cd to your install directory

-bash-3.00#cd /usr/local/cpan

unpack the archive

-bash-3.00# gunzip crack5.0.tar.gz
-bash-3.00# tar xvf crack5.0.tar
x c50a, 0 bytes, 0 tape blocks
x c50a/conf, 0 bytes, 0 tape blocks
x c50a/conf/dictrun.conf, 3445 bytes, 7 tape blocks
x c50a/conf/rules.weird, 83 bytes, 1 tape blocks

cd to the c50a directory

-bash-3.00#cd c50a

compile crack

-bash-3.00#./Crack -makeonly

……output omitted…..

….Crack: makeonly done

Make the dictionary file

-bash-3.00# ./Crack -makedict
Crack 5.0a: The Password Cracker.
(c) Alec Muffett, 1991, 1992, 1993, 1994, 1995, 1996
System: SunOS turkey 5.10 Generic_137137-09 sun4u sparc SUNW,Sun-Blade-
Home: /usr/local/cpan/c50a
Invoked: ./Crack -makedict
Option: -makedict enabled
Stamp: sunos-5-sparc

Crack: making utilities in run/bin/sunos-5-sparc
find . -name “*~” -print | xargs -n50 rm -f
( cd src; for dir in * ; do ( cd $dir ; make clean ) ; done )
make[1]: Entering directory `/usr/local/c50a/src/lib’
rm -f dawglib.o debug.o rules.o stringlib.o *~
make[1]: Leaving directory `/usr/local/c50a/src/lib’
make[1]: Entering directory `/usr/local/c50a/src/libdes’
/bin/rm -f *.o tags core rpw destest des speed libdes.a .nfs* *.old
*.bak destest rpw des speed
make[1]: Leaving directory `/usr/local/c50a/src/libdes’
make[1]: Entering directory `/usr/local/c50a/src/util’
rm -f *.o *~
make[1]: Leaving directory `/usr/local/c50a/src/util’
make[1]: Entering directory `/usr/local/c50a/src/lib’
make[1]: `../../run/bin/sunos-5-sparc/libc5.a’ is up to date.
make[1]: Leaving directory `/usr/local/c50a/src/lib’
make[1]: Entering directory `/usr/local/c50a/src/util’
all made in util
make[1]: Leaving directory `/usr/local/c50a/src/util’
Crack: making dictionary groups, please be patient…
doing group 1…
doing group 2…
doing group 3…
mkdictgrps: uniq’ing dictionary groups…
group 1 and 2…
group 1 and 3…
mkdictgrps: compressing dictionary groups…
Crack: Created new dictionaries…
Crack: makedict done
-bash-3.00#

Crack works best if the password files /etc/passwd and /etc/shadow are both used as source data.
Crack provides a script to join these files for you.

-bash-3.00#cd /usr/local/c50a
-bash-3.00# scripts/shadmrg.sv >passwords

Run the crack tool to test the passwords

-bash-3.00# ./Crack passwords
Crack 5.0a: The Password Cracker.
(c) Alec Muffett, 1991, 1992, 1993, 1994, 1995, 1996
System: SunOS turkey 5.10 Generic_137137-09 sun4u sparc SUNW,Sun-Blade-100
Home: /usr/local/c50a
Invoked: ./Crack passwords
Stamp: sunos-5-sparc

Crack: making utilities in run/bin/sunos-5-sparc
find . -name “*~” -print | xargs -n50 rm -f
( cd src; for dir in * ; do ( cd $dir ; make clean ) ; done )
make[1]: Entering directory `/usr/local/c50a/src/lib’
rm -f dawglib.o debug.o rules.o stringlib.o *~
make[1]: Leaving directory `/usr/local/c50a/src/lib’
make[1]: Entering directory `/usr/local/c50a/src/libdes’
/bin/rm -f *.o tags core rpw destest des speed libdes.a .nfs* *.old
*.bak destest rpw des speed
make[1]: Leaving directory `/usr/local/c50a/src/libdes’
make[1]: Entering directory `/usr/local/c50a/src/util’
rm -f *.o *~
make[1]: Leaving directory `/usr/local/c50a/src/util’
make[1]: Entering directory `/usr/local/c50a/src/lib’
make[1]: `../../run/bin/sunos-5-sparc/libc5.a’ is up to date.
make[1]: Leaving directory `/usr/local/c50a/src/lib’
make[1]: Entering directory `/usr/local/c50a/src/util’
all made in util
make[1]: Leaving directory `/usr/local/c50a/src/util’
Crack: The dictionaries seem up to date…
Crack: Sorting out and merging feedback, please be patient…
Crack: Merging password files…
Crack: Creating gecos-derived dictionaries
mkgecosd: making non-permuted words dictionary
mkgecosd: making permuted words dictionary
Crack: launching: cracker -kill run/Kbitmind.3820
Done

Crack does not show any output in the terminal but writes the data to a file.
To view the results run the reporter command

-bash-3.00# ./Reporter -quiet
—- passwords cracked as of Tuesday, January 27, 2009 5:56:29 PM PST —-

1233107713:Guessed barney [barney] [passwords /bin/sh]
1233107713:Guessed barney [barney] [passwords /bin/sh]
1233107713:Guessed fred [fred] [passwords /bin/sh]
1233107713:Guessed fred [fred] [passwords /bin/sh]
1233107713:Guessed groucho [groucho] [passwords /bin/sh]
1233107713:Guessed groucho [groucho] [passwords /bin/sh]
1233107750:Guessed bob [b0bb0b] Bob [passwords /usr/bin/ksh]
1233107750:Guessed bob [b0bb0b] Bob [passwords /usr/bin/ksh]

—- done —-

Run crack against the /etc/shadow file and view the results

-bash-3.00# ./Crack /etc/shadow
Crack 5.0a: The Password Cracker.
(c) Alec Muffett, 1991, 1992, 1993, 1994, 1995, 1996
System: SunOS turkey 5.10 Generic_137137-09 sun4u sparc SUNW,Sun-Blade-100
Home: /usr/local/cpan/c50a
Invoked: ./Crack /etc/shadow
Stamp: sunos-5-sparc
…..

Run the reporter command to see progress.

-bash-3.00# ./Reporter -quiet
—- passwords cracked as of Tuesday, January 27, 2009 6:01:59 PM PST —-

1233107713:Guessed barney [barney] [passwords /bin/sh]
1233107713:Guessed barney [barney] [passwords /bin/sh]
1233107713:Guessed fred [fred] [passwords /bin/sh]
1233107713:Guessed fred [fred] [passwords /bin/sh]
1233107713:Guessed groucho [groucho] [passwords /bin/sh]
1233107713:Guessed groucho [groucho] [passwords /bin/sh]
1233107750:Guessed bob [b0bb0b] Bob [passwords /usr/bin/ksh]
1233107750:Guessed bob [b0bb0b] Bob [passwords /usr/bin/ksh]

—- done —-

Stop the Crack tool by using the command

# scripts/plaster
#make tidy

The Crack tool will test your system to see how secure your passwords are before someone else does.
There are 7 layers to the Orange book.
Officially known as the TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA (TCSEC)
A – verified protection
B – mandatory protection
C – discretionary protection
D – minimal security

D is described as your everyday personal PC minimal protection is in place out of the box.
C1 is a typical out of the box UNIX OS
C2 is Solaris 10 running the BSM [ Basic Security Model ]
B1 – A is a Trusted Solaris 8 OS