Re: PPP authentication brute-force attack?

["Nikhil Wagholikar" <visitnikhil () gmail com>]

Hello Matheus,

Sandstrom Enterprise's PhoneSweep is a tool for performing Brute force
attack against a PPP authentication server.

More Information: http://www.sandstorm.net/products/phonesweep/
PhoneSweep FAQ: http://www.sandstorm.net/products/phonesweep/generalfaq.php

---
NIKHIL WAGHOLIKAR
Information Security Analyst
NII Consulting
Web: http://www.niiconsulting.com/
Security Products: http://www.niiconsulting.com/products.html


On 2/11/08, Matheus Michels <matheusf_michels () hotmail com> wrote:
> Does anybody know a tool to perform brute force or dictionary attacks against a PPP (PAP and/or CHAP) authentication 
> server? Yes, I'm very familiar with Hydra, but neither it nor Medusa have support for PPP.
>
> I know that such a tool would actually call pppd to perform the attack. So, I even tried to write a shell script to 
> read passwords from a file and call pppd for each one, but as I'm a very bad programmer I could not make nothing 
> useful :(
>
> In my case, I'm trying to audit an PPPoE PAP server.
>
> _________________________________________________________________
> Connect and share in new ways with Windows Live.
> http://www.windowslive.com/share.html?ocid=TXT_TAGHM_Wave2_sharelife_012008
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------