diff contrib/splice3/LINUX/manual @ 626:ed8cff39b9a7 draft

added splice3 to resdb/contrib
author d3v11 <d3v11@d3v11.ano>
date Fri, 23 Sep 2011 00:12:08 -0500
parents
children bd1f56c22102
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/contrib/splice3/LINUX/manual	Fri Sep 23 00:12:08 2011 -0500
@@ -0,0 +1,784 @@
+.TH splice3 "1" "sep 2011" "splice3" "Brute Force Utilities"
+.SH
+NAME
+splice3 - manual page for splice3
+
+.SH
+DESCRIPTION
+
+Brute Force Utilities For The Linux Shell.
+
+.SH
+OPTIONS
+-h, --help show the help message and exit
+
+-c, Parse passwords to this command
+.br
+Command must contain regexp PASSWORD.
+.br
+splice3 -c"command PASSWORD"
+
+-d Path to custom dictionary(wordlist)
+.br
+splice3 -d"/home/user/wordlist"
+.br
+If this option is unset then splice3
+.br
+will use its default dictionary.
+
+--rtfm Show manual page and exit
+
+-r Path to restore file
+.br
+splice3 -r"/home/user/splice3.save"
+.br
+DO NOT USE MODIFIED OR NON-SPLICE
+.br
+SAVE FILES.
+
+-s Directory path to create save file
+.br
+splice3 -s"/home/user"
+
+-t Test output of -c's command
+.br
+splice3 -t"All OK"
+
+--time Manipulate timed iterations
+.br
+splice3 can pause its attack for 
+.br
+a specified amount of seconds per
+.br
+every specified amount of iterations.
+.br
+splice3 --time="12, 360"
+.br
+The above will tell splice3 to pause
+.br
+360 seconds after trying every 12 passwords.
+
+-u Path to username list
+.br
+splice3 -u"/home/user/userlist"
+.br
+If you use this command the regexp
+.br
+`USERNAME' will be required in the
+.br
+given -c command. See -c flag for
+.br
+details.
+
+.br
+--exh-l Use an exhaustive attack with letters only
+
+.br
+--exh-n Use an exhaustive attack with numbers only
+
+.br
+--exh-s Use an exhaustive attack with special characters only
+
+.br
+--exh-ln Use an exhaustive attack with letters and numbers only
+
+.br
+--exh-ls Use an exhaustive attack with letters and special
+.br
+characters only
+
+.br
+--exh-ns Use an exhaustive attack with numbers and special
+.br
+characters only
+
+--exh-lns Use an exhaustive attack with all characters
+
+--exh-custom Use an exhaustive attack with custom characters
+.br
+splice3 --exh-custom='character list'
+
+--stdout Print only passwords to stdout
+
+-A Use alphabetical mixing module
+
+-B Use backwards module
+
+-C Use alternating caps module
+
+-L Use "L337" speak module
+
+-M Use MD5 module
+
+-N Use numerical mixing module
+
+-R Use regular words module
+
+-S Use special mixing module
+
+-U Use custom mixing module
+.br
+splice3 -U"/home/user/list"
+
+--wep-5 Use 5 char WEP module
+.br
+splice3 will strip 5 char words
+.br
+from the dictionary and convert
+.br
+them to WEP compatible passwords.
+
+--wep-13 Use 13 char WEP module
+.br
+splice3 will strip 13 char words
+.br
+from the dictionary and convert
+.br
+them to WEP compatible passwords.
+
+--letters Use letter characters
+
+--numbers Use number characters
+
+--specials Use special characters
+
+--no-char Override character usage
+
+--custom Use custom characters
+.br
+splice3 --custom="/home/user/list"
+
+--deshadow Crack shadow hash sums
+
+--getshadow Get the shadow info for a user
+.br
+splice3 --getshadow="username"
+.br
+See deshadow below for details.
+
+--setshadow Use the shadow info from a file
+.br
+splice3 --setshadow="/home/user/shadow"
+.br
+See deshadow below for details.
+
+--se-create a weird modular dictionary option.
+.br
+splice3 will create concatenated words from
+.br
+dictionary as "splice3.se" and then load
+.br
+it with selected modules.
+
+--create Create a dictionary and exit. splice3
+.br
+will create a dictionary with a user
+.br
+selected wordlist and the selected 
+.br
+Modules. The new dictionary will be
+.br
+created in your current directory as
+.br
+splice3.create
+
+-v, --version Show splice3's version number and exit
+
+--debug Enable debugging
+.br
+Allows debugging and traceback reporting from splice3.
+
+.SH
+DICTIONARIES
+
+splice3 comes equipped with its own dictionary but is
+.br
+designed to use custom dictionaries as well. The
+.br
+dictionary should be in the following format: a plain
+.br
+text file with one word per line, no spaces between
+.br
+words, letters only. You do not have to follow the
+.br
+above guideline exactly but it is strongly suggested.
+.br
+IE:
+
+============= NOT ACTUAL LINE ON FILE ===============
+.br
+qwerty
+.br
+john
+.br
+linux
+.br
+newpass
+.br
+princess
+.br
+hacker
+.br
+============= NOT ACTUAL LINE ON FILE ===============
+
+.SH
+USERNAMES
+
+splice3 is capable of cycling through usernames as it
+.br
+would a dictionary. There is no default username list
+.br
+on splice3. The username list should be in the 
+.br
+following format: a plain text file with one word per 
+.br
+line, no spaces between words, letters only. You do 
+.br
+not have to follow the above guideline exactly but it
+.br
+is strongly suggested.
+.br
+IE:
+
+============= NOT ACTUAL LINE ON FILE ===============
+.br
+john
+.br
+admin
+.br
+root
+.br
+david
+.br
+fred
+.br
+============= NOT ACTUAL LINE ON FILE ===============
+
+.SH
+SAVING AND RESTORING
+
+splice3 is capable of restarting where it was stopped
+.br
+by using the -r switch followed by the full path to
+.br
+a splice3.save file. DO NOT modify these files or
+.br
+splice3 may receive an error or not load at all. 
+.br
+When restoring, if you set the -t switch you must
+.br
+manually set it again or splice3 will not test for
+.br
+specified output. If saving splice3's status, then
+.br
+splice3 will save to the specified directory as
+.br
+splice3.save. If splice3.save already exists it will
+.br
+be overwritten so change the name of any original
+.br
+copies if you want to keep them. If saving a splice3
+.br
+session you should stop the process using the
+.br
+appropriate terminal feature before killing splice3
+.br
+to avoid corrupting the save file.
+
+-s "/path/to/save/directory/"
+
+-r "/path/to/splice3.save/"
+.SH
+MODULES
+
+-A -B -C -L -M -N -R -S -U --wep-5 --wep-13
+.br
+splice3 comes equipped with several modules that mangle
+.br
+the words in the selected dictionary to create probable
+.br
+password combinations. You may use as many of these
+.br
+modules as you want. Some modules can take a few or more
+.br
+minutes to enhance a dictionary depending on the size
+.br
+of the selected dictionary.
+
+-A Alphabetical Mixing Module:
+.br
+This module puts several combinations of alphabet
+.br
+characters inside the words in the selected
+.br
+dictionary. IE:
+
+pZassword
+.br
+pCatssword
+.br
+passworKd
+.br
+passwoJrLd
+.br
+...
+
+-B Backwards Module:
+.br
+This module creates backwards words from the
+.br
+selected dictionary. IE:
+
+drowssap
+.br
+...
+
+-C Capitalization Module:
+.br
+This module recreates the words in the selected
+.br
+dictionary with alternating capitalizations.
+.br
+IE:
+ 
+Password
+.br
+PAssword
+.br
+PaSsWoRd
+.br
+pAsSwOrD
+.br
+passwoRD
+.br
+...
+
+-L L337 Speak Module:
+.br
+This module converts the words in the selected
+.br
+dictionary to several versions of "l337 speak".
+.br
+IE:
+
+p4ssword
+.br
+p455w0rd
+.br
+pa5sword
+.br
+ps@$$word
+.br
+...
+ 
+-N Numerical Mixing Module:
+.br
+This module puts several combinations of number
+.br
+characters inside the words in the selected
+.br
+dictionary. IE:
+
+p2assword
+.br
+p5a8ssword
+.br
+passwor0d
+.br
+passwo6r9d
+.br
+...
+
+-R Regular Words Module:
+.br
+This module tells splice3 to use the words in a
+.br
+selected dictionary as they are listed.
+
+
+-S Special Mixing Module:
+.br
+This module puts several combinations of special
+.br
+characters inside the words in the selected
+.br
+dictionary. IE:
+
+p!assword
+.br
+p@a$ssword
+.br
+passwor(d
+.br
+passwo-r+d
+.br
+...
+
+-U Custom Mixing Module:
+.br
+This module puts several combinations of user
+.br
+selected characters inside the words from the
+.br
+selected character list. IE:
+
+p!assword
+.br
+p@a$ssword
+.br
+passwor(d
+.br
+passwo-r+d
+.br
+...
+
+-U's list should only contain one character per
+.br
+line on a plain text file. If you select this
+.br
+module then modules -A, -N, -S will be ignored.
+.br
+IE:
+
+============= NOT ACTUAL LINE ON FILE ===============
+.br
+j
+.br
+1
+.br
+@
+.br
+0
+.br
+z
+.br
+============= NOT ACTUAL LINE ON FILE ===============
+
+If -A, -N, and/or -S options are selected then
+.br
+the modules will be combined. IE:
+
+pZa!ssword
+.br
+p0atssword
+.br
+passwor7d
+.br
+passwo*rLd
+.br
+...
+
+-M MD5 Module:
+.br
+This module generates md5 hash sums for
+.br
+words listed in the selected dictionary.
+.br
+IE:
+
+5912d7bfd10f631f1715bf85bbb72d97
+.br
+966e8fda594333563c02fa4b69765a5e
+.br
+900bc885d7553375aec470198a9514f3
+.br
+97f014516561ef487ec368d6158eb3f4
+.br
+...
+
+
+--wep-* WEP Modules:
+.br
+these two modules strip 5 or 13 character
+.br
+words from the selected dictionary and produce
+.br
+WEP compatible hex passwords.
+
+.SH
+CHARACTERS 
+
+splice3 appends alternating character tags to the beginning
+.br
+and/or ending of each password. By default splice3 will use
+.br
+all standard keyboard characters but you can choose to use
+.br
+specific combinations. If one or more of the following
+.br
+options is omitted then only the selected options will be
+.br
+used ; they will be combined.
+
+--letters Use letter characters
+.br
+Apassword
+.br
+passwordA
+.br
+abCpassword
+.br
+passwordxYz
+.br
+...
+
+--numbers Use numbers characters
+.br
+1password
+.br
+password1
+.br
+123password
+.br
+password098
+.br
+...
+
+--specials Use specials characters
+.br
+$password
+.br
+password^
+.br
+%)!password
+.br
+password#*@
+.br
+...
+
+--custom Use custom characters from a list
+.br
+$password
+.br
+password^
+.br
+%)!password
+.br
+password#*@
+.br
+...
+
+--custom list should only contain one character per
+.br
+line on a plain text file. If you select this
+.br
+module then other character flags will be ignored.
+.br
+If the custom list matches the selected dictionary
+.br
+then splice3 will run in exhaustive mode.
+.br
+IE:
+
+============= NOT ACTUAL LINE ON FILE ===============
+.br
+j
+.br
+1
+.br
+@
+.br
+0
+.br
+z
+.br
+============= NOT ACTUAL LINE ON FILE ===============
+
+--letters, --numbers, and/or --specials
+.br
+Apassword6&
+.br
+7passwordA
+.br
+a*Cpassword9
+.br
+a}password0Yz
+.br
+...
+
+.SH
+DESHADOW
+
+splice3 comes with its own small program to compare a created hash
+.br
+sum, those found in /etc/shadow with an existing one given through
+.br
+user input. When using the deshadow option you will need to set
+.br
+exactly one of the --getshadow or --setshadow options. There is no
+.br
+need to use the -c CMD or the -t TEST flags when using this option
+.br
+because the values for each will be preset.
+
+--getshadow Get the shadow info for a user
+.br
+see examples below for usage details.
+
+--setshadow Use the shadow info from a file. This file should be
+.br
+in plain text and contain only one line with the
+.br
+following syntax:
+
+============= NOT ACTUAL LINE ON FILE ===============
+.br
+$HashingMethod$SaltValue$ActualHashItself
+
+============= NOT ACTUAL LINE ON FILE ===============
+
+If you need to see an example Shadow entry you may
+.br
+use the following command:
+
+cat /etc/shadow | grep -i "$USER"
+
+.SH
+EXHAUSTIVE
+
+splice3 is capable of mounting a standard exhaustive attack.
+.br
+An exhaustive attack is a sure\-fire method to crack any
+.br
+password but this can also take large amounts of time
+.br
+depending on the length of a password. If it's necessary to
+.br
+use an exhaustive bruteforcing algorithm you may do so with
+.br
+one of the following options:
+
+--exh-l
+.br
+This attack uses only letters.
+
+--exh-n
+.br
+This attack uses only numbers.
+
+--exh-s
+.br
+This attack uses only special characters.
+
+--exh-ln
+.br
+This attack uses only letters and numbers.
+
+--exh-ls
+.br
+This attack uses only letters and special characters.
+
+--exh-ns
+.br
+This attack uses only numbers and special characters.
+
+--exh-lns
+.br
+This attack uses all characters.
+
+.SH
+STDOUT
+
+splice3 has the option to skip the command and test flags
+.br
+and print only the created passwords to stdout. This is a
+.br
+useful flag if you're going to pipe the output to stdin
+.br
+on another program.
+
+--stdout
+.br
+The output will look similar to the following:
+.br
+password
+.br
+qwerty
+.br
+123magick
+.br
+newpass
+.br
+john1965
+
+.SH
+REGEXP
+
+splice3 can create some regexp type functions
+.br
+using existing options:
+
+splice3 --command='echo onePASSWORDthree' --test='onetwothree' --exh-l
+
+splice3 -c 'echo johnPASSWORD65' --test='john1965' --exh-custom='MyList.txt'
+
+splice3 --command='echo ilovePASSWORD' -R --no-char --test='iloveqwerty'
+
+you may also want to see --se-create for more specific attacks.
+
+.SH
+CONTROLS
+
+splice3 contains some options worth going over again.
+
+--command='<insert command> PASSWORD' #must contain regexp 'PASSWORD'
+
+--time='10, 1' #timed iterations
+
+--custom='file.txt', -U 'file.txt', --dictionary='file.txt', 
+.br
+--exh-custom='file.txt' #custom wordlists and/or character lists
+
+--no-char #useful flag to only use the generated wordlist
+.br
+#no characters will be appended to the passwords
+
+--stdout #prints only passwords
+
+--debug #helps to troubleshoot
+
+.SH
+EXAMPLES
+
+splice3 -c"unrar -pPASSWORD t file.rar" -t"All OK" -ACLNRS
+
+splice3 -c"sshpass -pPASSWORD ssh user@host" -d"wordlist" -L
+
+splice3 -c"smbclient -L 192.168.1.0 -Uusername%PASSWORD" -L
+
+splice3 --deshadow --getshadow="root" -ACLNRS
+
+splice3 --deshadow --setshadow="/home/user/shadow.txt" -ACLNRS
+
+splice3\\
+.br 
+--command='echo PASSWORD | aircrack-ng -b 00:11:22:33:44:55 -w - *.cap'\\
+.br
+--wep-5 --wep-13 --no-char --dictionary='MyWords.txt'\\
+.br
+--test='KEY FOUND'
+
+splice3 -c"curl --user <user[:PASSWORD]> https://www.example.com" -R
+
+.SH
+LICENSE
+
+This program is free software: you can redistribute it and/or modify
+.br
+it under the terms of the GNU General Public License as published by
+.br
+the Free Software Foundation, either version 3 of the License, or
+.br
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+.br
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+.br
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+.br
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+.br
+along with this program.  If not, see <http://www.gnu.org/licenses/>.