-
Notifications
You must be signed in to change notification settings - Fork 59
/
check-psk-crack-4
executable file
·169 lines (168 loc) · 8 KB
/
check-psk-crack-4
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
#!/bin/sh
# The IKE Scanner (ike-scan) is Copyright (C) 2003-2007 Roy Hills,
# NTA Monitor Ltd.
#
# This file is part of ike-scan.
#
# ike-scan is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# ike-scan is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with ike-scan. If not, see <http://www.gnu.org/licenses/>.
#
# check-psk-crack-4 -- Shell script to test psk-crack for uncrackable hashes
# and other uncommon cases.
#
# Author: Roy Hills
# Date: 01 January 2007
#
# This shell script checks that psk-crack works for hashes that cannot be
# cracked, and various other things that are not tested with the other
# testing scripts.
#
# The specific areas tested by this script are:
#
# 1. MD5 and SHA1 hashes which cannot be cracked in dictionary or brute
# force mode;
# 2. Multiple PSK entries in one cracking run;
# 3. Running psk-crack with "--verbose" and "--verbose --verbose"; and
# 4. MD5 and SHA1 PSKs > 64 characters long.
#
TMPFILE=/tmp/ike-scan-test.$$.tmp
PSK=/tmp/psk-file.$$.tmp
LONGMD5PSK=/tmp/long-md5-psk-file.$$.tmp
LONGSHA1PSK=/tmp/long-sha1-psk-file.$$.tmp
DICTFILE=/tmp/ike-dict-file.$$.tmp
LONGDICTFILE=/tmp/ike-long-dict-file.$$.tmp
# Create PSK parameter files with known pre-shared keys.
# These parameters were generated using ike-scan 1.8.4 and Juniper NetScreen
# running ScreenOS 5.4.0r1.0. In both cases, the pre-shared key is "garibaldi"
echo "40bda5c13180d1d6f217e4849175941c9742b8e19ddef0fae080ad24ad43a8740585ed1848e51ca0218af9bddee9d2e9bf7ff04a7b5231ab08ce80627ae4e0bb573bb753a5bc2050dd924463d63aebd22264c94d0b010de41d416002d8b5b7597701ccfe40e58fa5a8108b3d0df806a6668aa51b2c9a31fe9ae16e3aa5cde5bf:e82e900bda96002a53ac57490f0257e8c77d42d91bc821f3fe52d71647186fa39d7de1249858340d7377eb76b516e67d86823ce3dee78318970505f5a89fb10262d755e973fdb7f95e2468e19960d33d1fe3261d0835c64e8907ea06c8bfb2c7c25cf6817b68c445100a09aab67e43f783e1f1305bd6a1611407e775bd0a8851:0c870b3b3eb9a4f9:a173f9069547144d:00000001000000010000002c01010001000000240101000080010005800200018003000180040002800b0001000c000400007080:011101f43e0369fb:213d31bff42969c49beed5d8c83c253c9fe8dc02:8f4c430dde34e99e2f2e7ed6e02b6fa25c5c2c7a:4e50b26bf55db6b1fb7d2e676f637e4e" > $PSK
echo "c3093ac76fb500a202d14924d3390d1f54c926cfb71c52bcbce9b96e48b831df087c5b4a7d481c9cc8495b420451e77c9332478ad842e26d2257a5bbaf65a05d42e4718e3ae363d54f6ee613e54a94b4297130c874908ca1d960b63d3e86623a68d02f1a6a014889d24db3c2bbaf16cab61e421b4832578b0814d3f45268f801:b848bdc2cc7658f97537d9a4cedbc5194ad87f9c3e82fbf337335e36667718cddb463af25627284dd5bf08cc804e272e6a213d6f2b80e9cf602e2371a1407bf2611abcaffec7ae8071ba01b893445dc7f3205bf2ecd11cd3aa80f9722f8cef755cd10ab890ff721e9fa4b1ec365a41787f70ed0852b8f3697ef3645ab10734ed:4d35826fc8efff9d:7414261f5dacb338:00000001000000010000002c01010001000000240101000080010005800200028003000180040002800b0001000c000400007080:011101f43e0369fb:0da2be36c9c55e6254c693b4ab5efbc5cc0d06a3:e0835265eb1aab741becaddc8b91a3fb8603db83:a4a152b38379d2d3992bf60c78e3a5ddb40745e5" >> $PSK
#
# Create MD5 and SHA1 PSK parameter files with the 65-character PSK:
# "12345678901234567890123456789012345678901234567890123456789012345"
# Cracking this requires an HMAC calculation with a 65-character key
# that tests a rarely used part of the HMAC code, which sets the
# key to MD5(key) if key length > 64. Details in RFC 2104.
# These parameters were generated using ike-scan 1.8.4 and Juniper NetScreen
# running ScreenOS 5.4.0r1.0.
echo "11c1fe3625f121b6d3a78c83b1e95d8ddd0dcd995219506b05641825ba98623fe5332e8fceb293cb7444ec5be93c78689e6bd59746445ce498c6d34f3440201020de158af7d7a4df60493c2a5a8f0f588827ad39e8f332064c597a82b70dbb7a93f0dbeda1f55bcf84088500f272db6b0a612d16138099ad9c751d9e77d484d7:8588a18ca324180948e403f727df0525c88c229728bfc837c6f2232163566379426a916d7001de706d517335ad88c2a97f20cd86b546c52a2434ffbc3858c3a469fb3bec78e0dc6eb088fe7cf4df1e8760843edd1b5381c852a57ba97be1c1567c5ccbbb94bc646735bd7c63a671af9165ecf03d44f09a0f291c9342eeb1450b:783c309391a03bc3:52816a0877553fd4:00000001000000010000002c01010001000000240101000080010005800200018003000180040002800b0001000c000400007080:011101f43e0369fb:2211642a52407f9b7130a4571cb9c6e7e750bf57:12fbeb37130dfe0d093530870658fbc9096c2053:d4ee32d6fc95517eb672c199ed510bbb" > $LONGMD5PSK
echo "bbfc1a122b52cce778cb769ecf40ed4cc3f75903ba0d3041aaa628451b60aa0dea9eae4d36a09502bbb5e832a54c5e1133753a90a6c81a5ab0b0cea8b981861fcc6fde21905d8b68b286d0542dc4234b6c5bae0c02a64c4287f3608bf4fee4a07e71f3d32e417c886b5a5ebd67fee8ed6aeefbee94835e15aed7847faf9bd696:a5d1d0b72d7b08c253cf1e4bc1575639ba6dcaa179829bab11cb3dddaddf3875bbf94428e0bd16357532a2b4a73e59477ee5f372010a843235adea5bc05fd9dd0ffd13f0a398efb48c6bc5d3173fd08d04c7a21ff2dbb94673ef919ba7d83c8ea1bf540897f53c62d7b8cdb8d70d6e7390aee143bcf87807d4ba5f296177ceb2:3e9e80bbae9c264d:2d4732ef8a14c854:00000001000000010000002c01010001000000240101000080010005800200028003000180040002800b0001000c000400007080:011101f43e0369fb:caffb48754efbfc3b734fc285c5c594e81cce20f:8318cfebfdc7807beda72178b42ee114e89b4db3:b662b1ca0ba31a9b90133901edb2b684fe20c67e" > $LONGSHA1PSK
#
# Create dictionary file that doesn't contain the known PSK.
echo "notthisone" > $DICTFILE
echo "NotThisOne" >> $DICTFILE
echo "WontMatch" >> $DICTFILE
echo "testing" >> $DICTFILE
echo "qwerty" >> $DICTFILE
#
# Create dictionary file for 65-character PSK
echo "notthisone" > $LONGDICTFILE
echo "12345678901234567890123456789012345678901234567890123456789012345" >> $LONGDICTFILE
#
echo "Checking psk-crack bruteforce with uncrackable MD5 and SHA1 hashes ..."
./psk-crack --verbose --bruteforce=6 --charset=abc123 $PSK >$TMPFILE
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $PSK
echo "FAILED"
exit 1
fi
grep '^no match found for MD5 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $PSK
echo "FAILED"
exit 1
fi
grep '^no match found for SHA1 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $PSK
echo "FAILED"
exit 1
fi
echo "ok"
#
echo "Checking psk-crack dictionary with uncrackable MD5 and SHA1 hashes ..."
./psk-crack --verbose --dictionary=$DICTFILE $PSK >$TMPFILE
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $PSK
echo "FAILED"
exit 1
fi
grep '^no match found for MD5 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $PSK
echo "FAILED"
exit 1
fi
grep '^no match found for SHA1 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $PSK
echo "FAILED"
exit 1
fi
echo "ok"
#
echo "Checking psk-crack dictionary with 65-character MD5 PSK ..."
./psk-crack --verbose --verbose --dictionary=$LONGDICTFILE $LONGMD5PSK >$TMPFILE
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $LONGDICTFILE
rm -f $LONGMD5PSK
echo "FAILED"
exit 1
fi
grep '^key "12345678901234567890123456789012345678901234567890123456789012345" matches MD5 hash' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $LONGDICTFILE
rm -f $LONGMD5PSK
echo "FAILED"
exit 1
fi
echo "ok"
#
echo "Checking psk-crack dictionary with 65-character SHA1 PSK ..."
./psk-crack --verbose --verbose --dictionary=$LONGDICTFILE $LONGSHA1PSK >$TMPFILE
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $LONGDICTFILE
rm -f $LONGSHA1PSK
echo "FAILED"
exit 1
fi
grep '^key "12345678901234567890123456789012345678901234567890123456789012345" matches SHA1 hash' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $LONGDICTFILE
rm -f $LONGSHA1PSK
echo "FAILED"
exit 1
fi
echo "ok"
#
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $LONGDICTFILE
rm -f $PSK
rm -f $LONGMD5PSK
rm -f $LONGSHA1PSK