Crack is a password
guessing program for Unix that is designed to
locate insecure passwords. It works by scanning the password file,
checking for passwords which match a long list of insecure
patterns, such as login
names used on the system or words in the
. It can also detect passwords created by a simple
of a dictionary word, such as reversing it or adding a
number on the end.
Crack can work with unusual password encryption algorithms, or with
a password database managed by NIS (just ypcat the database to a
file and run Crack on the file). It is also possible for the sysadmin
to modify Crack's dictionaries or transformation rules. Typically
Crack is left running in the background at low priority, but it can
also be set up to run only during certain hours, or paused and
restarted manually by the sysadmin.