Freaks Macintosh Archive

home *** CD-ROM | disk | FTP | other *** search

/ Freaks Macintosh Archive / Freaks Macintosh Archive.bin / Freaks Macintosh Archives / Attack⁄DoS / MacCrac.sit / MacCrac / MacCrac ReadMe next >

Wrap

Text File | 1995-02-08 | 8KB | 102 lines

MacCrac ALPHA .01 Ported and POWERPC accellerated by Hans Olsa, a Norwegian Original Unix Version "Crack Version 4.1" by Alec D.E. Muffett IMPORTANT NOTE First off, this is an ALPHA test version and is not intended for distribution. Secondly, this program is intended for use by system administrators to verify the security of their own systems and should not used for any other purpose. Like the original unix Crack, MacCrac is meant as a proving device to aid the construction of secure computer systems. INFORMATION MacCrac was written simply as a programming exersize. Everyone knows that Killer Crack Mac sucks, and if they don't, they should. MacCrac might be a more sophisticated alternative, as it allows for rules and has a semi-neat Mac interface. I wrote this for fun and probably won't be supporting it much. Then again, there's not much to do here in Norway except talk about the good ol' Viking days. Well, there is ice skating. We also have fresh vegetables. There are bugs all over the place. I didn't take the time to put nice sophisticated warning and error dialogs everywhere, so if you are doing something wrong you could get a weird error and get dumped from the program. If you run out of memory, say, you will be unexpectedly dumped from the program. How's that for user-friendliness? If this is officially released, I might take the time to fix all that stuff. MacCrac currently uses a modified version of Muffett's already-modified fcrypt() routine. I hope to use UFC's fast crypt() or make it an option soon. Kudos to Alec Muffett for his original version. WHAT MacCrac DOES MacCrac is a passwd file cracker. Using a dictionary file, it encrypts potential passwords and compares them to the user's actual encrypted password. MacCrac uses two files, gecos.rules and dict.rules to dictate what happens in each of its two passes. Pass #1 - This pass uses information from the passwd file itself, trying first name, last name, etc. as specified by the gecos.rules file. This pass usually goes pretty fast as it is using a very short dictionary of words supplied directly in the passwd file. Pass #2 - This is the bulk of the testing. Uses dictionary words in various incarnations as determined by the dict.rules file. As it goes along, MacCrac keeps a log of everything in a file called MacCrac.Log. Check this file after MacCrac finishes. WHAT MacCrac DOESN'T DO Alas, in it's porting to Mac, MacCrac has lost a few minor functions that don't apply themselves readily to Macintosh. For example, MacCrac no longer has the option to send mail to a user who has a bad password. Nor does MacCrac have the option to distribute a cracking session over the network (if you REALLY want to do this, just split the dictionary up and run it on more than one machine.) Also, there is no longer a priority setting for the crack process-- in fact, it now takes over your machine. Norwegian imperialism, y'know. SETTINGS Foreground If you want to see the most recent few lines from your log file on the screen as MacCrac is running, turn this option on. The log displays from the top to the bottom, and when it reaches the bottom, rather than scrolling, it goes back to the top, in a circular pattern. The most recently executed command will have the latest time stamp. If you have colour, foreground mode will colour-code the commands. Found passwords will be stamped in red. Also, a status bar along the bottom of the window tells you when a password has been discovered. Verbose/Echo You can put MacCrac in "verbose" mode where it will log everything it does. I don't recommend doing this (except for testing purposes) as you will slow the cracking process significantly and very quickly fill up your hard drive with junk. (Pronounced "yunk") Recover As MacCrac goes through the DICTIONARY file, it periodically updates its progress to a file called Point File. If your crack session should be interrupted, by say, a spodulous creep killing your power, you can do a semi-recover to about where it was when you left off. This will save a lot of time. It's always best to let a session run all the way through to the end. NOTE: Settings are *NOT* saved in a preferences file or anywhere else for that matter. Every time you run MacCrac it'll use default settings and you'll have to re-set it. FILES These files must all reside within the MacCrac folder. The filenames must be EXACT, in future versions you'll be able to change them. MacCrac - The main program. FAT, so you can run it on a PowerPC for significantly accelerated performance. MacCrac.Log - The log. Can get long quick, so make sure that you delete it occasionally. Every time MacCrac begins cracking, it appends (rather than rewrites) to this file. Use SimpleText to read the log. DICTIONARY - The dictionary. This is the ONLY dictionary file MacCrac uses, so if you want to use more than one, mix 'em together into one file. passwd - the passwd file you are using. gecos.rules - Rules regarding gecos information. Documented in dict.rules. Used for Pass #1 dict.rules - Rules about dictionary words. Self-documented. Used for Pass #2 Point File - See Settings. This is the file used for session recoveries. Feedback File - Used by session recoveries - contains info on passwords that have already been cracked so that a recover session doesn't try cracking passwords it already cracked. Updated after each dictionary rule pass. MEMORY ISSUES Although MacCrac itself doesn't use much memory at all (less than 300K), it does need enough memory to load and sort whatever dictionary you decide to use. The dictionary that is included with MacCrac is about two and a half megs, so I've set the minimum size at 5 megs, to be safe. If you decide to use a smaller dictionary or to break the dictionary up you can reduce the amount of space that the program takes in the Get Info box. Similarly, if you use a bigger dictionary, make sure to give the program enough room. MacCrac is stupid. It won't tell you if it runs out of memory. It'll just choke when loading the dictionary, and the program will quit. This is due to laziness on my part (you can get your money back at the cashier's office.) If the program stops running as the dictionary is being loaded, you should probably fool around with the memory requirements a bit. ADVICE/NOTES When running MacCrac, it might be a good idea to kill all your extensions that might slow down the system. This includes virtual memory, RamDoubler, etc. MacCrac should be the only program running, if possible. The computer will seem to be frozen while it is cracking. MacCrac doesn't stop to keep checking for new events (mouse clicks, disk inserts, etc) as it runs. This is to increase the overall speed. So, to abort on most machines, (and this may depend on the version of the system you're running) hold down OPTION and COMMAND (/) and then hit ESC. If there is already a log when you start your cracking session, MacCrac will append the new log to the end of what's already there. This way you can keep a more extensive record of what you've been doing, but it also means that the file could get long if you're always running it. So delete it from time to time. If you don't have one, get a Power PC. It's a LOT faster. Why did I take the "K" off the end of the word "Crack"? Why MacCrac and not MacCrack? Well, interesting you should ask. I dunno. I guess it's kinda making fun of the "mac, the computer for morons" philosophy. Why do they spell "Lite" beer that way? Remember, I AM from Norway and my English iz no that gud. Special thanks goes to my good Swedish friend Riccard Bjørgensen who helped me pick a nice icon. We have spent many hours together ice fishing off the coast of the Jürgen River and I promised him I'd mention him here. If you have suggestions for improvements, please leave comments on alt.2600 or write to: Hans Olsa O.E. Rolvaag Svensk, Norway 88C02-902-10 [March 1 1995]