[Forensics-changes] [crack] 02/40: Import Debian patch 5.0a-7
Giovani Augusto Ferreira
giovani-guest at moszumanska.debian.org
Wed Dec 28 02:47:51 UTC 2016
This is an automated email from the git hooks/post-receive script.
giovani-guest pushed a commit to branch debian
in repository crack.
commit c8ac322456d8e35cd65f668be0b841a261665dc6
Author: Pawel Wiecek <coven at debian.org>
Date: Sun Oct 3 23:49:01 2004 +0200
Import Debian patch 5.0a-7
---
Crack | 94 +------
Crack.make | 210 +++++++++++++++
c50-faq.html | 582 ++++++++++++++++++++++++++++++++++++++++
c50-faq.txt | 303 +++++++++++++++++++++
conf/dictgrps.conf | 2 +-
debian/Crack | 36 +++
debian/Crack-Reporter | 9 +
debian/Crack.8 | 136 ++++++++++
debian/README.Debian | 47 ++++
debian/changelog | 85 ++++++
debian/control | 44 +++
debian/copyright | 156 +++++++++++
debian/crack-common.docs | 4 +
debian/crack-md5.dirs | 5 +
debian/crack.dirs | 5 +
debian/crack.doc-base.crack | 14 +
debian/crack.doc-base.crack-faq | 14 +
debian/dirs | 4 +
debian/postrm | 25 ++
debian/rules | 152 +++++++++++
extra/Dictstats.pl | 2 +-
scripts/binstamp | 7 +
scripts/netcrack | 2 +-
scripts/smartcat | 9 +-
src/libdes/stcmuMmo | 1 +
src/util/Makefile | 15 +-
26 files changed, 1854 insertions(+), 109 deletions(-)
diff --git a/Crack b/Crack
index 3306251..443fad4 100755
--- a/Crack
+++ b/Crack
@@ -15,74 +15,6 @@
# nice, generic path (RedHat Linux, Solaris1, Solaris2)
CRACK_PATH=/usr/local/bin:/usr/ccs/bin:/usr/sbin:/sbin:/usr/bin:/bin:/usr/ucb:/usr/etc:$PATH
-# compiler options for crack 5.0
-#
-# -DUSE_BZERO /* add this to C5FLAGS if you don't have memset() */
-# -DUSE_MALLOC_H
-# -DUSE_PWD_H
-# -DUSE_SIGNAL_H
-# -DUSE_STDLIB_H
-# -DUSE_STRINGS_H
-# -DUSE_STRING_H
-# -DUSE_SYS_TYPES_H
-# -DUSE_UNISTD_H
-# -DMAXWORDLEN= /* ignore if you don't read the code */
-# -DNUMWORDS= /* ignore if you don't read the code */
-# -DSTRINGSIZE= /* ignore if you don't read the code */
-
-# this set tested on:
-# - solaris 2.5
-# - redhat linux 4.0
-# - digital unix v4.0
-
-C5FLAGS="-DUSE_STRING_H -DUSE_STDLIB_H -DUSE_SIGNAL_H -DUSE_SYS_TYPES_H -DUSE_UNISTD_H -DUSE_PWD_H"
-
-#
-# now pick your compiler
-#
-
-# vanilla unix cc
-CC=cc
-CFLAGS="-g -O $C5FLAGS"
-#LIBS=-lcrypt # uncomment only if necessary to use stdlib crypt(), eg: NetBSD MD5
-
-# gcc 2.7.2
-#CC=gcc
-#CFLAGS="-g -O2 -Wall $C5FLAGS"
-#LIBS=-lcrypt # uncomment only if necessary to use stdlib crypt(), eg: NetBSD MD5
-
-# digital unix v4.0, CFLAGS for ev4/ev5 chipsets (pick one)
-#CC=cc
-#CFLAGS="-O4 -fast -tune ev4 $C5FLAGS"
-#CFLAGS="-O4 -fast -tune ev5 $C5FLAGS"
-#LIBS=
-
-# Uncomment the next two lines if a) you are running Crack in
-# networking mode, and b) your environment's operating system will not
-# necessarily run binaries compiled on other revs of the same
-# operating system which have the same architecture and the same
-# *MAJOR* revision number.
-#
-# eg: if you have Foonix 2.0 boxes as well as Foonix 2.1 boxes; in
-# this example, the major revision number is "2". If the Foonix 2.1
-# O/S will not run Foonix 2.0 binaries for some reason, or vice-versa,
-# then uncomment these lines.
-
-#STRICT_OSREV=yes
-#export STRICT_OSREV
-
-# Uncomment and/or modify on HP/UX or similar where the UCB "rsh"
-# command has been renamed. See scripts/crack-rsh also
-#CRACK_RSH=remsh
-#CRACK_RCP=rcp
-
-###########################################################
-###########################################################
-#################### THAT'S ALL, FOLKS ####################
-#### NOW GO CONFIGURE YOUR CRYPT ALGORITHM, EG: LIBDES ####
-###########################################################
-###########################################################
-
###
# security
###
@@ -330,32 +262,8 @@ fi
###
PATH=$CRACK_HOME/scripts:$CRACK_HOME/$bindir:$PATH
-export PATH
-
-###
-# Make the binaries
-###
-
-echo "Crack: making utilities in $bindir"
-
-if [ ! -d $bindir ] # small redundancy, big benefit
-then
- mkdir $bindir || exit 1
-fi
-
-make clean || exit 1
-
-make ARGS="\"XDIR=../../$bindir\" \"XCFLAGS=$CFLAGS\" \"XCC=$CC\" \"XLIBS=$LIBS\"" utils || exit 1
+export PATH
-###
-# Make Only ?
-###
-
-if [ "x$makeonlyflag" != "x" ]
-then
- echo "Crack: makeonly done"
- exit 0
-fi
###
# Make the dictionary passes
diff --git a/Crack.make b/Crack.make
new file mode 100644
index 0000000..df6308f
--- /dev/null
+++ b/Crack.make
@@ -0,0 +1,210 @@
+#!/bin/sh
+###
+# This program was written by and is copyright Alec Muffett 1991,
+# 1992, 1993, 1994, 1995, and 1996, and is provided as part of the
+# Crack v5.0 Password Cracking package.
+#
+# The copyright holder disclaims all responsibility or liability with
+# respect to its usage or its effect upon hardware or computer
+# systems, and maintains copyright as set out in the "LICENCE"
+# document which accompanies distributions of Crack v5.0 and upwards.
+#
+# This is the Crack.makeonly version which *only* compiles the utilities
+# under run/dir used for Crack
+#
+# This program was made based on Crack by Javir Fernandez-Sanguino
+# for the Debian GNU/Linux distribution
+
+###
+# User-configurable junk for Crack
+###
+
+# nice, generic path (RedHat Linux, Solaris1, Solaris2)
+CRACK_PATH=/usr/local/bin:/usr/ccs/bin:/usr/sbin:/sbin:/usr/bin:/bin:/usr/ucb:/usr/etc:$PATH
+
+# compiler options for crack 5.0
+#
+# -DUSE_BZERO /* add this to C5FLAGS if you don't have memset() */
+# -DUSE_MALLOC_H
+# -DUSE_PWD_H
+# -DUSE_SIGNAL_H
+# -DUSE_STDLIB_H
+# -DUSE_STRINGS_H
+# -DUSE_STRING_H
+# -DUSE_SYS_TYPES_H
+# -DUSE_UNISTD_H
+# -DMAXWORDLEN= /* ignore if you don't read the code */
+# -DNUMWORDS= /* ignore if you don't read the code */
+# -DSTRINGSIZE= /* ignore if you don't read the code */
+
+# this set tested on:
+# - solaris 2.5
+# - redhat linux 4.0
+# - digital unix v4.0
+
+C5FLAGS="-DUSE_STRING_H -DUSE_STDLIB_H -DUSE_SIGNAL_H -DUSE_SYS_TYPES_H -DUSE_UNISTD_H -DUSE_PWD_H"
+
+#
+# now pick your compiler
+#
+
+# vanilla unix cc
+#CC=cc
+#CFLAGS="-g -O $C5FLAGS"
+#LIBS=-lcrypt # uncomment only if necessary to use stdlib crypt(), eg: NetBSD MD5
+
+# gcc 2.7.2
+CC=gcc
+CFLAGS="-g -O2 -Wall $C5FLAGS"
+LIBS=-lcrypt # uncomment only if necessary to use stdlib crypt(), eg: NetBSD MD5
+
+# digital unix v4.0, CFLAGS for ev4/ev5 chipsets (pick one)
+#CC=cc
+#CFLAGS="-O4 -fast -tune ev4 $C5FLAGS"
+#CFLAGS="-O4 -fast -tune ev5 $C5FLAGS"
+#LIBS=
+
+# Uncomment the next two lines if a) you are running Crack in
+# networking mode, and b) your environment's operating system will not
+# necessarily run binaries compiled on other revs of the same
+# operating system which have the same architecture and the same
+# *MAJOR* revision number.
+#
+# eg: if you have Foonix 2.0 boxes as well as Foonix 2.1 boxes; in
+# this example, the major revision number is "2". If the Foonix 2.1
+# O/S will not run Foonix 2.0 binaries for some reason, or vice-versa,
+# then uncomment these lines.
+
+#STRICT_OSREV=yes
+#export STRICT_OSREV
+
+# Uncomment and/or modify on HP/UX or similar where the UCB "rsh"
+# command has been renamed. See scripts/crack-rsh also
+#CRACK_RSH=remsh
+#CRACK_RCP=rcp
+
+###########################################################
+###########################################################
+#################### THAT'S ALL, FOLKS ####################
+#### NOW GO CONFIGURE YOUR CRYPT ALGORITHM, EG: LIBDES ####
+###########################################################
+###########################################################
+
+###
+# security
+###
+
+umask 077
+export CRACK_PATH # So it can be picked up later
+PATH=$CRACK_PATH # For temporary use...
+export PATH
+
+###
+# Defaults
+###
+
+usage="Usage: Crack [options] [bindir] [[-fmt format] files]..."
+
+version="5.0a" # version string
+deffmt=trad # for default trad2spf
+dodie="" # for verbose usage/die
+debug="false" # ...guess...
+node=`uname -n` # more portable then `hostname`
+
+###
+# home base
+###
+
+CRACK_HOME=.
+
+if cd $CRACK_HOME
+then
+ CRACK_HOME=`pwd`
+else
+ echo "Fatal Error: $CRACK_HOME: cannot chdir" 1>&2
+ exit 1
+fi
+
+export CRACK_HOME
+
+###
+# sanity check
+###
+
+if [ ! -f "$CRACK_HOME/Crack" ]
+then
+ echo "Fatal Error: $CRACK_HOME: something weird going down" 1>&2
+ exit 1
+fi
+
+###
+# Hierarchy
+###
+
+for dir in run run/bin
+do
+ test -d $dir || mkdir $dir || exit 1
+done
+
+###
+# Flagwaving
+###
+
+echo "Crack $version: The Password Cracker."
+echo "(c) Alec Muffett, 1991, 1992, 1993, 1994, 1995, 1996"
+echo "System:" `uname -a 2>/dev/null`
+echo "Home: $CRACK_HOME"
+echo "Invoked: $0 $*"
+
+
+###
+# Sanity test bindir - written in gruntscript for clarity.
+###
+
+bdname=`scripts/binstamp 2>/dev/null`
+
+if [ "x$bdname" = "x" ]
+then
+ echo "Crack: error: cannot continue as binstamp returned empty string" 1>&2
+ exit 0
+fi
+
+echo "Stamp: $bdname"
+echo ""
+
+bindir=run/bin/$bdname
+
+
+###
+# Reset PATH in advance
+###
+
+PATH=$CRACK_HOME/scripts:$CRACK_HOME/$bindir:$PATH
+export PATH
+
+###
+# Make the binaries
+###
+
+echo "Crack: making utilities in $bindir"
+
+if [ ! -d $bindir ] # small redundancy, big benefit
+then
+ mkdir $bindir || exit 1
+fi
+
+make clean || exit 1
+
+make ARGS="\"XDIR=../../$bindir\" \"XCFLAGS=$CFLAGS\" \"XCC=$CC\" \"XLIBS=$LIBS\"" utils || exit 1
+
+###
+# Make Only ?
+###
+
+if [ "x$makeonlyflag" != "x" ]
+then
+ echo "Crack: makeonly done"
+ exit 0
+fi
+
+exit 0
diff --git a/c50-faq.html b/c50-faq.html
new file mode 100644
index 0000000..60dc7c5
--- /dev/null
+++ b/c50-faq.html
@@ -0,0 +1,582 @@
+<HTML>
+
+<HEAD>
+<TITLE>Crack Password Cracker FAQ</TITLE>
+</HEAD>
+
+<BODY BGCOLOR=#FFFFFF>
+
+<HR>
+<H1>FAQ for Crack v5.0a</H1>
+<I>
+Copyright (c) Alec Muffett, 1999, 2000, 2001 <BR>
+Revised: Wed Mar 21 02:38:38 GMT 2001
+</I>
+
+<P>
+
+<HR>
+<H1>Download</H1>
+
+<UL>
+<LI><I>Where can I go to download Crack?</I>
+<P>
+
+Last time I checked: (12 June 2000) <BR>
+
+<A HREF="ftp://ftp.cerias.purdue.edu/pub/tools/unix/pwdutils/crack">ftp://ftp.cerias.purdue.edu/pub/tools/unix/pwdutils/crack</A><BR>
+<A HREF="ftp://ftp.cert.dfn.de/pub/tools/password/Crack/">ftp://ftp.cert.dfn.de/pub/tools/password/Crack/</A>
+<P>
+
+With more dictionaries/wordlists available at: <BR>
+
+<A HREF="ftp://ftp.cerias.purdue.edu/pub/dict">ftp://ftp.cerias.purdue.edu/pub/dict</A><BR>
+<A HREF="ftp://ftp.ox.ac.uk/pub/wordlists">ftp://ftp.ox.ac.uk/pub/wordlists</A>
+<P>
+
+A PGP signature to validate the contents of any download you might find, is
+<A HREF="c50a.tgz.asc">available here</A>. My key is on the keyservers.
+
+<P>
+
+<LI><I>Can you send me the README for Crack?</I>
+
+<P>
+
+Better yet, there's a copy of it <A HREF="c50a.txt">right here</A>. Read it yourself.
+
+<P>
+
+<LI><I>I can't download Crack! Will you please e-mail it to me?</I>
+
+<P>
+
+Sorry, but no. It's too big for me to be mailing it to people who
+invariably then tell me that it's in the wrong format for them anyway,
+or who want to use it on Microsoft Windows. (see below)
+
+<P>
+
+</UL>
+
+<HR>
+<H1>Trolls <A HREF="crack-users.txt">[MORE]</A></H1>
+
+<UL>
+<LI><I>How can I run Crack on a Win98/WinNT/MS-DOS system?</I>
+
+<P>
+
+You can't. Crack is Unix software, written for Unix systems and
+running primarily <b>on</b> Unix systems, and if you don't know what
+Unix is, then you don't need to know about Crack.
+
+<P>
+
+<LI><I>Can you hack this guy's account/password/computer for me?</I>
+
+<P>
+
+Probably, but I am not going to; now be a good little trog and run
+along and report yourself to your local police authorities, please...
+
+<P>
+
+<LI><I>Can you give me a Crack for TombRaider/Carmageddon/FinalFantasy?</I>
+
+<P>
+
+Oh, go away and get a life, you horrible little oik.
+
+<P>
+
+
+<LI><I>H3Y D00D - WAr3 KaN 1 BuY CRACK?!?!!</I>
+
+<P>
+
+I am reliably informed that the answer to this is <I>"any
+street-corner in Oakland"</I> - but being based in the UK I cannot
+vouch for the accuracy of this statement.
+
+<P>
+
+</UL>
+
+<HR>
+<H1>Technical</H1>
+
+<UL>
+
+<LI><I>When I run Crack, it says "Done." and exits immediately, and
+there are no results when I run the Reporter script; why is
+this?</I>
+
+<P>
+
+<TT>Crack</TT> is an unusual Unix program - it runs the actual cracking process
+in the "background"; when you type:
+
+<P>
+
+<PRE>
+ Crack passwd.txt
+</PRE>
+
+<P>
+
+...or whatever, the <TT>Crack</TT> wrapper-script launches a
+background process called <TT>crack-pwc</TT>, and it is <I>this</I>
+which guesses passwords.
+
+<P>
+
+It is <TT>crack-pwc</TT> that will run for a long time, and if you do:
+
+<P>
+
+<PRE>
+ ps -auxww <I>...or...</I>
+ ps -ef
+</PRE>
+
+<P>
+
+...after running <TT>Crack</TT>, then you should see a copy of
+<TT>crack-pwc</TT> running merrily in the background; ideally you
+should only have 1 copy of <TT>crack-pwc</TT> running, for each CPU in
+your machine.
+
+<P>
+
+<LI><I>How long does crack-pwc run for?</I>
+
+<P>
+
+Hard to say, since this will depend upon the number of passwords that
+are being cracked, and the speed of your machines.
+
+<P>
+
+The short answer is: <I>at least hours, probably days, possibly weeks.</I>
+
+<P>
+
+The longest single continuous <TT>Crack</TT> run I have ever done, lasted a
+little under seven months non-stop on a little-used Sun 4/330, back in
+1991. With faster CPUs available nowadays, things are less-bad.
+
+<P>
+
+<LI><I>How do I add a list of my own words to the Crack dictionaries?</I>
+
+<P>
+
+Move the file containing the list of words into the <TT>dicts/1</TT>
+directory and do <TT>make rmdict</TT> in the <TT>Crack</TT> home
+directory; the words will be merged, the next time you run
+<TT>Crack</TT>.
+
+<P>
+
+That's all you have to do; you may choose to <I>compress</I> or
+<I>gzip</I> your wordlist file, if you like - <TT>Crack</TT> will
+automatically unpack it when it needs it - but it is not essential.
+
+<P>
+
+<LI><I>What are all the ".dwg" extensions on the Crack dictionary
+files for?</I>
+
+<P>
+
+<TT>Crack</TT> has a custom, built-in dictionary compression tool
+called DAWG (Directed Acyclic Word Graph) which preprocesses sorted
+lists of words to remove redundancy and make tools like <I>gzip</I>
+more effective.
+
+<P>
+
+Don't worry about it - it's not something that's likely to ever be
+needed by you in normal <TT>Crack</TT> usage.
+
+<P>
+
+<LI><I>Where can I get more wordlists?</I>
+
+<P>
+
+Last time I checked: <BR>
+
+<A href="ftp://ftp.ox.ac.uk/pub/wordlists/">ftp://ftp.ox.ac.uk/pub/wordlists/</A>
+
+<P>
+
+<LI><I>On RedHat-based Linux distributions, Crack doesn't run, and I
+get messages like this:</I>
+
+<P>
+
+<PRE>
+ ../../run/bin/linux-2-unknown/dictfilt dictfilt.c elcid.o
+ .../../run/bin/linux-2-unknown/libc5.a
+ cc: elcid.o : No such file or directory
+ make[1]:***[../../run/bin/linux-2-unknown/dictfilt] Error 1
+ make[1]: Leaving directory `/crack/c50a/src/util'
+ make[1]:*** [utils] Error 1
+</PRE>
+
+<P>
+
+It's a known problem: unfortunately the crypt() routine has now been
+unbundled from <i>libc</i> in many operating systems, and linkers tend
+to be more strict (or perhaps boneheaded?) than they used to be.
+
+<P>
+
+Here is a <A HREF="c50-linux-util-makefile.txt">replacement</A> for
+<tt>src/util/Makefile</tt> which <i>should</i> alleviate the problem.
+Like all Makefiles, it requires preservation of its TAB structure to
+work properly, so if your "make" program complains about:
+
+<P>
+
+<tt> *** missing separator. Stop.</tt>
+
+<P>
+
+...or similar, please try <b>saving the file properly using your
+browser function</b>, and not just cutting and pasting out of the
+browser window.
+
+<P>
+
+<LI><I>I want to produce reports of crackable passwords which do not
+actually contain the plaintext password itself. How do I do
+this?</I>
+
+<P>
+
+This is easily achieved by tweaking the "Reporter" script in Crack5.0;
+a little examination of the code, and it should be obvious what to do.
+
+<P>
+
+<LI><I>I want to compose my own rulesets; where can I find documentation?</I>
+
+<P>
+
+Documentation on the rulesets is a bit scanty, but this
+<A href="c50-rules.txt">file</A> should be of help.
+
+<P>
+
+<LI><I>I want to use Crack to check users' passwords when they are
+changing them; can I do this?</I>
+
+<P>
+
+Yes, however you ought to be looking at my <TT>CrackLib</TT> software
+which does this, and not <TT>Crack</TT> itself.
+
+<P>
+
+<LI> <I>Crack 4.x used to have this really neat feature where it would
+store passwords that it had <B>not</B> managed to guess, and it would
+not bother to attack them again next time. Why doesn't 5.x do this?
+I want this functionality back! </I>
+
+<P>
+
+I removed this functionality because many Crack users were not
+bothering to clear out the history of so-called <I>"unguessable"</I>
+passwords every few months; the point was that a password that was
+<I>unguessable</I> one month, might become <I>guessable</I> the next
+month, when other updates/additions might have been added to the
+password map, providing more guessing material for Crack.
+
+<P>
+
+People who want to reduce Crack runtime by only running it against new
+additions and changes to the password file, are encouraged to explore
+the opportunities that are afforded by the Unix commands <TT>sort</TT>
+and <TT>comm</TT>, which can enable equivalent functionality in a
+matter of seconds.
+
+<P>
+
+Keeping a <TT>sort</TT>ed copy of the last password file you cracked,
+and running <TT>comm</TT> against it and a <TT>sort</TT>ed copy of the
+new password file, will print any differences. Save these, and run
+Crack on that data.
+
+<P>
+
+Users are still recommended to try Cracking the whole password file,
+in one big chunk, changed or unchanged, at least occasionally.
+<P>
+
+</UL>
+
+<HR>
+<H1>Miscellany</H1>
+
+<UL>
+
+<LI><I>Is Crack supported?</I>
+
+<P>
+
+I fix bugs as/when I may, and occasonally post new revs to the net.
+Given how stupid people generally are regarding computer security, I
+can forsee doing this until the day I die. I can usually be persuaded
+to answer questions for beer.
+
+<P>
+
+<LI><I>Is Crack Y2K Compliant?</I>
+
+<P>
+
+Probably. If it isn't, I am sure I'll find out eventually.
+
+<P>
+
+<LI><I>We'd like to use Crack for inclusion in a commercial product or
+software distribution; is that OK?</I>
+
+<P>
+
+Please ensure that you have read the software LICENSE file, and
+double-check with me via e-mail if necessary.
+
+<P>
+
+<LI><I>We'd like to license Crack for inclusion in a commercial
+product; we'd like you to sign this disclaimer and contract and
+mail/fax it back trans-atlantic to our legal department in California,
+because it's obviously to your benefit that you do so.</I>
+
+<P>
+
+Thank you for the contract documents. I shall frame them and put them
+on the wall with the others in the toilet. Now kindly go read the
+LICENSE file, and e-mail me if you have any questions, although be
+aware that your response may be delayed by my rolling on the floor in
+hysterical laughter.
+
+<P>
+
+
+
+<LI> <I>Would you consider enhancing Crack to run {on a cluster, in an
+SMP or threaded environment, using MPI, PVM, POSIX threads, or alike}?</I>
+<P>
+
+Ah, this old chestnut; there is a note in the Crack5 distribution
+about this. Basically: because of the nature of the data being
+cracked, there is no real advantage in threading the code. It's
+easiest as one-process-per-CPU.
+<P>
+
+Consider: most of the point of threading and/or vector operations
+and/or parallelisation is to take advantage of many/optimised CPUs to
+do the same computational task in parallel/simultaneously/in one
+operation.
+<P>
+
+The function of Crack is to try as efficiently as possible (ie: once
+only) each of several million possible password guesses against the
+distinct ciphertexts of several thousand users.
+<P>
+
+<B>ie:</b> to do several billion computationally *distinct* things.
+<P>
+
+It is (regrettably) in the nature of cryptography that generation of
+each password hash (ie: call to <TT>crypt()</TT>) is of a
+mostly-computationally-distinct nature, and that the only way to use
+parallelization to speed this up would involve writing a highly
+architecture-specific parallel-<TT>crypt()</TT> implementation, which
+is not economically viable to create when compared to equivalent
+serial password-cracking programs.
+<P>
+
+in short: if a one woman can make a baby in nine months, this does
+*not* mean that nine women can make one baby in one month.
+<P>
+
+instead: nine women make nine babies in nine months, and all of those
+nine babies arrive simultaneously at the *end* of the nine months.
+<P>
+
+of course, if we *could* parallelise baby-creation, we would get one
+baby per month for nine months, but the problems of locking, surgery,
+gene-splicing and baby-fragment-reassembly would drag down the time,
+raise overheads and costs, and in the end yield exactly the same end-result as
+the serial-baby-creation-method. 8-)
+<P>
+
+
+<LI> <I>Oh go on - surely there must be some way to parallelise
+cracking operations? </I>
+<P>
+
+Well, it depends on what I/you mean by "making it parallel"; if by
+that you mean "creating a password hashing algorithm that makes
+effective use of multiple CPUs to speed the essentially linear
+<TT>crypt()</TT> mechanism" - then no, I don't believe it'd be viable
+(without specialist hardware) because the process of getting a
+password from an un-hashed state (say: Utah) to a hashed one (say:
+California) is most quickly achieved by dropping the data onto a
+single CPU (say: a Porsche 911) and driving non-stop.
+<P>
+
+The only overhead here is (of course) in tuning your algorithm for
+your specific CPU architecture, to most closely resemble a Porsche 911.
+<P>
+
+Nowadays, with locking overhead and synchronisation, using traditional
+multi-cpu parallelisation and threading would be more akin to
+hitch-hiking the length of the trip.
+<P>
+
+That said: there exists a technique called "bitslicing" which alas is
+complicated to do unless you're a crypto geek, but which basically
+involves packing as many people as feasible into your Porsche and
+occasionally stopping in order to rotate their positions.
+<P>
+
+In other words: on a 32-bit architecture you use bit-1 of your
+datapath to do encryption operations that are pertinent to one
+encryption, and you use bit-2 in order to do a second, bit-3 in order
+to do a third, and so forth, achieving parallelism of up to 32
+crypt-calls this way... on a 64-bit architecture, of course you do 64
+at once.
+<P>
+
+<I>(This technique was first written up by Biham several years ago,
+but I may have thought of the idea first, though I never managed to
+finish implementing it. I called the idea "polycrypt", conceived on a
+bus trip returning from a bash in London with Paul Leyland, and it was
+the main reason that I introduced the ELCID interface into Crack5; the
+date on my code is mid-1994 but i don't know when the bitslicing paper
+was conceived. Either way, I never did anything with it - I got
+swamped by what to do with S-boxes - so what the hell...)</I>
+</I>
+<P>
+
+You may realise now why I got out of the business of binding a
+specific crypt() algorithm into Crack as early as possible.
+In-between this sort of bit manipulation and/or issues of pipelining,
+branch-delay slots, and use/avoidance of bizzare multimedia CPU
+instructions to do the hard work for you in hardware, I came to
+conclude that hacking crypt() routines was a game for masochists.
+<P>
+
+
+<LI><I>How does the DAWG dictionary-compression algorithm work?</I>
+<P>
+
+Essentially it is a preprocessor for <TT>gzip</TT> that removes
+redundancy from a sorted list of words, and typically shrinks an input
+wordlist by some 50% without negatively impacting <TT>gzip</TT>'s
+ability to further compress the file.
+<P>
+
+In the new version of the DAWG code - slightly improved over the
+version that ships with Crack v5.0, but fundamentally the same -
+all you need do is:
+<P>
+
+<OL>
+<LI> sort the wordlist into normal Unix order. (beware localization!)
+<LI> for each word that the DAWG preprocessor reads...
+<LI> count how many leading characters it shares with the previous word that was read...
+<LI> encode that number as a character from the set <TT>[0-9A-Za-z]</TT> for values 0..61
+ (if the value is >61 then stop there)
+<LI> print said character (the encoded number) and the remaining stem of the word
+<LI> end-for-loop
+</OL>
+<P>
+
+eg:
+<P>
+
+<TABLE BORDER=1> <!-- cols=1 rows=6 -->
+<TR ALIGN=LEFT VALIGN=MIDDLE> <!-- row 1 -->
+<TD> <TT>foo</TT> </TD>
+</TR>
+<TR ALIGN=LEFT VALIGN=MIDDLE> <!-- row 2 -->
+<TD> <TT>foot</TT> </TD>
+</TR>
+<TR ALIGN=LEFT VALIGN=MIDDLE> <!-- row 3 -->
+<TD> <TT>footle</TT> </TD>
+</TR>
+<TR ALIGN=LEFT VALIGN=MIDDLE> <!-- row 4 -->
+<TD> <TT>fubar</TT> </TD>
+</TR>
+<TR ALIGN=LEFT VALIGN=MIDDLE> <!-- row 5 -->
+<TD> <TT>fub</TT> </TD>
+</TR>
+<TR ALIGN=LEFT VALIGN=MIDDLE> <!-- row 6 -->
+<TD> <TT>grunt</TT> </TD>
+</TR>
+</TABLE>
+<P>
+
+compresses to:
+<P>
+
+<TABLE BORDER=1> <!-- cols=2 rows=7 -->
+<TR ALIGN=CENTER VALIGN=MIDDLE> <!-- row 1 -->
+<TD ALIGN=LEFT> <TT>#!xdawg</TT> </TD>
+<TD> <i>magic header</i> </TD>
+</TR>
+<TR ALIGN=CENTER VALIGN=MIDDLE> <!-- row 2 -->
+<TD ALIGN=LEFT> <TT>0foo</TT> </TD>
+<TD> <i>first word has no letters in common with anything</i> </TD>
+</TR>
+<TR ALIGN=CENTER VALIGN=MIDDLE> <!-- row 3 -->
+<TD ALIGN=LEFT> <TT>3t</TT> </TD>
+<TD> <i>next has three letters in common, and a 't'</i> </TD>
+</TR>
+<TR ALIGN=CENTER VALIGN=MIDDLE> <!-- row 4 -->
+<TD ALIGN=LEFT> <TT>4le</TT> </TD>
+<TD> <i>"foot" + "le"</i> </TD>
+</TR>
+<TR ALIGN=CENTER VALIGN=MIDDLE> <!-- row 5 -->
+<TD ALIGN=LEFT> <TT>1ubar</TT> </TD>
+<TD> <i>"f" + "ubar"</i> </TD>
+</TR>
+<TR ALIGN=CENTER VALIGN=MIDDLE> <!-- row 6 -->
+<TD ALIGN=LEFT> <TT>3</TT> </TD>
+<TD> <i>"fub" + "" => truncation</i> </TD>
+</TR>
+<TR ALIGN=CENTER VALIGN=MIDDLE> <!-- row 7 -->
+<TD ALIGN=LEFT> <TT>0grunt</TT> </TD>
+<TD> <i>back to nothing in common</i> </TD>
+</TR>
+</TABLE>
+<P>
+
+Inspiration for using DAWG in Crack came from Paul Leyland back in the
+early 1990s, who mentioned something similar being used to encode
+dictionaries for crossword-puzzle solving programs; we continue to be
+astonished at how effective DAWG is on sorted inputs without
+materially impacting subsequent compression (ie: <TT>gzip</TT>); a
+gzipped-DAWG file is <I>also</I> typically about 50% of the size of
+the gzipped non-DAWGed file.
+<P>
+
+Just goes to prove that knowledge of the sort of input you'll be
+dealing with, can beat a general-purpose program hands-down; there are
+also interesting conclusions that can be drawn regarding the entropy
+of human languages after sorting.
+<P>
+
+</UL>
+<HR>
+<IMG SRC="/cgi-bin/webcount?length=6">
+</BODY>
+</HTML>
diff --git a/c50-faq.txt b/c50-faq.txt
new file mode 100644
index 0000000..a0a1d09
--- /dev/null
+++ b/c50-faq.txt
@@ -0,0 +1,303 @@
+
+ _________________________________________________________________
+
+ FAQ for Crack v5.0a
+
+ Copyright (c) Alec Muffett, 1999, 2000, 2001
+ Revised: Wed Mar 21 02:38:38 GMT 2001
+ _________________________________________________________________
+
+ Download
+
+ * Where can I go to download Crack?
+ Last time I checked: (12 June 2000)
+ [1]ftp://ftp.cerias.purdue.edu/pub/tools/unix/pwdutils/crack
+ [2]ftp://ftp.cert.dfn.de/pub/tools/password/Crack/
+ With more dictionaries/wordlists available at:
+ [3]ftp://ftp.cerias.purdue.edu/pub/dict
+ [4]ftp://ftp.ox.ac.uk/pub/wordlists
+ A PGP signature to validate the contents of any download you might
+ find, is [5]available here. My key is on the keyservers.
+ * Can you send me the README for Crack?
+ Better yet, there's a copy of it [6]right here. Read it yourself.
+ * I can't download Crack! Will you please e-mail it to me?
+ Sorry, but no. It's too big for me to be mailing it to people who
+ invariably then tell me that it's in the wrong format for them
+ anyway, or who want to use it on Microsoft Windows. (see below)
+ _________________________________________________________________
+
+ Trolls [7][MORE]
+
+ * How can I run Crack on a Win98/WinNT/MS-DOS system?
+ You can't. Crack is Unix software, written for Unix systems and
+ running primarily on Unix systems, and if you don't know what Unix
+ is, then you don't need to know about Crack.
+ * Can you hack this guy's account/password/computer for me?
+ Probably, but I am not going to; now be a good little trog and run
+ along and report yourself to your local police authorities,
+ please...
+ * Can you give me a Crack for TombRaider/Carmageddon/FinalFantasy?
+ Oh, go away and get a life, you horrible little oik.
+ * H3Y D00D - WAr3 KaN 1 BuY CRACK?!?!!
+ I am reliably informed that the answer to this is "any
+ street-corner in Oakland" - but being based in the UK I cannot
+ vouch for the accuracy of this statement.
+ _________________________________________________________________
+
+ Technical
+
+ * When I run Crack, it says "Done." and exits immediately, and there
+ are no results when I run the Reporter script; why is this?
+ Crack is an unusual Unix program - it runs the actual cracking
+ process in the "background"; when you type:
+ Crack passwd.txt
+ ...or whatever, the Crack wrapper-script launches a background
+ process called crack-pwc, and it is this which guesses passwords.
+ It is crack-pwc that will run for a long time, and if you do:
+ ps -auxww ...or...
+ ps -ef
+ ...after running Crack, then you should see a copy of crack-pwc
+ running merrily in the background; ideally you should only have 1
+ copy of crack-pwc running, for each CPU in your machine.
+ * How long does crack-pwc run for?
+ Hard to say, since this will depend upon the number of passwords
+ that are being cracked, and the speed of your machines.
+ The short answer is: at least hours, probably days, possibly
+ weeks.
+ The longest single continuous Crack run I have ever done, lasted a
+ little under seven months non-stop on a little-used Sun 4/330,
+ back in 1991. With faster CPUs available nowadays, things are
+ less-bad.
+ * How do I add a list of my own words to the Crack dictionaries?
+ Move the file containing the list of words into the dicts/1
+ directory and do make rmdict in the Crack home directory; the
+ words will be merged, the next time you run Crack.
+ That's all you have to do; you may choose to compress or gzip your
+ wordlist file, if you like - Crack will automatically unpack it
+ when it needs it - but it is not essential.
+ * What are all the ".dwg" extensions on the Crack dictionary files
+ for?
+ Crack has a custom, built-in dictionary compression tool called
+ DAWG (Directed Acyclic Word Graph) which preprocesses sorted lists
+ of words to remove redundancy and make tools like gzip more
+ effective.
+ Don't worry about it - it's not something that's likely to ever be
+ needed by you in normal Crack usage.
+ * Where can I get more wordlists?
+ Last time I checked:
+ [8]ftp://ftp.ox.ac.uk/pub/wordlists/
+ * On RedHat-based Linux distributions, Crack doesn't run, and I get
+ messages like this:
+ ../../run/bin/linux-2-unknown/dictfilt dictfilt.c elcid.o
+ .../../run/bin/linux-2-unknown/libc5.a
+ cc: elcid.o : No such file or directory
+ make[1]:***[../../run/bin/linux-2-unknown/dictfilt] Error 1
+ make[1]: Leaving directory `/crack/c50a/src/util'
+ make[1]:*** [utils] Error 1
+ It's a known problem: unfortunately the crypt() routine has now
+ been unbundled from libc in many operating systems, and linkers
+ tend to be more strict (or perhaps boneheaded?) than they used to
+ be.
+ Here is a [9]replacement for src/util/Makefile which should
+ alleviate the problem. Like all Makefiles, it requires
+ preservation of its TAB structure to work properly, so if your
+ "make" program complains about:
+ *** missing separator. Stop.
+ ...or similar, please try saving the file properly using your
+ browser function, and not just cutting and pasting out of the
+ browser window.
+ * I want to produce reports of crackable passwords which do not
+ actually contain the plaintext password itself. How do I do this?
+ This is easily achieved by tweaking the "Reporter" script in
+ Crack5.0; a little examination of the code, and it should be
+ obvious what to do.
+ * I want to compose my own rulesets; where can I find documentation?
+ Documentation on the rulesets is a bit scanty, but this [10]file
+ should be of help.
+ * I want to use Crack to check users' passwords when they are
+ changing them; can I do this?
+ Yes, however you ought to be looking at my CrackLib software which
+ does this, and not Crack itself.
+ * Crack 4.x used to have this really neat feature where it would
+ store passwords that it had not managed to guess, and it would not
+ bother to attack them again next time. Why doesn't 5.x do this? I
+ want this functionality back!
+ I removed this functionality because many Crack users were not
+ bothering to clear out the history of so-called "unguessable"
+ passwords every few months; the point was that a password that was
+ unguessable one month, might become guessable the next month, when
+ other updates/additions might have been added to the password map,
+ providing more guessing material for Crack.
+ People who want to reduce Crack runtime by only running it against
+ new additions and changes to the password file, are encouraged to
+ explore the opportunities that are afforded by the Unix commands
+ sort and comm, which can enable equivalent functionality in a
+ matter of seconds.
+ Keeping a sorted copy of the last password file you cracked, and
+ running comm against it and a sorted copy of the new password
+ file, will print any differences. Save these, and run Crack on
+ that data.
+ Users are still recommended to try Cracking the whole password
+ file, in one big chunk, changed or unchanged, at least
+ occasionally.
+ _________________________________________________________________
+
+ Miscellany
+
+ * Is Crack supported?
+ I fix bugs as/when I may, and occasonally post new revs to the
+ net. Given how stupid people generally are regarding computer
+ security, I can forsee doing this until the day I die. I can
+ usually be persuaded to answer questions for beer.
+ * Is Crack Y2K Compliant?
+ Probably. If it isn't, I am sure I'll find out eventually.
+ * We'd like to use Crack for inclusion in a commercial product or
+ software distribution; is that OK?
+ Please ensure that you have read the software LICENSE file, and
+ double-check with me via e-mail if necessary.
+ * We'd like to license Crack for inclusion in a commercial product;
+ we'd like you to sign this disclaimer and contract and mail/fax it
+ back trans-atlantic to our legal department in California, because
+ it's obviously to your benefit that you do so.
+ Thank you for the contract documents. I shall frame them and put
+ them on the wall with the others in the toilet. Now kindly go read
+ the LICENSE file, and e-mail me if you have any questions,
+ although be aware that your response may be delayed by my rolling
+ on the floor in hysterical laughter.
+ * Would you consider enhancing Crack to run {on a cluster, in an SMP
+ or threaded environment, using MPI, PVM, POSIX threads, or alike}?
+ Ah, this old chestnut; there is a note in the Crack5 distribution
+ about this. Basically: because of the nature of the data being
+ cracked, there is no real advantage in threading the code. It's
+ easiest as one-process-per-CPU.
+ Consider: most of the point of threading and/or vector operations
+ and/or parallelisation is to take advantage of many/optimised CPUs
+ to do the same computational task in parallel/simultaneously/in
+ one operation.
+ The function of Crack is to try as efficiently as possible (ie:
+ once only) each of several million possible password guesses
+ against the distinct ciphertexts of several thousand users.
+ ie: to do several billion computationally *distinct* things.
+ It is (regrettably) in the nature of cryptography that generation
+ of each password hash (ie: call to crypt()) is of a
+ mostly-computationally-distinct nature, and that the only way to
+ use parallelization to speed this up would involve writing a
+ highly architecture-specific parallel-crypt() implementation,
+ which is not economically viable to create when compared to
+ equivalent serial password-cracking programs.
+ in short: if a one woman can make a baby in nine months, this does
+ *not* mean that nine women can make one baby in one month.
+ instead: nine women make nine babies in nine months, and all of
+ those nine babies arrive simultaneously at the *end* of the nine
+ months.
+ of course, if we *could* parallelise baby-creation, we would get
+ one baby per month for nine months, but the problems of locking,
+ surgery, gene-splicing and baby-fragment-reassembly would drag
+ down the time, raise overheads and costs, and in the end yield
+ exactly the same end-result as the serial-baby-creation-method.
+ 8-)
+ * Oh go on - surely there must be some way to parallelise cracking
+ operations?
+ Well, it depends on what I/you mean by "making it parallel"; if by
+ that you mean "creating a password hashing algorithm that makes
+ effective use of multiple CPUs to speed the essentially linear
+ crypt() mechanism" - then no, I don't believe it'd be viable
+ (without specialist hardware) because the process of getting a
+ password from an un-hashed state (say: Utah) to a hashed one (say:
+ California) is most quickly achieved by dropping the data onto a
+ single CPU (say: a Porsche 911) and driving non-stop.
+ The only overhead here is (of course) in tuning your algorithm for
+ your specific CPU architecture, to most closely resemble a Porsche
+ 911.
+ Nowadays, with locking overhead and synchronisation, using
+ traditional multi-cpu parallelisation and threading would be more
+ akin to hitch-hiking the length of the trip.
+ That said: there exists a technique called "bitslicing" which alas
+ is complicated to do unless you're a crypto geek, but which
+ basically involves packing as many people as feasible into your
+ Porsche and occasionally stopping in order to rotate their
+ positions.
+ In other words: on a 32-bit architecture you use bit-1 of your
+ datapath to do encryption operations that are pertinent to one
+ encryption, and you use bit-2 in order to do a second, bit-3 in
+ order to do a third, and so forth, achieving parallelism of up to
+ 32 crypt-calls this way... on a 64-bit architecture, of course you
+ do 64 at once.
+ (This technique was first written up by Biham several years ago,
+ but I may have thought of the idea first, though I never managed
+ to finish implementing it. I called the idea "polycrypt",
+ conceived on a bus trip returning from a bash in London with Paul
+ Leyland, and it was the main reason that I introduced the ELCID
+ interface into Crack5; the date on my code is mid-1994 but i don't
+ know when the bitslicing paper was conceived. Either way, I never
+ did anything with it - I got swamped by what to do with S-boxes -
+ so what the hell...)
+ You may realise now why I got out of the business of binding a
+ specific crypt() algorithm into Crack as early as possible.
+ In-between this sort of bit manipulation and/or issues of
+ pipelining, branch-delay slots, and use/avoidance of bizzare
+ multimedia CPU instructions to do the hard work for you in
+ hardware, I came to conclude that hacking crypt() routines was a
+ game for masochists.
+ * How does the DAWG dictionary-compression algorithm work?
+ Essentially it is a preprocessor for gzip that removes redundancy
+ from a sorted list of words, and typically shrinks an input
+ wordlist by some 50% without negatively impacting gzip's ability
+ to further compress the file.
+ In the new version of the DAWG code - slightly improved over the
+ version that ships with Crack v5.0, but fundamentally the same -
+ all you need do is:
+ 1. sort the wordlist into normal Unix order. (beware
+ localization!)
+ 2. for each word that the DAWG preprocessor reads...
+ 3. count how many leading characters it shares with the previous
+ word that was read...
+ 4. encode that number as a character from the set [0-9A-Za-z]
+ for values 0..61 (if the value is >61 then stop there)
+ 5. print said character (the encoded number) and the remaining
+ stem of the word
+ 6. end-for-loop
+ eg:
+
+ foo
+ foot
+ footle
+ fubar
+ fub
+ grunt
+ compresses to:
+
+ #!xdawg magic header
+ 0foo first word has no letters in common with anything
+ 3t next has three letters in common, and a 't'
+ 4le "foot" + "le"
+ 1ubar "f" + "ubar"
+ 3 "fub" + "" => truncation
+ 0grunt back to nothing in common
+ Inspiration for using DAWG in Crack came from Paul Leyland back in
+ the early 1990s, who mentioned something similar being used to
+ encode dictionaries for crossword-puzzle solving programs; we
+ continue to be astonished at how effective DAWG is on sorted
+ inputs without materially impacting subsequent compression (ie:
+ gzip); a gzipped-DAWG file is also typically about 50% of the size
+ of the gzipped non-DAWGed file.
+ Just goes to prove that knowledge of the sort of input you'll be
+ dealing with, can beat a general-purpose program hands-down; there
+ are also interesting conclusions that can be drawn regarding the
+ entropy of human languages after sorting.
+ _________________________________________________________________
+
+ [INLINE]
+
+References
+
+ 1. ftp://ftp.cerias.purdue.edu/pub/tools/unix/pwdutils/crack
+ 2. ftp://ftp.cert.dfn.de/pub/tools/password/Crack/
+ 3. ftp://ftp.cerias.purdue.edu/pub/dict
+ 4. ftp://ftp.ox.ac.uk/pub/wordlists
+ 5. file://localhost/extra/desarrollo/jfs/debian/security/DO/crack/crack-5.0a/c50a.tgz.asc
+ 6. file://localhost/extra/desarrollo/jfs/debian/security/DO/crack/crack-5.0a/c50a.txt
+ 7. file://localhost/extra/desarrollo/jfs/debian/security/DO/crack/crack-5.0a/crack-users.txt
+ 8. ftp://ftp.ox.ac.uk/pub/wordlists/
+ 9. file://localhost/extra/desarrollo/jfs/debian/security/DO/crack/crack-5.0a/c50-linux-util-makefile.txt
+ 10. file://localhost/extra/desarrollo/jfs/debian/security/DO/crack/crack-5.0a/c50-rules.txt
diff --git a/conf/dictgrps.conf b/conf/dictgrps.conf
index 86bf7aa..f807fa1 100644
--- a/conf/dictgrps.conf
+++ b/conf/dictgrps.conf
@@ -16,7 +16,7 @@
# Dict '2' is created from $CRACK_HOME/dict/2/*
# Dict '3' is created from $CRACK_HOME/dict/3/*
-1:/usr/dict/*words* dict/1/*
+1:/usr/share/dict/*words* dict/1/*
2:dict/2/*
3:dict/3/*
diff --git a/debian/Crack b/debian/Crack
new file mode 100644
index 0000000..bcf3c2d
--- /dev/null
+++ b/debian/Crack
@@ -0,0 +1,36 @@
+#!/bin/sh
+# Wrapper file for Crack
+# written by Javier Fernandez-Sanguino for the Debian GNU/Linux distribution
+#
+# Licensed under the GNU GPL v2.
+# See /usr/share/doc/common-licenses/GPL
+
+# This is needed due to relative calls to 'dawg' and co.
+PATH=/usr/lib/Crack:$PATH
+export PATH
+
+if [ "`id -u`" != "0" ]
+then
+ echo "Crack requires root priviledges to run."
+ exit 1
+fi
+
+cd /usr/share/Crack
+MERGED=`tempfile -d run`
+if [ "$1" = "/etc/passwd" -a "$2" = "" ] ;
+then
+# User supplied one argument (hasn't read the instructions :)
+# Check if there is a shadow file
+ if [ -f /etc/shadow ] ; then
+ >$MERGED
+ # Just in case..
+ chmod 600 $MERGED
+ sh scripts/shadmrg.sv >$MERGED
+ ./Crack $MERGED
+ [ -f $MERGED ] && /bin/rm $MERGED
+ else
+ ./Crack $*
+ fi
+else
+ ./Crack $*
+fi
diff --git a/debian/Crack-Reporter b/debian/Crack-Reporter
new file mode 100644
index 0000000..7c5d77b
--- /dev/null
+++ b/debian/Crack-Reporter
@@ -0,0 +1,9 @@
+#!/bin/sh
+# Wrapper file for Reporter
+# written by Javier Fernandez-Sanguino for the Debian GNU/Linux distribution
+#
+# Licensed under the GNU GPL v2.
+# See /usr/share/doc/common-licenses/GPL
+
+cd /usr/share/Crack
+./Reporter $*
diff --git a/debian/Crack.8 b/debian/Crack.8
new file mode 100644
index 0000000..1eb0d52
--- /dev/null
+++ b/debian/Crack.8
@@ -0,0 +1,136 @@
+.TH CRACK 8
+.SH NAME
+Crack, Reporter \- programs to break password files
+.SH SYNOPSIS
+.B Crack
+.I [options] [\-fmt format] [file ...]
+.br
+.B Crack\-Reporter
+.I [\-quiet] [\-html]
+.SH "DESCRIPTION"
+This manual page documents briefly the
+.BR Crack,
+and
+.B Crack\-Reporter
+commands.
+This manual page was written for the Debian GNU/Linux distribution
+because the original program does not have a manual page.
+Instead, there is some documentation available at
+.I /usr/share/doc/crack
+which you are encouraged to read
+.PP
+.B Crack
+is not a program designed to break the password of every user in
+the file. Rather, it is designed to find weak passwords in the file, by
+attacking those sorts of bad passwords which are most likely to be used,
+in the order in which they would most easily be found (ie: are most
+likely to be used by a moronic user).
+
+Crack is not designed to break user passwords; it is designed to break
+password files. This is a subtle but important distinction.
+
+.B Crack\-Reporter
+will show what passwords have been cracked, as well as view
+errors that have been detected in the source password files, etc.
+Guesses are listed chronologically, so users who wish to see incremental
+changes in the output as Crack continues to run over a course of days or
+weeks, are encouraged to wrap invocations of \fBCrack\-Reporter\fR in a script with
+\fBdiff\fR.
+
+
+.SH OPTIONS
+A summary of options are included below.
+For Crack:
+.TP
+.B \-makedict
+Creates and compresss the dictionaries \fBCrack\fR will use
+.TP
+.B \-makeonly
+Compiles the binaries for \fBCrack\fR (not neccesary for Debian GNU/Linux since
+they are already provided)
+.TP
+.B \-debug
+Lets you see what the Crack script is doing.
+.TP
+.B \-recover
+Used when restarting an abnormally-terminated run; suppresses rebuild
+of the gecos-derived dictionaries.
+.TP
+.B \-fgnd
+Runs the password cracker in the foreground, with stdin, stdout and
+stderr attached to the usual places.
+.TP
+.B \-fmt format
+Specifies the input file format.
+.TP
+.B \-from N
+Starts password cracking from rule number "N".
+.TP
+.B \-keep
+Prevents deletion of the temporary file used to store the password
+cracker's input.
+.TP
+.B \-mail
+E-Mail a warning message to anyone whose password is cracked.
+See the script \fBnastygram\fR.
+.TP
+.B \-network
+Runs the password cracker in \fInetwork\fR mode.
+.TP
+.B \-nice N
+Runs the password cracker at a reduced priority, so that other jobs can
+take priority over the CPU.
+.TP
+.B \-kill filename
+.TP
+.B \-remote
+Internal options used to support networking.
+
+For Crack\-Reporter
+.B \-html
+Produces output in a fairly basic HTML-readable format.
+.B \-quiet
+Suppresses the reporting of errors in the password file
+(corrupt entries, etc)
+
+.SH EXAMPLES
+To run Crack
+
+ # Crack \-nice 10 /etc/passwd
+
+If a Crack session is killed accidentally, it can be restarted with moderate
+efficiency by doing:
+
+ mv run/Dhostname.N run/tempfilename
+ Crack \-recover \-fmt spf run/tempfilename
+
+However if all you wish to do is start cracking passwords from some specific
+rule number, or to restart a run whilst skipping over a few rulesets, try:
+
+ Crack [\-recover] \-from N filename ...
+
+\&...where N is the number of the rule to start working from.
+
+.SH FILES
+.I /usr/share/Crack
+Location of the Crack program and scripts.
+.I /var/run/Crack/
+Location for the temporary files used by Crack.
+
+.SH "SEE ALSO"
+You will find more documentation about Crack in the text files available in
+.IR /usr/share/doc/crack\-common
+Documentation includes the program's Manual (in HTML and Text files), the
+User's Frequently Asked Questions (FAQ), examples, articles and even some
+humour.
+
+.SH AUTHOR
+This manual page was written by Javier Fernandez-Sanguino <jfs at debian.org>,
+for the Debian GNU/Linux system (but may be used by others).
+
+.I Crack
+and
+.I Crack\-Reporter
+(originally called \fIReporter\fR)
+were written by Alec Muffett <Alec.Muffett at UK.Sun.COM>
+
diff --git a/debian/README.Debian b/debian/README.Debian
new file mode 100644
index 0000000..fea4f17
--- /dev/null
+++ b/debian/README.Debian
@@ -0,0 +1,47 @@
+crack for Debian
+----------------
+
+Debian passwd files are usually *NOT* merged so you *cannot* run
+# Crack /etc/passwd
+
+However, the Crack wrapper script has been modified to consider
+this case and run the merge scripts by itself and then run Crack
+on the merged file.
+
+If you are using MD5 passwords you need to install the 'crack-md5'
+package (not 'crack'), please read the documentation
+(/usr/share/doc/crack-common/manual.txt)
+
+BTW, if you have a mixed crypt/md5 environment Crack will probably not work
+100% fine. Period. You can install first the 'crack' package, run
+Crack (it will probably have problems with the Md5 passwords). Once
+it's finished (if ever) you should install 'crack-md5' and run it again.
+The package maintainer could probably provide a better way to handle
+this situation in the future but for now it's the only thing you can do
+(save, perhaps, fixing the code so Crack works with *both* MD5 and DES).
+
+Crack needs root priviledges to run. It will not work from ordinary user
+account. This is due to access permissions to /usr/share/Crack. Anyway -- you
+wouldn't want your users to run Crack on your machine, would you?
+
+There probably are errors due to the way it generates the binary-stamps
+(since it uses uname to know which binaries it has compiled). I've
+made changes to the script/binstamps so it always return 'debian'
+when running on a Debian system.
+
+Also, binaries are under /usr/lib/Crack (with a symlink under
+/usr/share/Crack/run/bin/debian to keep Crack happy) to follow the FHS
+
+
+TODO:
+
+- write manpage
+- fix lintian warnings (errors regarding xdawg are not errors, please
+ see the changelog)
+- add an init.d script so you can stop all password cracking processes
+ (and rerun them if there is anyone pending on bootup). This will also help
+ on upgrades (if any) since these processes should be stopped/restarted in
+ this cases.
+
+ -- Javier Fernandez-Sanguino Pen~a <jfs at computer.org>, Wed, 4 Sep 2002 14:28:19 +0200,
+ Pawel Wiecek <coven at debian.org>, Sun, 13 Oct 2002 21:05:38 +0200
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..19a645c
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,85 @@
+crack (5.0a-7) unstable; urgency=low
+
+ * Applied a patch from Nicolas Francois <nicolas.francois at centraliens.net>
+ to fix some formatting issues in Crack.8 (closes: #272578)
+
+ -- Pawel Wiecek <coven at debian.org> Sun, 3 Oct 2004 23:49:01 +0200
+
+crack (5.0a-6) unstable; urgency=low
+
+ * Added removing of run directory in clean target (closes: #227372)
+
+ -- Pawel Wiecek <coven at debian.org> Mon, 26 Jan 2004 11:24:45 +0100
+
+crack (5.0a-5) unstable; urgency=low
+
+ * Applied patch from Thiemo Seufer to fix a tiny error in debian/rules that
+ effectively prevented Crack from build on mips (closes: #210862)
+ * Updated standards version (no changes required)
+ * Changed some relative symlinks to absolute ones (as per policy)
+
+ -- Pawel Wiecek <coven at debian.org> Mon, 13 Oct 2003 16:38:34 +0200
+
+crack (5.0a-4) unstable; urgency=low
+
+ * Patch from Javier Fernandez-Sanguino Pena: Debian/rules now creates a
+ /var/run/Crack directory for the temporary creation of files by the Crack
+ scripts, symlinks are created from /usr/share/Crack/run to /var/run/Crack
+ in order to avoid modifying all the scripts, and maybe failing to fix some
+ (closes: #203658)
+ * Added a manpage from Javier Fernandez-Sanguino Pena (closes: #194414)
+
+ -- Pawel Wiecek <coven at debian.org> Tue, 2 Sep 2003 17:18:41 +0200
+
+crack (5.0a-3) unstable; urgency=low
+
+ * Applied patch from Javier Fernandez-Sanguino Pen~a to fix PATH Crack uses
+ (closes: #194417)
+ * Documented the fact that Crack is only available to root and added checks
+ (closes: #194415)
+ * Removed the call to dh_undocumented from debian/rules
+ * Updated Standards-version
+
+ -- Pawel Wiecek <coven at debian.org> Wed, 28 May 2003 13:38:18 +0200
+
+crack (5.0a-2) unstable; urgency=low
+
+ * Fixed doc-base errors (closes: #164912)
+ * Fixed xdawg symlink (closes: #164954)
+
+ -- Pawel Wiecek <coven at debian.org> Fri, 25 Oct 2002 14:03:33 +0200
+
+crack (5.0a-1) unstable; urgency=low
+
+ * Initial Release with GREAT help of Javier Fernandez-Sanguino Pen~a
+ <jfs at computer.org>, who actually made most of dirty work (Closes: #82613)
+ * There are currently a lot of lintian errors but these are *not* the
+ packages fault. The package uses a special header for dictionary files
+ (#!xdawg) which gets confused for an interpreter definition. DAWG
+ wordlist files format is specified in the FAQ (jfs)
+ * DAWG wordlist are generated *after* installation, on the first run
+ (in order to prevent this package from increasing in size) (jfs)
+ * Since sources need to be hacked (as described in the docs) to provide
+ MD5 or crypt (DES) functionality there are two conflicting packages
+ created (jfs)
+ * Created a simple wrapper script that merges passwd database for
+ clueless people (jfs)
+ * Created a new script based on Crack only for compilation (Crack.make)
+ and removed the compilation stuff from Crack since packages will not
+ include the sources (jfs)
+ * Applied recommended patch (see FAQ) for libc problems when compiling
+ Crack (jfs)
+ * Since debian takes care of distributing the proper binaries in
+ packages for the given architectures, the script/binstamp has been
+ modified to always return 'debian' if running on a Debian system (jfs)
+ * GHS compatibility -- the program configuration uses /usr/share/dict
+ (instead of /usr/dict) (jfs)
+ * The package Recommends: wordlist (jfs)
+ * Fixed a couple of spelling errors and other minor stuff like that (cov)
+ * Fixed debian/rules so the package actually builds from source (cov)
+ * Bumped standards-version to 3.5.6 (cov)
+ * Fixed many lintian errors and warnings, including some quite important
+ policy violations (cov)
+
+ -- Pawel Wiecek <coven at debian.org> Sun, 13 Oct 2002 21:38:05 +0200
+
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..e56ecd1
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,44 @@
+Source: crack
+Section: admin
+Priority: optional
+Maintainer: Pawel Wiecek <coven at debian.org>
+Build-Depends: debhelper (>> 3.0.0)
+Standards-Version: 3.6.1
+
+Package: crack-common
+Architecture: all
+Depends: make
+Recommends: wordlist
+Description: Password guessing program
+ Crack is program designed to quickly locate vulnerabilities
+ in Unix (or other) password files by scanning the contents
+ of a password file, looking for users who have misguidedly
+ chosen a weak login password.
+ .
+ This package provides the common files for the crypt() and
+ MD5 versions.
+
+Package: crack
+Architecture: any
+Depends: crack-common, ${shlibs:Depends}
+Conflicts: crack-md5
+Description: Password guessing program
+ Crack is program designed to quickly locate vulnerabilities
+ in Unix (or other) password files by scanning the contents
+ of a password file, looking for users who have misguidedly
+ chosen a weak login password.
+ .
+ This package provides the runtime files for the crypt() version.
+
+Package: crack-md5
+Architecture: any
+Depends: crack-common, ${shlibs:Depends}
+Conflicts: crack
+Provides: crack
+Description: Password guessing program
+ Crack is program designed to quickly locate vulnerabilities
+ in Unix (or other) password files by scanning the contents
+ of a password file, looking for users who have misguidedly
+ chosen a weak login password.
+ .
+ This package provides the runtime files for the MD5 version.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..39e1b99
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,156 @@
+This package was debianized by Javier Fernandez-Sanguino Pe�a
+<jfs at computer.org> on Wed, 4 Sep 2002 14:28:19 +0200.
+
+It was downloaded from http://www.users.dircon.co.uk/~crypto/download/
+
+Upstream Author: Alec Muffett <Alec.Muffett at UK.Sun.COM>
+
+Copyright:
+
+******************************************************************
+
+Throughout the entire history of the Crack software, the author has
+been employed (apart from occasional periods of unemployment) by a
+selection of academic institutions and companies, none of whom have
+ever dedicated any resources to the development of the software, nor
+have endorsed the development of the software in any other way.
+
+None of these institutions and companies bear any responsibility
+whatsoever for the software, including (but not restricted to)
+responsibility for its existence, structure, content, function or use
+by any person anywhere.
+
+******************************************************************
+
+The author would like to take this opportunity to thank those freeware
+authors who have made indirect but positive contributions to the
+development of Crack, notably:
+
+* Michael Glad (UFC) and Eric Young (libdes/SSLeay) for developments
+in the field of high-speed cryptographic implementation which have
+provided core functionality for Crack since 1991,
+
+* The Free Software Foundation for EMACS, GCC, and a variety of other
+essential software development tools,
+
+* Larry Wall for Perl (of which I cannot speak highly enough), and...
+
+* Linus Torvalds and all other contributors to the Linux project,
+which has provided the operating system upon which Crack has been
+developed for the last few years.
+
+The author would also like to thank Paul Leyland for the suggestion of
+several ideas key to the new release of the software, notably DAWG
+dictionary compression and dictionary handling techniques.
+
+******************************************************************
+
+(*
+This document is freely plagiarised from the 'Artistic Licence',
+distributed as part of the Perl v4.0 kit by Larry Wall, which is
+available from most major archive sites
+*)
+
+This documents purpose is to state the conditions under which this
+Package (See definition below) viz: The "Crack" Password Cracker, which
+is copyright Alec David Edward Muffett, may be copied, such that the
+Copyright Holder maintains some semblance of artistic control over the
+development of the package, while giving the users of the package the
+right to use and distribute the Package in a more-or-less customary
+fashion, plus the right to make reasonable modifications.
+
+******************************************************************
+
+Definitions:
+
+"Package" refers to the collection of files distributed by the Copyright
+Holder, and derivatives of that collection of files created through
+textual modification, or segments thereof.
+
+"Standard Version" refers to such a Package if it has not been modified,
+or has been modified in accordance with the wishes of the Copyright
+Holder.
+
+"Copyright Holder" is whoever is named in the copyright or copyrights
+for the package.
+
+"You" is you, if you're thinking about copying or distributing this
+Package.
+
+"Reasonable copying fee" is whatever you can justify on the basis of
+media cost, duplication charges, time of people involved, and so on.
+(You will not be required to justify it to the Copyright Holder, but
+only to the computing community at large as a market that must bear the
+fee.)
+
+"Freely Available" means that no fee is charged for the item itself,
+though there may be fees involved in handling the item. It also means
+that recipients of the item may redistribute it under the same
+conditions they received it.
+
+
+1. You may make and give away verbatim copies of the source form of the
+Standard Version of this Package without restriction, provided that you
+duplicate all of the original copyright notices and associated
+disclaimers.
+
+2. You may apply bug fixes, portability fixes and other modifications
+derived from the Public Domain or from the Copyright Holder. A Package
+modified in such a way shall still be considered the Standard Version.
+
+3. You may otherwise modify your copy of this Package in any way,
+provided that you insert a prominent notice in each changed file stating
+how and when AND WHY you changed that file, and provided that you do at
+least ONE of the following:
+
+a) place your modifications in the Public Domain or otherwise make them
+Freely Available, such as by posting said modifications to Usenet or an
+equivalent medium, or placing the modifications on a major archive site
+such as uunet.uu.net, or by allowing the Copyright Holder to include
+your modifications in the Standard Version of the Package.
+
+b) use the modified Package only within your corporation or
+organization.
+
+c) rename any non-standard executables so the names do not conflict with
+standard executables, which must also be provided, and provide separate
+documentation for each non-standard executable that clearly documents
+how it differs from the Standard Version.
+
+d) make other distribution arrangements with the Copyright Holder.
+
+4. You may distribute the programs of this Package in object code or
+executable form, provided that you do at least ONE of the following:
+
+a) distribute a Standard Version of the executables and library files,
+together with instructions (in the manual page or equivalent) on where
+to get the Standard Version.
+
+b) accompany the distribution with the machine-readable source of the
+Package with your modifications.
+
+c) accompany any non-standard executables with their corresponding
+Standard Version executables, giving the non-standard executables
+non-standard names, and clearly documenting the differences in manual
+pages (or equivalent), together with instructions on where to get the
+Standard Version.
+
+d) make other distribution arrangements with the Copyright Holder.
+
+5. You may charge a reasonable copying fee for any distribution of this
+Package. You may charge any fee you choose for support of this Package.
+YOU MAY NOT CHARGE A FEE FOR THIS PACKAGE ITSELF. However, you may
+distribute this Package in aggregate with other (possibly commercial)
+programs as part of a larger (possibly commercial) software distribution
+provided that YOU DO NOT ADVERTISE this package as a product of your
+own.
+
+6. The name of the Copyright Holder may not be used to endorse or
+promote products derived from this software without specific prior
+written permission.
+
+7. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+
+ The End
diff --git a/debian/crack-common.docs b/debian/crack-common.docs
new file mode 100644
index 0000000..c1968d0
--- /dev/null
+++ b/debian/crack-common.docs
@@ -0,0 +1,4 @@
+manual.txt
+manual.html
+c50-faq.html
+c50-faq.txt
diff --git a/debian/crack-md5.dirs b/debian/crack-md5.dirs
new file mode 100644
index 0000000..aaac1d9
--- /dev/null
+++ b/debian/crack-md5.dirs
@@ -0,0 +1,5 @@
+usr/sbin
+usr/lib/Crack
+usr/share/Crack
+etc/Crack
+var/run/Crack/bin
diff --git a/debian/crack.dirs b/debian/crack.dirs
new file mode 100644
index 0000000..aaac1d9
--- /dev/null
+++ b/debian/crack.dirs
@@ -0,0 +1,5 @@
+usr/sbin
+usr/lib/Crack
+usr/share/Crack
+etc/Crack
+var/run/Crack/bin
diff --git a/debian/crack.doc-base.crack b/debian/crack.doc-base.crack
new file mode 100644
index 0000000..5aed143
--- /dev/null
+++ b/debian/crack.doc-base.crack
@@ -0,0 +1,14 @@
+Document: crack
+Title: Crack Manual
+Author: Alec Muffett
+Abstract: This manual describes what crack is
+ and how it can be used to test for vulnerable passwords.
+Section: admin
+
+
+Format: text
+Files: /usr/share/doc/crack-common/manual.txt.gz
+
+Format: HTML
+Index: /usr/share/doc/crack-common/manual.html
+Files: /usr/share/doc/crack-common/manual.html
diff --git a/debian/crack.doc-base.crack-faq b/debian/crack.doc-base.crack-faq
new file mode 100644
index 0000000..bc291c1
--- /dev/null
+++ b/debian/crack.doc-base.crack-faq
@@ -0,0 +1,14 @@
+Document: crack-faq
+Title: Crack FAQ
+Author: Alec Muffett
+Abstract: This document includes Frequently Asked Questions
+ for Crack (the password guessing program).
+Section: admin
+
+
+Format: text
+Files: /usr/share/doc/crack-common/c50-faq.txt.gz
+
+Format: HTML
+Index: /usr/share/doc/crack-common/c50-faq.html
+Files: /usr/share/doc/crack-common/c50-faq.html
diff --git a/debian/dirs b/debian/dirs
new file mode 100644
index 0000000..4024d99
--- /dev/null
+++ b/debian/dirs
@@ -0,0 +1,4 @@
+usr/sbin
+usr/share/Crack
+usr/share/Crack/scripts
+etc/Crack
diff --git a/debian/postrm b/debian/postrm
new file mode 100644
index 0000000..6f0cf91
--- /dev/null
+++ b/debian/postrm
@@ -0,0 +1,25 @@
+#! /bin/sh
+# postrm script for crack
+#
+set -e
+
+case "$1" in
+ remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+
+
+ ;;
+ purge)
+# If the user has run crack there is stuff in here
+ [ -d /usr/share/Crack ] && rm -rf /usr/share/Crack
+ [ -d /etc/Crack ] && rm -rf /etc/Crack
+ ;;
+
+
+ *)
+ echo "postrm called with unknown argument \`$1'" >&2
+ exit 1
+
+esac
+#DEBHELPER#
+
+exit 0
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..e1caa91
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,152 @@
+#!/usr/bin/make -f
+# Sample debian/rules that uses debhelper.
+# GNU copyright 1997 to 1999 by Joey Hess.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+# This is the debhelper compatibility version to use.
+export DH_COMPAT=3
+
+
+
+ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS)))
+ CFLAGS += -g
+endif
+ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
+ INSTALL_PROGRAM += -s
+endif
+
+configure: configure-stamp
+configure-stamp:
+ dh_testdir
+ # Add here commands to configure the package.
+
+ touch configure-stamp
+
+
+build: build-stamp
+
+build-stamp: configure-stamp
+ dh_testdir
+
+ # Add here commands to compile the package.
+ #~$(MAKE)
+ chmod 755 Crack.make
+ ./Crack.make
+ # this is the crypt version, move it to other place
+ mv run/bin/debian/ run/bin/debian-crypt
+ # To build the MD5 version
+ mv src/libdes src/libdes.orig
+ cd src/util && cp elcid.c elcid.c.orig && cp elcid.c,bsd elcid.c
+ ./Crack.make
+ mv run/bin/debian/ run/bin/debian-md5
+ # Now restore it to the previous situation
+ mv src/libdes.orig src/libdes
+ cd src/util && cp elcid.c.orig elcid.c
+
+ touch build-stamp
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp configure-stamp
+
+ # Add here commands to clean up after the build process.
+ # This is done just in case
+ if [ -d src/libdes.orig ] ; then \
+ mv src/libdes.orig src/libdes ; \
+ cd src/util && cp elcid.c.orig elcid.c ;\
+ fi
+ -$(MAKE) spotless
+ -rm -rf run
+
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+
+ # Add here commands to install the package into debian/crack.
+ #$(MAKE) install DESTDIR=$(CURDIR)/debian/crack
+ # For the common package
+ install -m755 Crack Reporter debian/crack-common/usr/share/Crack/
+ install -m644 Makefile debian/crack-common/usr/share/Crack/
+ install -m755 scripts/* debian/crack-common/usr/share/Crack/scripts/
+ for i in dict ; do \
+ cp -a $$i debian/crack-common/usr/share/Crack/; \
+ done
+ cp -a conf/* debian/crack-common/etc/Crack/
+ cd debian/crack-common/usr/share/Crack/ && ln -s /etc/Crack conf
+ chmod a+x debian/crack-common/usr/share/Crack/Crack debian/crack-common/usr/share/Crack/Reporter
+ # For the DES version
+ cp -a run/bin/debian-crypt/* debian/crack/usr/lib/Crack
+ cd debian/crack/usr/share/Crack && ln -s /var/run/Crack run
+
+ cd debian/crack/var/run/Crack/bin/ && ln -s /usr/lib/Crack debian
+ install -m755 debian/Crack debian/Crack-Reporter debian/crack/usr/sbin/
+ # For the MD5 version
+ cp -a run/bin/debian-md5/* debian/crack-md5/usr/lib/Crack
+ cd debian/crack-md5/usr/share/Crack && ln -s /var/run/Crack run
+
+ cd debian/crack-md5/var/run/Crack/bin/ && ln -s /usr/lib/Crack debian
+ install -m755 debian/Crack debian/Crack-Reporter debian/crack-md5/usr/sbin/
+# Could change into this the previous statements:
+# dh_movefiles
+
+# Build architecture-independent files here.
+# Pass -i to all debhelper commands in this target to reduce clutter.
+binary-indep: build install
+ dh_testdir -i
+ dh_testroot -i
+# dh_installdebconf -i
+ dh_installdocs -i -pcrack-common doc/*
+ dh_installexamples -i extra/*
+ dh_installmenu -i
+ dh_installcron -i
+ dh_installman -i debian/Crack.8
+ cd debian/crack-common/usr/share/man/man8/ && ln -s Crack.8 Crack-Reporter.8
+ dh_installinfo -i
+ dh_installchangelogs -i
+ dh_link -i
+ dh_compress -i
+ dh_fixperms -i
+ dh_installdeb -i
+ dh_gencontrol -i
+ dh_md5sums -i
+ dh_builddeb -i
+
+# Build architecture-dependent files here.
+binary-arch: build install
+ dh_testdir -a
+ dh_testroot -a
+# dh_installdebconf -a
+ dh_installdocs -a
+ dh_installexamples -a
+ dh_installmenu -a
+# dh_installlogrotate -a
+# dh_installemacsen -a
+# dh_installpam -a
+# dh_installmime -a
+# dh_installinit -a
+ dh_installcron -a
+# dh_installman -a
+ dh_installinfo -a
+# dh_undocumented -a -A Crack.8 Crack-Reporter.8
+ dh_installchangelogs -a
+ dh_strip -a
+ dh_link -a
+ dh_compress -a
+ dh_fixperms -a
+# dh_makeshlibs -a
+ dh_installdeb -a
+# dh_perl -a
+ dh_shlibdeps -a
+ dh_gencontrol -a
+ dh_md5sums -a
+ dh_builddeb -a
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install configure
diff --git a/extra/Dictstats.pl b/extra/Dictstats.pl
index 9b8da73..5589f04 100755
--- a/extra/Dictstats.pl
+++ b/extra/Dictstats.pl
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl
+#!/usr/bin/perl
###
# This program was written by and is copyright Alec Muffett 1991,
# 1992, 1993, 1994, 1995, and 1996, and is provided as part of the
diff --git a/scripts/binstamp b/scripts/binstamp
index c8ebe68..e2fc68a 100755
--- a/scripts/binstamp
+++ b/scripts/binstamp
@@ -14,6 +14,13 @@ SYSTEM=`uname -s`
RELEASE=`uname -r`
ARCH=`uname -p || arch || uname -m`
+# For Debian we do *not* want architectures, this is handled
+# by the different packages
+if [ -f /etc/debian_version ] ; then
+ echo "debian"
+ exit 0
+fi
+
case $ARCH in
i486) ARCH=i386 ;;
x86) ARCH=i386 ;;
diff --git a/scripts/netcrack b/scripts/netcrack
index e33d26b..4720ddc 100755
--- a/scripts/netcrack
+++ b/scripts/netcrack
@@ -1,4 +1,4 @@
-: # -*- perl -*-
+#!/usr/bin/perl
###
# This program was written by and is copyright Alec Muffett 1991,
# 1992, 1993, 1994, 1995, and 1996, and is provided as part of the
diff --git a/scripts/smartcat b/scripts/smartcat
index dee87db..42af5d4 100755
--- a/scripts/smartcat
+++ b/scripts/smartcat
@@ -57,11 +57,12 @@ case $file in
echo "$0: error: ran off end of filename" 1>&2
exit 1 ;;
- *.Z)
- exec uncompress |
- $0 -backend `basename $file .Z` ;;
+# *.Z)
+# Gnu's gzip can also umcompress .Z files
+# exec uncompress |
+# $0 -backend `basename $file .Z` ;;
- *.z)
+ *.z|*.ZZ)
( gzip -d || ( cat >$PCATF; pcat $PCATF ; rm -f $PCATF ) ) 2>/dev/null |
$0 -backend `basename $file .z` ;;
diff --git a/src/libdes/stcmuMmo b/src/libdes/stcmuMmo
new file mode 100644
index 0000000..8b277f0
--- /dev/null
+++ b/src/libdes/stcmuMmo
@@ -0,0 +1 @@
+!<arch>
diff --git a/src/util/Makefile b/src/util/Makefile
index 71f7817..ebe0e2a 100644
--- a/src/util/Makefile
+++ b/src/util/Makefile
@@ -1,6 +1,6 @@
###
# This program was written by and is copyright Alec Muffett 1991,
-# 1992, 1993, 1994, 1995, and 1996, and is provided as part of the
+# 1992, 1993, 1994, 1995, 1996 & 1997, and is provided as part of the
# Crack v5.0 Password Cracking package.
#
# The copyright holder disclaims all responsibility or liability with
@@ -15,7 +15,6 @@ CC= $(XCC)
XLIB=$(XDIR)/libc5.a $(XLIBS)
EXE= $(XDIR)/dawg \
- $(XDIR)/dictfilt \
$(XDIR)/kickdict \
$(XDIR)/cracker
@@ -42,21 +41,25 @@ $(XDIR)/cracker: cracker.c $(XLIB)
$(XDIR)/stdlib-cracker: cracker.c $(XLIB)
$(CC) $(CFLAGS) -c elcid.c
$(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB)
+ $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB)
date > $@
$(XDIR)/libdes-cracker: cracker.c $(XLIB)
$(CC) $(CFLAGS) -c elcid.c
$(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../libdes/libdes.a
+ $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB) ../libdes/libdes.a
date > $@
$(XDIR)/ufc-cracker: cracker.c $(XLIB)
$(CC) $(CFLAGS) -DINITDES -DFCRYPT -c elcid.c
$(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../ufc-crypt/libufc.a
+ $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB) ../ufc-crypt/libufc.a
date > $@
$(XDIR)/gnu-cracker: cracker.c $(XLIB)
$(CC) $(CFLAGS) -c elcid.c
$(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../crypt/libufc.a
+ $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB) ../crypt/libufc.a
date > $@
#------------------------------------------------------------------
@@ -64,13 +67,7 @@ $(XDIR)/gnu-cracker: cracker.c $(XLIB)
$(XDIR)/dawg: dawg.c $(XLIB)
$(CC) $(CFLAGS) -o $(XDIR)/dawg dawg.c $(XLIB)
rm -f $(XDIR)/xdawg
- ln $(XDIR)/dawg $(XDIR)/xdawg
-
-#------------------------------------------------------------------
-
-# don't you just love dependency graphs?
-$(XDIR)/dictfilt: dictfilt.c $(XLIB) $(XDIR)/cracker
- $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB)
+ ln -s dawg $(XDIR)/xdawg
#------------------------------------------------------------------
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/crack.git
More information about the forensics-changes
mailing list