Cracker Jack ist ein Unix Kennwort checker/cracker, welcher auf PC's ausfⁿhrbar ist.
Jack sichert alle geknackten Kennw÷rter in einer JACK.POT genannten Datei, in demselben Verzeichnis wie JACK.EXE. Wenn Sie Jack von von Diskette ausfⁿhren, schⁿtzen Sie es also nicht vor Schreibzugriffen.
Jack verwendet diese Datei, um zu ⁿberprⁿfen, ob einige der Kennw÷rter zuvor gecracked waren, und versucht nicht, sie wieder zu knacken. Bitte l÷schen Sie diese Datei nicht (es ist Readonly aus demselben Grund).
JACKPOT.EXE zeigt Ihnen die Kennw÷rter.
Cracker Jack, THE Unix Password Cracker
June 1993 DocÆs for Cracker Jack v 1.4
DISCLAIMER
The copyright of this software is owned by the author, Jackal.
Please feel free to make copies and share them with your friends. I can under no circumstances be held responsible for any consequences of your use/misuse of this package, whatever that may be (system crash, you going to jail, world war, etc..). Nor can I guarantee any functionality, just take it or leave it.
What is Cracker Jack?
Cracker Jack is a Unix password checker/cracker, running on PCÆs. As humble as I am, I donÆt think youÆll find other Unix password crackers for PCÆs, who will beat it in speed (if you do, IÆll appreciate if you let me know).
It is currently available in 2 versions (for 8086/88 and 80386. IÆve dropped the 286 version, it wasnÆt significantly faster than the 8086 version).
The 386 version is far faster than the other, please use that, if you have a 386 or 486 CPU. Besides, the 386 version has no 640 kb limit, so you can load a lot more accounts. The 386 version also runs under OS/2 v. 2.0.
(Special versions for 486 and 586/Pentium might be available in the future. Likewise, I might port it to other CPUÆs on other O/SÆes than DOS and OS/2, but donÆt count on it).
WhatÆs new in Cracker Jack 1.4?
I finally got that Borland C++ v 3.1, but IÆm rather disappointed, æcoz in the meantime IÆve got hold on the GNU C compiler - ITÆS GREAT! After porting Jack to this compiler, it runs about 8% faster, at least on my PC. I believe, however, that the speed increase is varying, depending on your CPU type, cache RAM etc. Anyway, it now runs in protected mode (and it REQUIRES a 386/486!), so thereÆs no 640 kb limit. Thanks to the EMX port of GNU C, it also runs under OS/2 2.0. Furthermore, IÆve (once again) rearranged the account loading and sorting algorithm, so thereÆs virtually no startup delay, even when loading several thousand accounts.
I have included a sort utility, JSORT. It doesnÆt have the 64 kb limit as DOS SORT has. Currently it doesnÆt support single crack wordlists, but IÆm working on that.
JPP can now insert a dot BEFORE the password, with option -dot:0
ThatÆs basically it, no real news, but I thought this was worth releasing.
WhatÆs new in Cracker Jack 1.3
╖ Rearranged and optimized the account loading/checking routines, thus gaining faster loading and space for more accounts per session.
╖ Added the -noname switch, which prevents Jack from loading the login names into memory, and thus lets you load even more accounts per session. The more accounts, the more comparisons/second.
╖ In single crack mode, it now checks ALL the accounts with same salts as the account being processed. This takes almost no extra time, so why not do it? It has given ME some accounts. :)
╖ It now checks the keyboard for Ctrl-C, so you donÆt have to wait eras when you wanna abort the session.
╖ Status is now only showed when you press a key (and on exit), so you get a bigger chance of seeing cracked passwords, before they scroll off the screen.
╖ It is now possible to restore an aborted single crack session.
JackalÆs future plans:
╖ Fix JSORT to support single crack wordlists
╖ Implement password generator
╖ Add æfree crackÆ option to load accounts with same salts from other pwfiles (and/or same pwfile when using the -u option)
╖ Implement more options into JPP.
╖ Possibly implement the features of JPP into Jack itself, to avoid the need of lot of harddisk space for the DOS pipe, especially when you use -gecos:8
╖ Improve the docs
Files in the archive
The following files are included in the archive:
JACK.EXE Cracker Jack
JPP.EXE Jack PreProcessor, manipulates words JACKPOT.EXE Shows you the passwords cracked so far XTRACT.EXE Extracts words from any file JSORT.EXE Sorts standard wordfiles (NOT single crack wordlists!) JACK14.DOC Hmmm, what can this be? :)
EMX.EXE *) EMX runtime/system interface for DOS
EMX.DLL *) EMX runtime/system interface for OS/2
*) Note: Only included in the 386 version.
Beware, that all executables are NOT the same in the 386 version as in the 8086 version, although the names are the same.
How to use Cracker Jack
I guess youÆll figure it out yourself, but there are some things that might require a word of explanation.
Jack saves all cracked passwords in a file called JACK.POT, in the same directory as JACK.EXE. Be aware of this, if you run Jack from a floppy (who would do that?), donÆt write protect it.
Jack uses this file to check, if any of the passwords were cracked previously, and wonÆt try to crack them again. So, please donÆt delete this file (itÆs readonly for the same reason).
JACKPOT.EXE shows you these passwords.
Since this is similar to the ävalidfile" output in previous versions of Jack, I have removed this option. Some of you might miss it, but it requires a lot of core, which I felt could be better used for cracking more accounts.
JACKPOT.EXE HAS TO BE IN THE SAME DIRECTORY AS JACK.EXE!
With Jack it is possible to crack more than 1 passwd file, without you have to combine them into one single. You can even use wildcards.
Every 10 minutes (and upon completion), Jack saves point information to a file (RESTORE, unless you specified another name with the -r option). In case the system crashes, you donÆt have to start all over. But if you interrupt a session and start a new one, the old information is overwritten. Therefore, always rename the file, if you want to use it.
The -user option lets you specify the login names or user idÆs of the accounts you want to crack. F.ex. -user:0 would load all accounts with root privÆs, whereas -user:root would just load the root account itself.
The single crack option (-single) in JACK is used in conjunction with
the login (-login) and gecos (-gecos:#) options of JPP. F.ex. would
JPP -gecos:1 -lower pwfile | JACK -stdin -single pwfile lowercase each word in the gecos fields and try it on the accounts to whom it belongs AND to other accounts with the same salt.
There is one thing, you have to be aware of, when using single crack mode; It is not adviced to direct the output from JPP to a file, and then use this file as input for Jack. Because Jack does not load the accounts it has cracked previously, the inputfile has to provide login/gecos words from the UNCRACKED accounts ONLY! Otherwise JACK gets out of syncronization, and tries the supplied words on the wrong accounts. In other words, if you have cracked some accounts AFTER the creation of the inputfile, you have to recreate it with JPP. This is also the case if you restore a single crack session. If you always PIPE the output from JPP into Jack, thereÆs no problems.
JPP.EXE HAS TO BE IN THE SAME DIRECTORY AS JACK.EXE!
To illustrate the gecos option of JPP, suppose we have a passwd file with the following account:
billy:EncrPassword:123:10:Billy The Kid:/usr/billy:/bin/csh
There are 4 levels of gecos manipulation.
1: Each word
e.g. äBilly", äThe", äKid"
2: Combination of any 2 words
e.g. äBillyThe", äBillyKid", äTheBilly", äTheKid" ,... 4: Combination of 1 word and up to 2 initials e.g. äBillyTK", äBillyKT", äTKBilly", äTBillyK", äBKid" ,... 8: Combination of substrings of up to 3 words e.g. äBiThKid", äBillKi", äBilTheKi", äTheBillyK", äBTK" ,...
Level 1, 2 and 4 can be added together. F.ex. if you want to get level 1 and level 4 in one run, specify -gecos:5.
Level 8 is an outsider; it always includes the other levels as well, except that the output from level 8 is never more than 8 chars, to cut down disk usage. Speaking of disk usage, remember to set the DOS TEMP variable to a disk big enough to store the temporary file, created by the DOS pipe (|). Preferrably the disk should be cached as well.
The XTRACT program was created for a specific need I had (to retrieve fancy words from a game).
Usage: XTRACT MYFILE.XXX | SORT | JPP -include > WORDS.XXX The reason to pipe it through JPP, is that JPP uniqueÆs itÆs output. Another purpose for it, could be if you just had a couple of words to pass to Cracker Jack, but didnÆt want to create a wordfile:
You cannot specify more than one wordfile to JACK (although you can to JPP)
You cannot use spaces in the parameters to JPP, but since only the 7 lower bits of each char in the password is used, you can use char # 160 ( = AltGr+1+6+0) instead. e.g:
JSORT doesnÆt support single crack wordlists yet. In these wordlists, generated by JPPÆs -login or -gecos options, there are some strings, ä***!***", which tells Jack to switch to the next salt. JSORT doesnÆt recognise this string as anything special, and just treats it as a normal input line.
................
Have phun, Jackal.
Contacting the author / How to get help / Dist. site
The official distribution site for CrackerJack is Freeside, +45-3-122-3119.
Here you may contact the author, as well as obtain the latest version.
