Crack (password checking program)
Crack is a program used to guess passwords on Unix and UNIX-like systems. It was written by Alec Muffett in 1991 and is now in version 5.0.
Crack uses a /etcpasswd file contained in the directory , which normally contained the passwords in encrypted form. Crack guesses the passwords and looks for login names that use a weak password. Dictionaries can also be used to B. Using words from certain subject areas ( dictionary attack ).
This attack can occur because the passwd file must be readable for the login shell.
Since password shadowing is used on most UNIX systems today , this program has lost its effectiveness in this area, since the shadow file is not readable by all users and therefore cannot be copied.
The shadow file is also in /etc, but cannot be read by the login shell because the corresponding rights do not exist. Shadowing is made possible by a suite of programs that read the password belonging to the user name from the shadow file and pass it on to the login shell. This increases the security when logging in.
Programs like Crack are also used by administrators to avoid weak passwords when changing user passwords. This program runs in the background and checks the newly entered passwords. B. appear in a dictionary. If this is the case, you will be asked to enter a different password.