or 3 subdirectory. The order of the dictionaries is important, because this is how Crack determines which dictionaries will be used to guess passwords first. The last three lines of this file are the ones that matter to administrators. The number to the left of the colon is called the dictionary tag. This tag sets the priority for the dictionary group to the right of the colon. The lower the number, the sooner Crack will use this dictionary group to guess passwords. To make the most out of your Crack runs, arrange the dictionary groups in this file so that Crack attempts to guess the most common passwords first.
Some administrators will want to install additional dictionaries. Two good sources for dictionaries are Purdue University and Oxford.
Any naming convention may be used for dictionaries. Dictionaries in any subdirectories under /usr/src/c50a/dict, however, must use the .DWG extension. The new dictionaries may be placed in existing dictionary groups, or new groups may be created by adding new tags to the conf/dictgrps.conf file. Once additional dictionaries have been added, the Crack dictionaries are built with the command:
Step 5. Merging shadow passwords
If you don't use shadow passwords then you can start running Crack without any more modifications. If you are using shadowed passwords (and you should), then you will have to merge the hashed passwords into a single file. This is accomplished with the command:
copy /etc/shadow /root/pw-merged
shadmrg.sv > /root/pw-merged
In the example above, the hashed passwords in /etc/shadow have been merged into a single file and written to a new file named /root/pw-merged. The root directory was chosen for this file because it has no "other" permissions. Only the root user and users in the root group may read or cd into this directory.
Once this step is completed, you’re ready to start running Crack.
Step 6. Running crack
To execute, simply execute the Crack script with the following command:
When Crack is run, the cracker program is executed. The cracker program takes a long time to complete its run. This is because of the large number of computations Crack has to perform to guess passwords. Although there are several password-guessing programs available, a typical attempt at guessing passwords would involve the following steps:
- The program will try easy passwords to guess, such as "password" or the user name.
- The program will then run through all words in its dictionaries, which usually include common passwords.
- The program will use foreign language dictionaries and any special dictionaries. For example, an administrator in a hospital may create a dictionary of medical terms that could be used as passwords by medical staff.
- The program will then try all combinations of letters up to a specified limit, e.g., six letters.
- Lastly, the program will try all combinations of upper and lowercase letters, numbers, and punctuation marks, up to a specified limit, e.g., four characters.
These procedures ensure that all combinations of letters, numbers, and characters will be used to guess passwords. The problem is that these procedures create a huge amount of work for your processor. Let's assume you have established a password rule where users may use letters only in their passwords, and must use eight letters. Each value in the hashed password represents one letter. Therefore, each value represents one out of a possible 26 letters. When eight letters are used in the password, the password can be one of 268 combinations, or 208,000,000,000 possible combinations. That's for an eight-character password using letters only. Once other characters are added to passwords, such as numbers or nonalphanumeric characters (*,/,\.%,$,#, etc.), the password is even more difficult to guess. Guessing passwords is one of the most intense loads an administrator can place on his or her resources. Run Crack when network usage is light (weekends), and on the most capable CPU at your disposal.
While Crack is attempting to guess passwords, the administrator is able to check on the progress of the run by using the Reporter script. To execute the Reporter script, run the command:
There are only two options to select from when executing Reporter: Quiet mode is used to suppress warning and error messages; HTML mode is used to generate Reporter in HTML format.
To generate Reporter output in HTML format, use the command:
Suspending Crack Runs
The pauser script, located in the c50a/scripts subdirectory, is used to suspend Crack runs. The pauser script performs the following actions:
- While Crack is running, the pauser script is executed approximately every minute.
- The pauser script looks for a file named GOTO-SLEEP in the CRACK_HOME directory. If the file exists, the pauser script sleeps for one minute, and then looks for the GOTO-SLEEP file again.
- If the file is found again, pauser goes back to sleep.
- If the GOTO-SLEEP file is not found, the pauser script returns control to the cracker process that invoked pauser.
- To suspend a Crack run, the administrator needs to create the GOTO-SLEEP in the /usr/src/c50a directory.
- To create the GOTO-SLEEP file, use the command:
The pauser script also provides the administrator with the ability to run Crack only at night and on weekends. If this is required, remove the comments (#), from lines 3 to 9 in the following section of the pauser script.
1. # Go to sleep between 0800 and 1759 inclusive, except weekends
3. # set `date '+%H %w'` # $1=hour(00..23) $2=day(0..6)
5. # if [ "$1" -ge 8 -a "$1" -le 17 -a "$2" -ge 1 -a "$2" -le 5 ]
6. # then
7. # sleep $POLL
8. # continue
9. # fi
break # like, y'know, totally gross, man...
Terminating Crack runs
The plaster script, also located in c50a/scripts, is used to terminate Crack runs correctly. To shut down a Crack run correctly, run the following commands as root:
The plaster script will kill processes associated with both the Crack script and the cracker program.
The make tidy command will clean up various files created during the Crack run.
The Crack utility is a security tool that all system administrators should know how to use. Regularly scheduled Crack runs will provide the administrator with the ability to eliminate easily guessed passwords. This Daily Drill Down covered the installation and configuration of Crack on a Linux system. We discussed the installation of Crack and editing Crack configuration files to match the password hashing method being used. We also discussed how to build Crack dictionaries. Finally, we looked at the facilities available to read information generated by Crack, and the commands and procedures used to run, suspend, or terminate Crack runs.
Part two of this series will cover using Crack over networks, the Crack7 brute-force password guessing program, and creating Crack rules to control how Crack uses the dictionaries to guess passwords.
The authors and editors have taken care in preparation of the content contained herein but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.